Back to Docs Hub
Welcome to the TrueNAS CORE UI Reference Guide!
This document shows and describes each screen and configurable option contained within the TrueNAS web interface. The document is arranged in a parallel manner to the TrueNAS web interface, beginning with the top panel and then descending through each option displayed in the web interface left side menu. To display this document in a linear HTML format, export it to PDF, or physically print it, please select ⎙ Download or Print.
Across the top row are links to outside resources and buttons to control the system.
The options described from left to right:
The logo in the upper-left corner shows the installed TrueNAS software. Clicking the image takes you to the system Dashboard.
The next two buttons control how the side menu displays. Click the (menu icon) to hide or show the entire left side panel. Click the (chevron left icon) to collapse the left side panel to shortcut icons or expand to show icons and text.
Click the iXsystems logo to open the iXsystems corporate website in a new browser tab.
The remaining icons in the top menu show various statuses. They also provide system options.
The icon next to the iXsystems logo shows TrueCommand Cloud connection options. Clicking the icon shows options for signing up for TrueCommand Cloud. It also displays options for connecting/disconnecting from TrueCommand Cloud. When the system is not connected to TrueCommand Cloud the options are not available. The icon appears but is gray in color.
TrueNAS Enterprise compatible hardware has a (cloud with HA text) icon that shows the current status of High Availability (HA) on the system. A checkmark () cloud icon indicates HA is functional. An on top of the cloud icon indicates HA disabled or otherwise unavailable.
The (clipboard icon) is the system Task Manager. Click the icon to show a list of running or completed TrueNAS tasks. Tasks are sortable by their success or error State, task Method, and Progress. Typing text in the Filter field shows tasks that match the characters typed into the field. Clicking an entry shows more details about that task. This includes start and end timestamps.
The (bell icon) contains system notification messages. The icon changes to when TrueNAS creates a new alert. Clicking the icon slides out a panel from the right side of the screen that lists each alert. Dismiss or reopen alerts in this panel. Dismissing an alert does not prevent it from recurring. TrueNAS might create a new alert if the alert conditions continue to exist on the system. Configure the alert system in System > Alert Settings.
The (gear icon) contains links to various system specific options.
Change Password is a shortcut for changing the administrator (root) account password. Password required to log in to the TrueNAS web interface. Please back up or otherwise memorize the updated password when changing it.
Preferences contains theme and other visual options for the web interface:
Name | Description |
---|---|
Choose Theme | Select a preferred theme from the dropdown list. There are several built-in themes designed for light and dark modes. High contrast viewing options of the web interface are also listed. |
Prefer buttons with icons only | Select to preserve screen space using icons and tooltips instead of text labels. |
Enable Password Toggle | Select to display an eye icon next to password fields. Clicking the icon reveals the password. |
Reset Table Columns to Default | Select to reset all tables to display system default table columns. |
Retro Logo | Select to revert branding back to FreeNAS. |
Reset All Preferences to Default | Select to reset all user preferences to their default values. Preserves custom themes. |
Update Preferences | Click to save changes to the General Preferences. |
Create and manage custom themes on this screen.
The (power icon) has the options for changing the system state.
Log Out exits the web interface and shows the login screen. The system remains powered on.
Restart initiates a power cycle. The web interface closes. Discontinues power to the system which is then re-enabled. The login screen appears when the boot cycle completes.
Shut Down exits the web interface. The process to safely discontinue power to the system begins. The system remains offline until the power situation corrects.
The Task Manager displays a list of tasks performed by the TrueNAS system. It starts with the most recent. Click the assignment to open the Task Manager.
Name | Description |
---|---|
Filter | Search function to locate or filter the list for a particular running task. |
View Logs | Tasks with log file output have a View Logs button to show the log files. |
State | Column header for tasks that shows the current condition of the task. Indicates whether the task completed or is still in progress. Click State to sort by this column. |
Method | Column header for tasks that indicates both the name of the task and the method used. Click Method to sort by this column. |
Progress | Column header for tasks that indicates the progress of the the task. Measured by percentage from start to completion. Click Progress to sort by this column. |
CLOSE | Closes the Task Manager dialog. Click anywhere off the dialog or use the Esc to close this dialog. |
The Alert Notifications panel displays system alerts. It provides options to dismiss or reopen dismissed alerts on your TrueNAS.
Name | Description |
---|---|
Dismiss | Dismisses a single alert. |
Re-Open | Re-opens a recently dismissed alert. |
Dismiss All Alerts | Dismisses all alerts. |
Re-Open All Alerts | Displays at the bottom of the panel if you dismiss more than one alert. Click to re-open all dismissed alerts if they are still active. |
Level | Icon |
---|---|
Notification | |
Warning | |
Critical | |
One-shot Critical |
There are a few adjustable interface preferences. Also included is a built-in theme editor for creating your own TrueNAS color schemes.
To access user preferences, click settings > Preferences. This page has options to adjust global settings in the web interface. There are also options to manage custom themes and create new themes.
