ThomasHall
Dabbler
- Joined
- Jun 5, 2019
- Messages
- 14
I'm not overly experienced with TrueNAS CORE or FreeBSD in general and the days when I used Linux systems was long ago, so I could use some advice in how to set up my file server.
The scenario is this: I have a new file server equipped with 2x16TB HDDs and a 2TB SSD, in addition to 2 SSDs for the TrueNAS installation and various system stuff like jails respectively. It's running a fresh installation of TrueNAS CORE 13.0 U5.3. My goal is to use the server for two purposes: as an external drive for my Windows desktop, and as a torrent server using Deluge (it's not going to be overly utilized for that, but I want the option). My plan is to have 2 separate pools, the first using the HDDs where I'll store my files and the second the SSD where Deluge will do its thing. Deluge will run in a jail and will only have R/W access to the SSD, while my desktop is going to have R/W access to both. In the future, I would also like to be able to give R access to other devices to certain parts of the storage, but still let my desktop have full control of it and making it look like it's just part of the folder structure.
What I've done so far is to create the pools ("Downloads" and "Store"), as well as a dataset for each (also called "Downloads" and "Store", not sure if that's a bad idea). Under the Store dataset, I've created an additional 2 datasets ("Music" and "Video"). I've also created 2 groups (again with the creative names "Downloads" and "Store"), and 2 users ("deluge" and "desktop"). The deluge user has password login disabled is assigned the primary group Downloads and auxiliary groups builtin_users which it did by itself. The desktop user has Store as primary group and Downloads+builtin_users as aux groups. Samba authentication is enabled for both users and groups, not sure if that matters. On the storage pools, I've added an ACL for each dataset and their respective group (e.g. Downloads dataset got an ACL to allow the Downloads group). I have not done anything special for the music and video datasets yet, so they are basically identical to the parent store dataset with the same ACL. I have some ideas about maybe opening up the music share to the outside world so I can stream music away from home, and maybe creating some sort of media server that would be able to access the video and music files, but that's on hold until later so it's limited to just my desktop for now. In the long run, I'd create groups and users for those functions as well.
For Deluge, I've created a jail and installed Deluge in it. After a bit of a rough start, I think I finally got it working, with the daemon running as a "deluge" user I created in the jail with the same ID as the deluge user created in TrueNAS. Much of this I stole from a guide, with a few adaptations to get it working on the points that failed. The web UI works and I can interact with it, setting download paths etc.
Finally, I've set up Samba shares called "Downloads" and "Store" and mapped them to the paths "/mnt/Downloads" and "/mnt/Store" respectively. From my computer, I can go to "\\<TrueNAS IP\" and log in with the desktop user, and I see the shares and can browse them, and can also create and edit files there or on the server, and they show up on both ends. So far so good.
So here are my questions.
1) When I look at the paths generated, what I see is e.g. "/mnt/Store/Store/Music", and likewise on my computer with "\\<IP>\Store\Store\Music". While I suppose this is not the end of the world, it's somewhat annoying and I'm wondering how to avoid it. I assume it's because I have Pool (Store) > Dataset (Store) > Dataset (Store) > Dataset (Music), and I should remove one of those datasets, but if I do then TrueNAS tells me that I can't edit permissions for the root dataset. I feel like I'm being stupid here and I'm overlooking something obvious, but how would I go about fixing that? I mean, I would like to be able to set permissions on the root dataset to restrict it to specific users. I guess I could just mount it one level down on my computer and I wouldn't have to see it, but I'd rather understand what I'm doing wrong so it doesn't causes more issues down the line.
2) I'm having trouble with getting the jail to use my Downloads dataset, which is where I want it to, you know, download everything. I've set up a mount point for the jail using the source "/mnt/Downloads/Downloads" and the target "/mnt/System/iocage/jails/Deluge/root/mnt", with the result being that going to "/mnt/" inside the jail yields nothing whatsoever. Using the source "/mnt/Downloads" instead will give me a Downloads folder in there, but it seems to be entirely disconnected from the actual storage pool, and creating files in there will not show up anywhere else, and likewise files created in the pool will not show up in the jail. Obviously something is not working properly, but I don't know what. I'm not all that familiar with jails and how the permissions work with them, so my guess would be something related to that, but I wouldn't know what to do about it.