Name | Description |
---|---|
Choose Theme | Select a preferred theme from the dropdown list. Prebuilt and custom themes are visible here. |
Prefer buttons with icons only | Select checkbox to preserve screen space. Displays icons and tooltips instead of text labels. |
Enable Password Toggle | Select checkbox to make an eye icon appear next to password fields. Click the icon to reveal the password. |
Reset Table Columns to Default | Select checkbox to reset the display of all table columns as system default. |
Retro Logo | Select checkbox to revert branding back to FreeNAS. |
Reset All Preferences to Default | Select checkbox to reset all user preferences to their default values. Does not reset custom themes. |
UPDATE PREFERENCES | Cick button to apply the current checkbox settings to the web interface. |
Name | Description |
---|---|
theme name (variable) | Use checkbox to select a custom theme if listed. |
DELETE SELECTED | Click button to remove each selected custom theme from the system. |
CREATE NEW THEME | Click button to open the theme editor. |
Name | Description |
---|---|
Load colors from existing theme | Select the theme option from the dropdown list. Imports settings into the Create Theme and Preview tabs. |
GENERAL | Click to display the GENERAL tab with the primary options for a new theme. |
COLORS | Click to display the COLORS tab with color options for a new theme. |
PREVIEW | Click to display the PREVIEW tab. The PREVIEW updates to reflect current selections. |
Name | Description |
---|---|
Custom Theme Name | Enter a name to identify the new theme. |
Menu Label | Enter a short name to use in the TrueNAS web interface menus. |
Description | Enter a short description of the new theme. |
Choose Primary | Select a generic color from the dropdown list to use as the primary theme color. Or import a specific color setting. |
Choose Accent | Select a generic color from the dropdown list to use as the accent color for the theme. Or import a specific color setting. |
Choose Topbar | Select a color from the dropdown list to use as the color for the top menu bar in the web interface. |
SUBMIT | Click to save the current selections and create the new theme. |
CANCEL | Click to return to the Preferences screen without creating a new theme. |
Name | Description |
---|---|
Background 1 | Either click on the color swatch or enter a hex value. This value applies to the bg1 option in the GENERAL tab. |
Background 2 | Either click on the color swatch or enter a hex value. This value applies to the bg2 option in the GENERAL tab. |
Foreground 1 | Either click on the color swatch or enter a hex value. This value applies to the fg1 option in the GENERAL tab. |
Foreground 2 | Either click on the color swatch or enter a hex value. This value applies to the fg2 option in the GENERAL tab. |
Alt Background 1 | Either click on the color swatch or enter a hex value. This value applies to the alt-bg1 option in the GENERAL tab. |
Alt Background 2 | Either click on the color swatch or enter a hex value. This value applies to the alt-bg2 option in the GENERAL tab. |
Alt Foreground 1 | Either click on the color swatch or enter a hex value. This value applies to the alt-fg1 option in the GENERAL tab. |
Alt Foreground 2 | Either click on the color swatch or enter a hex value. This value applies to the alt-fg2 option in the GENERAL tab. |
Yellow | Either click on the color swatch or enter a hex value. This value applies to the yellow option in the GENERAL tab. |
Orange | Either click on the color swatch or enter a hex value. This value applies to the orange option in the GENERAL tab. |
Red | Either click on the color swatch or enter a hex value. This value applies to the red option in the GENERAL tab. |
Magenta | Either click on the color swatch or enter a hex value. This value applies to the magenta option in the GENERAL tab. |
Violet | Either click on the color swatch or enter a hex value. This value applies to the violet option in the GENERAL tab. |
Blue | Either click on the color swatch or enter a hex value. This value applies to the blue option in the GENERAL tab. |
Cyan | Either click on the color swatch or enter a hex value. This value applies to the cyan option in the GENERAL tab. |
Green | Either click on the color swatch or enter a hex value. This value applies to the green option in the GENERAL tab. |
SUBMIT | Click the button to save the current selections and create the new theme. |
CANCEL | Click the button to return to the Preferences screen without creating a new theme. |
Name | Description |
---|---|
Global Preview | Color selections display in the PREVIEW. Click the toggle to turn the display of the PREVIEW widget on or off. |
Name | Description |
---|---|
Buttons | This tab shows examples of web interface buttons. The buttons display with the current theme settings applied. |
Forms | This tab shows examples of web interface form options. The options display with the current theme settings applied. |
The web interface dashboard provides system details and shortcuts to various configuration screens.
Card | Description |
---|---|
System Information | Shows simple system-level information about TrueNAS, including hardware name (with compatible systems), TrueNAS version, system hostname, and system uptime. Includes a button to update the installed version of TrueNAS. |
CPU | Shows current CPU utilization and heat (with compatible hardware). Includes a shortcut icon to the in-depth CPU reporting screen. |
Memory | Shows total memory available to the system and the current breakdown of memory usage. Includes a shortcut icon to the in-depth memory utilization screen. |
Pool | Shows details about a configured storage pool. One card is created for each storage pool on the system. Includes shortcut icons to the pool configuration and statistics screens. |
Interface | Shows details about system network interfaces, including current status and configuration details. Includes shortcut icons to the interface configuration and statistics screens. |
TrueNAS Help | Contains links to verious documentation and assistance portals. |
This section has articles documenting the TrueNAS local User and Group screens.
The Groups screen lets you create and manage UNIX-style groups.
Name | Description |
---|---|
Filter Groups | Filters groups by keyword. |
COLUMNS | Lets users display/hide list columns. |
ADD | Opens the Group Configuration form |
Displays/hides built-in groups | |
Group | Group name. |
GID | Group ID number. |
Builtin | Whether or not the group is built-in. |
Permit Sudo | Whether or not the group has Permit Sudo enabled. |
Samba Authentication | Whether or not the group has Samba Authentication enabled. |
Fields with an*
must be configured to submit or change the UI configuration.
Name | Description |
---|---|
GID | A unique number used to identify a Unix group. |
Name | Descriptive name for the group. |
Permit Sudo | Allows group members to act as the root account with sudo. Group members are prompted for their password when using sudo. |
Samba Authentication | Allows group to be used for Samba permissions and authentication. |
Allow Duplicate GIDs | Allows more than one group to have the same group ID. |
The Users screen lets you create and manage user accounts.
Name | Description |
---|---|
Filter Users | Filters users by keyword. |
COLUMNS | Lets users display/hide list columns. Username, UID, Builtin, and Full Name are default. |
ADD | Opens the User ID and Groups form |
Displays/hides built-in users | |
Username | Descriptive name for the user. |
UID | User ID number. |
Builtin | Whether or not the user is built-in. |
Full Name | Shows the saved Full Name of the account. |
Fields with an*
must be configured to submit or change the UI configuration.
Name | Description |
---|---|
Full Name | Descriptive name for the user. |
Username | User login name. |
User email address. | |
Password | User login password. |
Confirm Password | Re-enter user password. |
Name | Description |
---|---|
User ID | A unique number used to identify a user. |
New Primary Group | Creates a new group with the same name as the user. |
Primary Group | Primary group to add the user to. |
Auxiliary Groups | Additional groups to add the user to. |
Name | Description |
---|---|
Home Directory | Path to the user home directory. |
Home Directory Permissions | Default user home directory Unix permissions. |
Name | Description |
---|---|
SSH Public Key | Public SSH key for key-based authentication. |
Disable Password | Enables/Disables password field. |
Shell | The shell to use for local and SSH logins. |
Lock User | Prevents user from logging in or using password-based services. |
Permit Sudo | Enable or disable issuing commands as the root account with sudo . |
Microsoft Account | Allows Windows authentication methods. |
Samba Authentication | Lets users authenticate to Samba shares. |
The TrueNAS CORE web interface System section has numerous features related to configuring the system and integrating it with specific environments or external accounts.
GUI
Name | Description |
---|---|
GUI SSL Certificate | The system uses a self-signed certificate to enable encrypted web interface connections. To change the default certificate, select a different certificate that was created or imported in the Certificates menu. |
Web Interface IPv4 Address | Choose a recent IP address to limit the usage when accessing the administrative GUI. The built-in HTTP server binds to the wildcard address of 0.0.0.0 (any address) and issues an alert if the specified address becomes unavailable. |
Web Interface IPv6 Address | Choose a recent IPv6 address to limit the usage when accessing the administrative GUI. The built-in HTTP server binds to the wildcard address of 0.0.0.0 (any address) and issues an alert if the specified address becomes unavailable. |
Web Interface HTTP Port | Allow configuring a non-standard port to access the GUI over HTTP. Changing this setting might require changing a Firefox configuration setting. |
Web Interface HTTPS Port | Allow configuring a non-standard port to access the GUI over HTTPS. |
HTTPS Protocols | Cryptographic protocols for securing client/server connections. Select which Transport Layer Security (TLS) versions TrueNAS can use for connection security. |
Web Interface HTTP -> HTTPS Redirect | Redirect HTTP connections to HTTPS. A GUI SSL Certificate is required for HTTPS. Activating this also sets the HTTP Strict Transport Security (HSTS) maximum age to 31536000 seconds (one year). This means that after a browser connects to the web interface for the first time, the browser continues to use HTTPS and renews this setting every year. |
Localization
Name | Description |
---|---|
Language | Select a language from the drop-down menu. |
Date Format | Choose a date format. |
Console Keyboard Map | Select a keyboard layout. |
Timezone | Select a time zone. |
Time Format | Choose a time format. |
Other Options
Name | Description |
---|---|
Crash reporting | Send failed HTTP request data which can include client and server IP addresses, failed method call tracebacks, and middleware log file contents to iXsystems. |
Usage collection | Enable sending anonymous usage statistics to iXsystems. |
SAVE CONFIG: Saves a backup copy of the current configuration database in the format hostname-version-architecture.
UPLOAD CONFIG: Browse to a previously saved configuration file to restore that configuration.
RESET CONFIG: Reset the configuration database to the default base version.
NTP Server Settings
Name | Description |
---|---|
Address | Enter the hostname or IP address of the NTP server. |
Burst | Recommended when Max. Poll is greater than 10. Only use on personal NTP servers or those under direct control. Do not enable when using public NTP servers. |
IBurst | Speeds up the initial synchronization (seconds instead of minutes). |
Prefer | Should only be used for highly accurate NTP servers such as those with time monitoring hardware. |
Min Poll | The minimum polling interval, in seconds, as a power of 2. For example, 6 means 2^6, or 64 seconds. The default is 6, minimum value is 4. |
Max Poll | The maximum polling interval, in seconds, as a power of 2. For example, 10 means 2^10, or 1,024 seconds. The default is 10, maximum value is 17. |
Force | Forces the addition of the NTP server, even if it is currently unreachable. |
Name | Description |
---|---|
Actions | Lets users add boot environments and check their stats/settings, as well as manage and scrub the boot pool. |
Name | The name of the boot entry as it appears in the boot menu. |
Active | Indicates which entry boots by default if a boot environment is not active. |
Created | Indicates the boot environment creation date and time. |
Space | Shows boot environment size. |
Keep | Indicates whether or not TrueNAS deletes this boot environment when a system update does not have enough space to proceed. |
System > Advanced contains advanced options for configuring system settings.
These options have reasonable defaults in place. Make sure you are comfortable with ZFS, FreeBSD, and system configuration backup and restoration before making any changes.
Console
Name | Description |
---|---|
Show Text Console without Password Prompt | Unset to add a login prompt to the system before the console menu is shown. |
Enable Serial Console | Do not set this if the Serial Port is disabled. Serial Port and Serial Speed options are visible when this is set. |
Serial Port | When Enable Serial Console is set, the available serial port hex addresses are 0x2F8 or 0x3f8. |
Serial Speeds | When Enable Serial Console is set, the available serial speeds that can be used by the serial port are 9600 bps, 19200 bps, 38400 bps, 57600 bps, or 115200bps. |
MOTD Banner | The message to show when a user logs in with SSH. |
Storage
Name | Description |
---|---|
Swap Size in GiB (CORE only) | By default, all data disks are created with the amount of swap specified. Changing the value does not affect the amount of swap on existing disks, only disks added after the change. Does not affect log or cache devices as they are created without swap. Setting to 0 disables swap creation completely. STRONGLY DISCOURAGED |
LOG (Write Cache) Overprovision Size in GiB | Overprovisioning a ZFS Log SSD can increase its performance and lifespan by distributing writes and erases across more drive flash blocks. Defining a number of GiB here overprovisions ZFS Log disks during pool creation or extension. Examples: 50 GiB, 10g, 5GB |
GUI
Name | Description |
---|---|
Show Console Messages | Display console messages in real time at the bottom of the browser. |
Show Advanced Fields by Default | Set to always show advanced fields, when available. |
Kernel
Name | Description |
---|---|
Enable Autotune | Activates a tuning script which attempts to optimize the system depending on the installed hardware. Warning: Autotuning is only used as a temporary measure and is not a permanent fix for system hardware issues. |
Enable Debug Kernel | Set to boot a debug kernel after the next system reboot. |
Self-Encrypting Drive
Name | Description |
---|---|
ATA Security User | User passed to camcontrol security -u to unlock SEDs |
SED Password | Global password to unlock SEDs. |
Syslog
Name | Description |
---|---|
Use FQDN for Logging | Set to include the Fully-Qualified Domain Name (FQDN) in logs to precisely identify systems with similar hostnames. |
Syslog Level | When Syslog Server is defined, only logs matching this level are sent. |
Syslog Server | Remote syslog server DNS hostname or IP address. Nonstandard port numbers can be used by adding a colon and the port number to the hostname, like mysyslogserver:1928 . Log entries are written to local logs and sent to the remote syslog server. |
Syslog Transport | Transport Protocol for the remote system log server connection. Choosing Transport Layer Security (TLS) also requires selecting a preconfigured system Certificate. |
Replication
Name | Description |
---|---|
Replication Tasks Limit | Limit the maximum number of replication tasks that can be executed simultaneously. |
SAVE DEBUG generates text files that contain diagnostic information.
TrueNAS EnterpriseThe View Enclosure screen only displays on TrueNAS CORE Enterprise systems with compatible hardware. The UI options to select System > View Enclosure is not present on incompatible non-Enterprise systems.
The System Information widget on the main Dashboard displays an image of the specific TrueNAS system. Hover the mouse over the image to see the View Enclosure label.
Click anywhere on the system image to open the View Enclosure screen.
The View Enclosure screen displays an image of the TrueNAS platform. Additional information about storage pools, drives, and other hardware components is available through clickable elements and buttons.
The top of the View Enclosure screen displays options to view information about the system or expansion shelf. The options vary by TrueNAS platform, whether or not the system has expansion shelves, and if you have an expansion shelf image selected instead of the TrueNAS system.
All TrueNAS systems include the Disks option. TrueNAS systems with expansion shelves include the Temperature, Power Supply, and Voltage options.
Expansion shelves include the Disks, Cooling, Services, Power Supply, SAS Expander, Temperature Sensors, and Voltage Sensor options. Each option displays a table with readings from the system’s internal components taken over time.
System images display the front view of the server by default.
If the system model includes a rear view, REAR changes the image to the back of the system. FRONT switches to the front view of the system chassis.
EDIT LABEL displays for system models other than the Mini.
EDIT LABEL opens the Change Enclosure Label window. Type a name or description for the system and click SAVE to apply the label. Reset to default restores the default name for the system.
System image screens include three options to change the information on the screen:
Click on a drive image to display a screen with information for that drive. Disk drive information includes the system pool, status, hardware details, and stats.
IDENTIFY DRIVE on disk detail screens turns on the LED indicator on a physical drive bay in the system server.
IDENTIFY DRIVE helps to identify the physical drive bay corresponding to the CORE identification number for that drive. Select the drive on the image and then click IDENTIFY DRIVE. Go to the location of the system server to locate the drive bay with the LED indication turned on, then check the drive location on the View Enclosure screen.