3) Setting aside the two previous problems, is my overall approach to this at all reasonable, or should I do it in some entirely different way? Like I said, I've got limited experience with FreeBSD rights and user management, so I wouldn't be surprised if I'm way off base here.
The scenario is this: I have a new file server equipped with 2x16TB HDDs and a 2TB SSD, in addition to 2 SSDs for the TrueNAS installation and various system stuff like jails respectively. It's running a fresh installation of TrueNAS CORE 13.0 U5.3. My goal is to use the server for two purposes: as an external drive for my Windows desktop, and as a torrent server using Deluge (it's not going to be overly utilized for that, but I want the option). My plan is to have 2 separate pools, the first using the HDDs where I'll store my files and the second the SSD where Deluge will do its thing. Deluge will run in a jail and will only have R/W access to the SSD, while my desktop is going to have R/W access to both. In the future, I would also like to be able to give R access to other devices to certain parts of the storage, but still let my desktop have full control of it and making it look like it's just part of the folder structure.
What I've done so far is to create the pools ("Downloads" and "Store"), as well as a dataset for each (also called "Downloads" and "Store", not sure if that's a bad idea). Under the Store dataset, I've created an additional 2 datasets ("Music" and "Video"). I've also created 2 groups (again with the creative names "Downloads" and "Store"), and 2 users ("deluge" and "desktop"). The deluge user has password login disabled is assigned the primary group Downloads and auxiliary groups builtin_users which it did by itself. The desktop user has Store as primary group and Downloads+builtin_users as aux groups. Samba authentication is enabled for both users and groups, not sure if that matters. On the storage pools, I've added an ACL for each dataset and their respective group (e.g. Downloads dataset got an ACL to allow the Downloads group). I have not done anything special for the music and video datasets yet, so they are basically identical to the parent store dataset with the same ACL. I have some ideas about maybe opening up the music share to the outside world so I can stream music away from home, and maybe creating some sort of media server that would be able to access the video and music files, but that's on hold until later so it's limited to just my desktop for now. In the long run, I'd create groups and users for those functions as well.
For Deluge, I've created a jail and installed Deluge in it. After a bit of a rough start, I think I finally got it working, with the daemon running as a "deluge" user I created in the jail with the same ID as the deluge user created in TrueNAS. Much of this I stole from a guide, with a few adaptations to get it working on the points that failed. The web UI works and I can interact with it, setting download paths etc.
Finally, I've set up Samba shares called "Downloads" and "Store" and mapped them to the paths "/mnt/Downloads" and "/mnt/Store" respectively. From my computer, I can go to "\\<TrueNAS IP\" and log in with the desktop user, and I see the shares and can browse them, and can also create and edit files there or on the server, and they show up on both ends. So far so good.
So here are my questions.
1) When I look at the paths generated, what I see is e.g. "/mnt/Store/Store/Music", and likewise on my computer with "\\<IP>\Store\Store\Music". While I suppose this is not the end of the world, it's somewhat annoying and I'm wondering how to avoid it. I assume it's because I have Pool (Store) > Dataset (Store) > Dataset (Store) > Dataset (Music), and I should remove one of those datasets, but if I do then TrueNAS tells me that I can't edit permissions for the root dataset. I feel like I'm being stupid here and I'm overlooking something obvious, but how would I go about fixing that? I mean, I would like to be able to set permissions on the root dataset to restrict it to specific users. I guess I could just mount it one level down on my computer and I wouldn't have to see it, but I'd rather understand what I'm doing wrong so it doesn't causes more issues down the line.
2) I'm having trouble with getting the jail to use my Downloads dataset, which is where I want it to, you know, download everything. I've set up a mount point for the jail using the source "/mnt/Downloads/Downloads" and the target "/mnt/System/iocage/jails/Deluge/root/mnt", with the result being that going to "/mnt/" inside the jail yields nothing whatsoever. Using the source "/mnt/Downloads" instead will give me a Downloads folder in there, but it seems to be entirely disconnected from the actual storage pool, and creating files in there will not show up anywhere else, and likewise files created in the pool will not show up in the jail. Obviously something is not working properly, but I don't know what. I'm not all that familiar with jails and how the permissions work with them, so my guess would be something related to that, but I wouldn't know what to do about it.
3) Setting aside the two previous problems, is my overall approach to this at all reasonable, or should I do it in some entirely different way? Like I said, I've got limited experience with FreeBSD rights and user management, so I wouldn't be surprised if I'm way off base here.