TrueNAS Mini and R30 systems do not include the IDENTIFY DRIVE function.
TrueNAS Mini systems only display the front view of the system hardware.
Pool information displays at the top of the screen. The drive bay number and disk label display to the left of the image, and the status is to the right. A disk image screen shows details for the drive you click on.
The Disks Overview section displays the system drive hardware and capacity. The Drive Temperatures section displays current readings for each drive in the system.
Larger TrueNAS hardware system images include a front and rear view of the chassis to show all drive bays and installed disk drives.
Click on a drive to display details for that selected drive and to access the IDENTIFY DRIVE option.
The screen shows the front view of the system by default. Both the system and expansion shelf images show the locations of installed disks.
The right side of the screen includes smaller images of both the system and expansion shelves connected to it. The selected system has a blue vertical line next to it.
The system and expansion shelf image screens include three options to change the information shown on the screen:
Click on a drive image in the system or an expansion shelf image to display a drive information screen for that drive. Disk drive information includes the system pool, disk status, hardware details, and stats.
The expansion shelf image varies based on the type of expansion shelf installed, but the disk information displayed is the same as for disks in other system disks.
General Options
Name | Description |
---|---|
From Email | The user account Email address for the From email address. You must configure the user account Email in Accounts > Users first. |
From Name | The friendly name to show in front of the sending email address. Example: Storage System 01it@example.com |
Send Mail Method
Name | Description |
---|---|
SMTP | Shows SMTP configuration options. |
GMail OAuth | Shows GMail authentication options. |
Name | Description |
---|---|
Outgoing Mail Server | Hostname or IP address of SMTP server used for sending email. |
Mail Server Port | SMTP port number. Typically 25/465 (secure SMTP), or 587 (submission). |
Security | Choose an encryption type. Choices are Plain (No Encryption), SSL (Implicit TLS), or TLS (STARTTLS). |
SMTP Authentication | Set when the SMTP server uses authentication credentials. Shows additional credentials options. |
Username | Displays after selecing SMTP Authentication. The user name for the sending email account, typically the full email address. |
Password | Displays after selecting SMTP Authentication. The password for the sending email account. |
Name | Description |
---|---|
LOG IN TO GMAIL | Login to Gmail using OAuth. |
The system dataset stores debugging core files, encryption keys for encrypted pools, and Samba4 metadata such as the user and group cache and share level permissions.
Name | Description |
---|---|
System Dataset Pool | Select the pool to contain the system dataset. |
Syslog | Store system logs on the system dataset. Unset to store system logs in /var/ on the operating system device. |
TrueNAS has a built in reporting engine that displays helpful graphs and information about the system processes. TrueNAS uses Graphite for metric gathering and visualizations.
Configure system reporting on the System > Reporting screen.
General Options
Name | Description |
---|---|
Report CPU usage in Percent | Reports CPU usage in percent instead of units of kernel time. |
Graphite Separate Instances | Sends the plugin instance and type instance to Graphite as separate path components: host.cpu.0.cpu.idle. Disabling sends the plugin and plugin instance as one path component and type and type instance as another: host.cpu-0.cpu-idle. |
Remote Graphite Server Hostname | Remote Graphite server host name or IP address. |
Graph Age in Months | Maximum time (in months) TrueNAS stores a graph. Allowed values are 1-60. Changing this value causes the Confirm RRD Destroy dialog to display. Changes do not take effect until TrueNAS destroys the existing reporting database. |
Number of Graph Points | The number of points for each hourly, daily, weekly, monthly, or yearly graph. Allowed values are 1-4096. Changing this value displays the Confirm RRD Destroy dialog. Changes do not take effect until TrueNAS destroys the existing reporting database. |
Reset to Defaults | Resets all entered values and settings back to defaults. |
Report history is cleared after changing and saving CPU reporting, graph age, or graph points.
For information on the Reporting screen graphs see System Reporting.
Reporting data is saved and preserved across system upgrades and reboots.
This allows viewing usage trends over time.
This data is frequently written and should not be stored on the boot pool or operating system device.
Reporting data is saved in
Name and Type
Name | Description |
---|---|
Name | Name of the new alert service. |
Enabled | Unset to disable this service without deleting it. |
Type | Choose an alert service to display options for that service. |
Level | Select the level of severity. |
Authentication
Options
Name | Description |
---|---|
Set Warning Level | Customizes the importance of the alert. Each level of importance has a different icon and color to express the level of importance: Info, Notice, Warning, Error, Critical (Default), Alert, and Emergency. |
Set Frequency | Adjust how often alert notifications are sent. Setting the Frequency to NEVER prevents that alert from being added to alert notifications, but the alert can still show in the web interface if it is triggered. Options: Immediately (Default), Hourly, Daily, and Never. |
Alert Warning Levels
Level | Icon | Alert Notification? |
---|---|---|
1 INFO | No | |
2 NOTICE | Yes | |
3 WARNING | Yes | |
4 ERROR | Yes | |
5 CRITICAL | Yes | |
6 ALERT | Yes | |
7 EMERGENCY | Yes |
These providers are supported for Cloud Sync tasks in TrueNAS CORE:
Name | Description |
---|---|
Name | Enter a name for the new credential. |
Provider | Third-party Cloud service providers. Choose a provider to configure connection credentials. |
Name | Description |
---|---|
Endpoint URL | S3 API endpoint URL. When using AWS, the endpoint field can be empty to use the default endpoint for the region, and available buckets are automatically fetched. Refer to the AWS Documentation for a list of Simple Storage Service Website Endpoints. |
Region | AWS resources in a geographic area. Leave empty to automatically detect the correct public region for the bucket. Entering a private region name allows interacting with Amazon buckets created in that region. For example, enter us-gov-east-1 to discover buckets created in the eastern AWS GovCloud region. |
Disable Endpoint Region | Skip automatic detection of the Endpoint URL region. Set this when configuring a custom Endpoint URL. |
User Signature Version 2 | Force using Signature Version 2 to sign API requests. Set this when configuring a custom Endpoint URL. |
Name | Description |
---|---|
Key ID | Alphanumeric Backblaze B2 Application Key ID. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key. Copy the application keyID string to this field. |
Application Key | Backblaze B2 Application Key. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key. Copy the applicationKey string to this field. |
Name | Description |
---|---|
Access Token | A User Access Token for Box. An access token enables Box to verify a request belongs to an authorized session. Example token: T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl. |
Name | Description |
---|---|
Access Token | Access Token for a Dropbox account. A token must be generated by the Dropbox account before adding it here. |
Name | Description |
---|---|
Host | FTP Host to connect to. Example: ftp.example.com. |
Port | FTP Port number. Leave blank to use the default port 21. |
Username | A username on the FTP Host system. This user must already exist on the FTP Host. |
Password | Password for the user account. |
Name | Description |
---|---|
Preview JSON Service Account Key | Contents of the uploaded Service Account JSON file. |
Choose File | Upload a Google Service Account credential file. The file is created with the Google Cloud Platform Console. |
Name | Description |
---|---|
Access Token | Token created with Google Drive. Access Tokens expire periodically and must be refreshed. |
Team Drive ID | Only needed when connecting to a Team Drive. The ID of the top level folder of the Team Drive. |
Name | Description |
---|---|
URL | HTTP host URL. |
Name | Description |
---|---|
Access Token | Access Token generated by a Hubic account. |
Name | Description |
---|---|
Username | MEGA account username. |
Password | MEGA account password. |
Name | Description |
---|---|
Account Name | Microsoft Azure account name. |
Account Key | Base64 encoded key for Azure Account |
Name | Description |
---|---|
Access Token | Microsoft Onedrive Access Token. Log in to the Microsoft account to add an access token. |
Drives List | Drives and IDs registered to the Microsoft account. Selecting a drive also fills the Drive ID field. |
Drive Account Type | Type of Microsoft acount. Logging in to a Microsoft account automatically chooses the correct account type. Options: Personal, Business, Document_Library |
Drive ID | Unique drive identifier. Log in to a Microsoft account and choose a drive from the Drives List drop-down to add a valid ID. |
Name | Description |
---|---|
User Name | Openstack user name for login. This is the OS_USERNAME from an OpenStack credentials file. |
API Key or Password | Openstack API key or password. This is the OS_PASSWORD from an OpenStack credentials file. |
Authentication URL | Authentication URL for the server. This is the OS_AUTH_URL from an OpenStack credentials file. |
Auth Version | AuthVersion - optional - set to (1,2,3) if your auth URL has no version (rclone documentation). |
Authentication Advanced Options | |
Tenant Name | This is the OS_TENANT_NAME from an OpenStack credentials file. |
Tenant ID | Tenant ID - optional for v1 auth, this or tenant required otherwise (rclone documentation). |
Auth Token | Auth Token from alternate authentication - optional (rclone documentation). |
Advanced Options
Name | Description |
---|---|
Region Name | Region name - optional (rclone documentation). |
Storage URL | Storage URL - optional (rclone documentation). |
Endpoint Type | Endpoint type to choose from the service catalogue. Public is recommended, see the rclone documentation. |
Name | Description |
---|---|
Access Token | pCloud Access Token. These tokens can expire and require extension. |
Hostname | Enter the hostname to connect to. |
Name | Description |
---|---|
Host | SSH Host to connect to. |
Port | SSH port number. Leave empty to use the default port 22. |
Username | SSH Username. |
Password | Password for the SSH Username account. |
Private Key ID | Import the private key from an existing SSH keypair or select Generate New to create a new SSH key for this credential. |
Name | Description |
---|---|
URL | URL of the HTTP host to connect to. |
WebDav Service | Name of the WebDAV site, service, or software being used. |
Username | WebDAV account username. |
Password | WebDAV account password. |
Name | Description |
---|---|
Access Token | Yandex Access Token. |
Name and Method
Name | Description |
---|---|
Name | Name of this SSH connection. SSH connection names must be unique. |
Setup Method | Manual requires configuring authentication on the remote system. This can include copying SSH keys and modifying the root user account on that system. Semi-automatic only works when configuring an SSH connection with a remote TrueNAS system. This method uses the URL and login credentials of the remote system to connect and exchange SSH keys. |
Authentication
Name | Description |
---|---|
TrueNAS URL | Hostname or IP address of the remote system. A valid URL scheme is required. Example: https://10.231.3.76 |
Username | Username for logging in to the remote system. |
Password | User account password for logging into the remote system. |
Private Key | Choose a saved SSH Keypair or select Generate New to create a new keypair and use it for this connection. |
More Options
Name | Description |
---|---|
Cipher | Standard is most secure, but has the greatest impact on connection speed. Fast is less secure than Standard but can give reasonable transfer rates for devices with limited cryptographic speed. Disabled removes all security in favor of maximizing connection speed. Disabling the security should only be used within a secure, trusted network. |
Connect Timeout | Time (in seconds) before the system stops attempting to establish a connection with the remote system. |
Name | Description |
---|---|
Name | A unique name to identify this keypair. Automatically generated keypairs are named after the object that generated the keypair with " Key" appended to the name. |
Private Key | See Public key authentication in SSH/Authentication. |
Public Key | See Public key authentication in SSH/Authentication. |
Tunables manage TrueNAS sysctls, loaders, and rc.conf options.
Name | Description |
---|---|
Variable | Enter the name of the loader, sysctl , or |
Value | Enter a value to use for the loader, sysctl, or rc.conf variable. |
Type | Creating or editing a sysctl immediately updates the Variable to the configured Value. A restart is required to apply loader or |
Description | Enter a description of the tunable. |
Enabled | Enable this tunable. Unset to disable this tunable without deleting it. |
Name | Description |
---|---|
Check for Updates Daily and Download if Available | Check the update server daily for any updates on the chosen train. Automatically download an update if one is available. Click APPLY PENDING UPDATE to install the downloaded update. |
(Refresh) | Check for updates. |
Operation | Lists operations TrueNAS performs during the update. |
Name | Operation name and version comparison. |
Change log | Lists software changes based on TrueNAS project JIRA tickets. |
Setting | Description |
---|---|
Name | Descriptive identifier for this certificate authority. |
Type | Select the CA type from the dropdown list of options. Select Internal CA for a certificate authority that functions like a publicly-trusted CA used to sign certificates for an internal network. This CA is not trusted outside the private network. Select Intermediate CA for a CA that lives between the root and end-entity certificates. Its main purpose is to define and authorize the types of certificates requested from the root CA. Select Import CA for a CA that allows importing an existing CA onto the system. For more information, see What are Subordinate CAs and Why Would You Want Your Own?. |
Profiles | Select predefined certificate extensions from the dropdown list. Options are Opentvpn Root CA and CA. Choose a profile that best matches your certificate usage scenario. |
Certificate options change based on the option selected in Type.
Setting | Description |
---|---|
Signing Certificate Authority | (Required) Select a previously imported or created CA. Displays when Type is set to Intermediate CA. |
Key Type | (Required) Select the key type from the dropdown list of options. Default is RSA. Select EC for EC curve certificates. See Why is elliptic curve cryptography not widely used, compared to RSA? for more information about key types. |
Key Length | (Required) Select the number of bits in the key used by the cryptographic algorithm from the dropdown list. Options are 1024, 2048 or 4096. For security reasons, a minimum key length of 2048 is recommended. |
Digest Algorithm | (Required) Select the cryptographic algorithm to use from the dropdown list of options. Only change the default SHA256 if the organization requires a different algorithm. |
Lifetime | (Required) Enter the lifetime of the CA specified in days. |
Setting | Description |
---|---|
Country | (Required) Select the country of the organization from the dropdown list. |
State | (Required) Enter the state or province of the organization. |
Locality | (Required) Enter the location of the organization. For example, the city. |
Organization | (Required) Enter the name of the company or organization. |
Organizational Unit | Organizational unit of the entity. |
(Required) Enter the email address of the person responsible for the CA. | |
Common Name | Enter the fully-qualified hostname (FQDN) of the system. This name must be unique within a certificate chain. |
Subject Alternate Names | (Required) Enter additional domains to secure for multi-domain support. Separate domains by pressing Enter. For example, if the primary domain is example.com, entering www.example.com secures both addresses. |
Setting | Description |
---|---|
Enabled | Select to activate this certificate extension. |
Path Length | Enter the number of non-self-issued intermediate certificates that can follow this certificate in a valid certification path. Entering 0 allows a single additional certificate to follow in the certificate path. Cannot be less than 0. |
Basic Constraints Config | Select the basic constraints extension that identifies whether the subject of the certificate is a CA and the maximum depth of valid certification paths that include this certificate. See RFC 3280, section 4.2.1.10 for more information. |
Setting | Description |
---|---|
Enabled | Select to activate this certificate extension. |
Authority Key Config | Select the authority key identifier extension that provides a means of identifying the public key corresponding to the private key used to sign a certificate. This extension is used where an issuer has multiple signing keys (either due to multiple concurrent key pairs or due to changeover). The identification can be based on either the key identifier (the subject key identifier in the issuer certificate) or on the issuer name and serial number. See RFC 3280, section 4.2.1.1 for more information. |
Setting | Description |
---|---|
Enabled | Select to activate this certificate extension. |
Usages | Select the options that identify the purpose for this public key from the dropdown list. Is used for end entity certificates. Multiple usages can be selected. Do not mark this extension critical when the Usage is ANY_EXTENDED_KEY_USAGE. Using both Extended Key Usage and Key Usage extensions requires that the purpose of the certificate is consistent with both extensions. See RFC 3280, section 4.2.1.13 for more details. |
Critical Extension | Select to identify this extension as critical for the certificate. The certificate-using system must recognize critical extensions, or it will reject the certificate. The certificate-using system can ignore non-critical extensions and still approve the certificate. |
Setting | Description |
---|---|
Enabled | Select to activate this certificate extension. |
Key Usage Config | Select the key usage extension that defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate. The usage restriction might be employed when a key that could be used for more than one operation is to be restricted. For example, when an RSA key should be used only to verify signatures on objects other than public key certificates and CRLs, the Digital Signature bits would be asserted. Likewise, when an RSA key should be used only for key management, the Key Encipherment bit would be asserted. See RFC 3280, section 4.2.1.3 for more information. |
Setting | Description |
---|---|
Certificate | Paste the certificate for the CA. |
Private Key | Paste the private key associated with the Certificate when available. Provide a key at least 1024 bits long. |
Passphrase | Enter the passphrase for the private key. |
Confirm Passphrase | Confirm the passphrase for the Private Key. |
After you create or import a new certificate, bind it to the relevant service. For HTTPS binding, go to System > General and select the certificate you want to bind in the GUI SSL Certificate field.
For other services, such as SMB or FTP, bind the certificate within the Services screen. Click the Configure button next to the service you want to bind to, then select the certificate within the Certificate field.
Name | Description |
---|---|
Name | Descriptive identifier for this certificate. |
Type | Internal Certificate is used for internal or local systems. Certificate Signing Request is used to get a CA signature. Import Certificate allows an existing certificate to be imported onto the system. Import Certificate Signing Request allows an existing CSR to be imported onto the system. |
Profiles | Predefined certificate extensions. Choose a profile that best matches your certificate usage scenario. |
Name | Description |
---|---|
Signing Certificate Authority (Internal Certificate) | Select a previously imported or created CA. |
Key Type | See Why is elliptic curve cryptography not widely used, compared to RSA? for more information about key types. |
EC Curve | Brainpool curves can be more secure, while secp curves can be faster. |
Key Length | The number of bits in the key used by the cryptographic algorithm. For security reasons, a minimum key length of 2048 is recommended. |
Digest Algorithm | The cryptographic algorithm to use. The default SHA256 only needs to be changed if the organization requires a different algorithm. |
Lifetime | The lifetime of the CA specified in days. |
Name | Description |
---|---|
Country | Select the country of the organization. |
State | Enter the state or province of the organization. |
Locality | Enter the location of the organization. For example, the city. |
Organization | Enter the name of the company or organization. |
Organizational Unit | Organizational unit of the entity. |
Enter the email address of the person responsible for the CA. | |
Common Name | Enter the fully-qualified hostname (FQDN) of the system. This name must be unique within a certificate chain. |
Subject Alternate Names | Multi-domain support. Enter additional domains to secure. Separate domains by pressing Enter. For example, if the primary domain is example.com, entering www.example.com secures both addresses. |
Name | Description |
---|---|
Enabled | Activate this certificate extension. |
Path Length | How many non-self-issued intermediate certificates that can follow this certificate in a valid certification path. Entering 0 allows a single additional certificate to follow in the certificate path. Cannot be less than 0. |
Basic Constraints Config | The basic constraints extension identifies whether the subject of the certificate is a CA and the maximum depth of valid certification paths that include this certificate. See RFC 3280, section 4.2.1.10 for more information. |
Name | Description |
---|---|
Enabled | Activate this certificate extension. |
Authority Key Config | The authority key identifier extension provides a means of identifying the public key corresponding to the private key used to sign a certificate. This extension is used where an issuer has multiple signing keys (either due to multiple concurrent key pairs or due to changeover). The identification MAY be based on either the key identifier (the subject key identifier in the issuer’s certificate) or on the issuer name and serial number. See RFC 3280, section 4.2.1.1 for more information. |
Name | Description |
---|---|
Enabled | Activate this certificate extension. |
Usages | Identify the purpose for this public key. Typically used for end entity certificates. Multiple usages can be selected. Do not mark this extension critical when the Usage is ANY_EXTENDED_KEY_USAGE. Using both Extended Key Usage and Key Usage extensions requires that the purpose of the certificate is consistent with both extensions. See RFC 3280, section 4.2.1.13 for more details. |
Critical Extension | Identify this extension as critical for the certificate. Critical extensions must be recognized by the certificate-using system or this certificate will be rejected. Extensions identified as not critical can be ignored by the certificate-using system and the certificate still approved. |
Name | Description |
---|---|
Enabled | Activate this certificate extension. |
Key Usage Config | The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate. The usage restriction might be employed when a key that could be used for more than one operation is to be restricted. For example, when an RSA key should be used only to verify signatures on objects other than public key certificates and CRLs, the Digital Signature bits would be asserted. Likewise, when an RSA key should be used only for key management, the Key Encipherment bit would be asserted. See RFC 3280, section 4.2.1.3 for more information. |
Name | Description |
---|---|
CSR exists on this system | Check this box if importing a certificate for which a CSR exists on this system |
Signing Certificate Authority | Select a previously imported or created CA. |
Name | Description |
---|---|
Certificate (Import Certificate) | Paste the certificate for the CA. |
Signing Request (Import CSR) | Paste the contents of your Certificate Signing Request here. |
Private Key | Paste the private key associated with the Certificate when available. Please provide a key at least 1024 bits long. |
Passphrase | Enter the passphrase for the Private Key. |
Confirm Passphrase | Confirm the passphrase for the Private Key. |
Automatic Certificate Management Environment (ACME) is available for automating certificate issuing and renewal.
Name | Description |
---|---|
Name | Internal identifier for the authenticator. |
Authenticator | DNS provider for the authenticator. Amazon Route 53 is the only supported DNS provider in TrueNAS CORE. |
Access ID Key | Key generated by the Amazon Web Services account. See the AWS Access Key documentation for instructions to generate the key. |
Secret Access Key | Key generated by the Amazon Web Services account. See the AWS Access Key documentation for instructions to generate the key. |
TrueNAS EnterpriseKMIP is only available for TrueNAS Enterprise licensed systems. Contact the iXsystems Sales Team to inquire about purchasing TrueNAS Enterprise licenses.
KMIP on TrueNAS Enterprise is used to integrate the system within an existing centralized key management infrastructure and use a single trusted source for creating, using, and destroying SED passwords and ZFS encryption keys.
Name | Description |
---|---|
Server | Host name or IP address of the central key server. |
Port | Connection port number on the central key server. |
Certificate | Certificate to use for key server authentication. A valid certificate is required to verify the key server connection. WARNING: for security reasons, please protect the Certificate used for key server authentication. |
Certificate Authority | Certificate Authority (CA) to use for connecting to the key server. A valid CA public certificate is required to authenticate the connection. WARNING: for security reasons, please protect the Certificate Authority used for key server authentication. |
Manage SED Passwords | Self-Encrypting Drive (SED) passwords can be managed with KMIP. Enabling this option allows the key server to manage creating or updating the global SED password, creating or updating individual SED passwords, and retrieving SED passwords when SEDs are unlocked. Disabling this option leaves SED password management with the local system. |
Manage ZFS Keys | Use the KMIP server to manage ZFS encrypted dataset keys. The key server stores, applies, and destroys encryption keys whenever an encrypted dataset is created, when an existing key is modified, an encrypted dataset is unlocked, or an encrypted dataset is removed. Unsetting this option leaves all encryption key management with the local system. |
Enabled | Activate KMIP configuration and begin syncing keys with the KMIP server. |
Change Server | Move existing keys from the current key server to a new key server. To switch to a different key server, key synchronization must be Enabled, then enable this setting, update the key server connection configuration, and click SAVE. |
Validate Connection | Tests the server connection and verifies the chosen Certificate chain. To test, configure the Server and Port values, select a Certificate and Certificate Authority, enable this setting, and click SAVE. |
Force Clear | Cancel any pending Key synchronization. |
TrueNAS EnterpriseThis article only applies to licensed TrueNAS Enterprise High availability (HA) systems. Contact the iXsystems Sales Team to inquire about purchasing TrueNAS Enterprise licenses.
Name | Description |
---|---|
Disable Failover | Disable automatic failover. |
Default TrueNAS Controller | Make the currently active TrueNAS controller the default when both TrueNAS controllers are online and HA is enabled. To change the default TrueNAS controller, unset this option on the default TrueNAS controller and allow the system to fail over. This briefly interrupts system services. |
Network Timeout Before Initiating Failover | The number of seconds to wait after a network failure before triggering a failover. 0 means a failover occurs immediately or after two seconds when the system is using a link aggregation. |
SYNC TO/FROM PEER | Synchronizes the active and standby TrueNAS controllers. |
The Support screen displays system information. Users may also manage thier Enterprise license and create support tickets.
Name | Description |
---|---|
Username | Your JIRA username. |
Password | Your JIRA password. |
Type | Select Bug when reporting an issue or Feature when requesting new functionality. |
Category | Category that best describes the bug or feature. |
Attach Debug | Generates and attaches an overview of the system hardware, build string, and configuration. |
Subject | A descriptive title for the new issue. |
Description | A one to three paragraph summary of the issue. |
Browse… | Attaches screenshots that illustrate the problem. |
TrueNAS EnterpriseProactive Support and the Contact Support fields below are only available on TrueNAS Enterprise licensed systems. Contact the iXsystems Sales Team to inquire about purchasing TrueNAS Enterprise licenses.
Name | Description |
---|---|
Name | Primary/Secondary Contact name. |
Primary/Secondary Contact email address. | |
CC | Primary/Secondary Contact email address. |
Phone Number | Primary/Secondary Contact phone number. |
Enable iXsystems Proactive Support | Set to enable the Enterprise Proactive Support feature. |
Name | Description |
---|---|
Name | Contact name. |
Contact email address. | |
Phone | Contact phone number. |
Type | Select Bug when reporting an issue or Feature when requesting new functionality. |
Environment | Select the appropriate environment. |
Criticality | Select the appropriate level of criticality. |
Attach Debug | Generates and attaches an overview of the system hardware, build string, and configuration. |
Subject | A descriptive title for the new issue. |
Description | A one to three paragraph summary of the issue. |
Choose Files | Attaches screenshots that illustrate the problem. |
TrueNAS offers Two-Factor Authentication (2FA) to ensure that a compromised administrator (root) password cannot be used by itself to gain access to the administrator interface.
User Settings
Name | Description |
---|---|
One Time Password (OTP) Digits | The number of digits in the One-Time Password. The default is 6, which is Google’s standard OTP length. Check your app/device settings before selecting this. |
Interval | The lifespan (in seconds) of each OTP. Default is 30 seconds. The minimum is 5 seconds. |
Window | Extends password validity beyond the Interval setting. For example, 1 means that one password before and after the current one is valid, leaving three valid passwords. Extending the window is useful in high-latency situations. |
Enable Two-Factor Auth for SSH | Enable 2FA for system SSH access. We recommend leaving this DISABLED until after you successfully test 2FA with the UI. |
System Generated Settings
Name | Description |
---|---|
Secret (Read-only) | The secret TrueNAS creates and uses to generate OTPs when you first enable 2FA. |
Provisioning URI (includes Secret - Read-only) | The URI used to provision an OTP. TrueNAS encodes the URI (which contains the secret) in a QR Code. To set up an OTP app like Google Authenticator, use the app to scan the QR code or enter the secret manually into the app. TrueNAS produces the URI when you first activate 2FA. |
TrueNAS includes an easy-to-use interface for common tasks a sysadmin needs to preform on a NAS on a regular basis. These can roughly be broken down into three groups: system level, data backup, and ZFS tasks.
Cron Job
Name | Description |
---|---|
Description | Enter a description of the cron job. |
Command | Enter the full path to the command or script to be run. |
Run as User | Select a user account to run the command. The user must have permissions allowing them to run the command or script. |
Schedule | Select a schedule preset or choose Custom to open the advanced scheduler. Note that an in-progress cron task postpones any later scheduled instance of the same task until the running task is complete. |
Hide Standard Output | Hide standard output (stdout) from the command. When cleared, any standard output is mailed to the user account cron used to run the command. |
Hide Standard Error | Hide error output (stderr) from the command. When cleared, any error output is mailed to the user account cron used to run the command. |
Enabled | Enable this cron job. When cleared, disable the cron job without deleting it. |
Init/Shutdown Script
Name | Description |
---|---|
Description | Comments about this script. |
Type | Select Command for an executable command or Script for an executable script. |
Command | Enter the command with any options. When Script is selected, click the folder to define the path to the script file. |
When | Pre Init is early in the boot process, after mounting filesystems and starting networking. Post Init is at the end of the boot process, before TrueNAS services start. Shutdown is during the system power off process. |
Enabled | Enable this task. Clear to disable the task without deleting it. |
Timeout | Automatically stop the script or command after the specified seconds. |
Remote sync is a utility that copies data across a network. Rsync first copies the initial data. Later copies contain only the data that is different between the source and destination files. This reduces network traffic. Use Rsync to create backups, and to synchronize data across systems.
Go to Tasks > Rsync Tasks. The Rsync Tasks menu displays.
Click ADD.
Source
Name | Description |
---|---|
Path | Browse to the path to be copied. FreeBSD file path limits apply. Other operating systems can have different limits which might affect how they can be used as sources or destinations. |
User | Select the user to run the rsync task. The user selected must have permissions to write to the specified directory on the remote host. |
Direction | Direct the flow of data to the remote host. During a push, the dataset transfers to the remote module. During a pull, the dataset stores files from the remote system. |
Description | Enter a description of the rsync task. |
Schedule
Name | Description |
---|---|
Schedule | Select a schedule preset or select Custom to open the advanced scheduler. |
Recursive | Select to include all sub-directories of the specified directory. When cleared, only the specified directory is included. |
Remote
Name | Description |
---|---|
Remote Host | Enter the IP address or host name of the remote system that will store the copy. Use the format username@remote_host if the user name differs on the remote host. |
Rsync Mode | Select to use a custom-defined remote module of the rsync server. Or to use an SSH configuration for the rsync task. |
More Options
Name | Description |
---|---|
Times | Select to preserve modification times of files. |
Compress | Select to reduce the size of data to transmit. Recommended for slow connections. |
Archive | When selected, rsync runs recursively. Preserves symlinks, permissions, modification times, group, and special files. When run as root, owner, device files, and special files are also preserved. Equal to passing the flags -rlptgoD to rsync. |
Delete | Delete files in the destination directory that do not exist in the source directory. |
Quiet | Select to suppress informational messages from the remote server. |
Preserve Permissions | Select to preserve original file permissions. Useful when the user is set to root. |
Preserve Extended Attributes | Extended attributes are preserved, but must be supported by both systems. |
Delay Updates | Saves a temporary file from each updated file to a holding directory until the end of the transfer. All transferred files renamed once the transfer is complete. |
Auxiliary Parameters | Additional rsync(1) options to include. Separate entries by pressing Enter. Note: The character must be escaped with a backslash \ or used inside single quotes (’*.txt’). |
Enabled | Select to enable this rsync task. Clear to disable this rsync task without deleting it. |
Name | Description |
---|---|
Disks | Select the disks to monitor from the dropdown list. |
All Disks | Select to monitor every disk on the system with S.M.A.R.T. enabled. Leave clear to choose individual disks on the Disks dropdown list to include in the test. |
Type | Select the test type from the dropdown list. Options are LONG, SHORT, CONVEYANCE or OFFLINE. See smartctl(8) for descriptions of each type. Some types degrade performance or take disks offline. |
Description | Enter information about the S.M.A.R.T. test. |
Schedule | Select a preset test schedule from the dropdown list. Select Custom to open the advanced scheduler and define a new schedule for running the test. |
Dataset
Name | Description |
---|---|
Dataset | Select a pool, dataset, or zvol. |
Recursive | Select to take separate snapshots of the dataset and each of its child datasets. Clear to take a single snapshot only of the specified dataset without child datasets. |
Exclude | Exclude specific child datasets from the snapshot. Use with recursive snapshots. List paths to any child datasets to exclude. Example: pool1/dataset1/child1 . A recursive snapshot of pool1/dataset1 will include all child datasets except child1. Separate entries by pressing Enter. |
Schedule
Name | Description |
---|---|
Snapshot Lifetime | Define a length of time to retain the snapshot on this system using a numeric value and a single lowercase letter for units. Examples: 3h is three hours, 1m is one month, and 1y is one year. Does not accept Minute values. After the time expires, the snapshot is removed. Snapshots which have been replicated to other systems are not affected. |
Naming Schema | Snapshot name format string. The default is auto-%Y-%m-%d_%H-%M . Must include the strings %Y , %m , %d , %H , and %M , which are replaced with the four-digit year, month, day of month, hour, and minute as defined in strftime(3). For example, snapshots of pool1 with a Naming Schema of customsnap-%Y%m%d.%H%M have names like pool1@customsnap-20190315.0527. |
Schedule | Choose one of the presets or Custom to use the advanced scheduler. |
Allow Taking Empty Snapshots | Creates dataset snapshots even when there have been no changes to the dataset from the last snapshot. Recommended for long-term restore points, multiple snapshot tasks pointed at the same datasets, or compatibility with snapshot schedules or replications created in TrueNAS 11.2 and earlier. For example, allowing empty snapshots for a monthly snapshot schedule allows that monthly snapshot to be taken, even when a daily snapshot task has already taken a snapshot of any changes to the dataset. |
Enabled | To activate this periodic snapshot schedule, select this option. To disable this task without deleting it, clear this option. |
Name | Description |
---|---|
Load Previous Replication Task | Use settings from a saved replication. |
Source Location | Storage location for the original snapshots that are replicated. |
Destination Location | Storage location for the replicated snapshots. |
Task Name | Name of this replication configuration. |
Source Location: On this System
Name | Description |
---|---|
Source | Define the path to a system location that has snapshots to replicate. Click the folder to see all locations on the source system or click in the field to manually type a location (Example: pool1/dataset1). Multiple source locations can be selected or manually defined with a comma (,) separator. Selecting a location displays the number of existing snapshots that can be replicated. Selecting a location that has no snapshots configures the replication task to take a manual snapshot of that location and replicate it to the destination. |
Recursive | Select to also replicate all snapshots contained within the selected source dataset snapshots. Clear to only replicate the selected dataset snapshots. |
Replicate Custom Snapshots | Replicate snapshots that are not created by an automated snapshot task. Requires setting a naming schema for the custom snapshots. |
Naming Schema | Pattern of naming custom snapshots replicated. Enter the name and strftime(3) {0}, {1}, {2}, {3}, and {4} strings that match the snapshots to include in the replication. Separate entries by pressing Enter. The number of snapshots matching the patterns display. |
Source Location: On a Different System
Name | Description |
---|---|
SSH Connections | Select an existing SSH connection to a remote system or choose Create New to create a new SSH connection. |
Source | Define the path to a system location that has snapshots to replicate. Click the folder to see all locations on the source system or click in the field to manually type a location (Example: pool1/dataset1). Multiple source locations can be selected or manually defined with a comma (,) separator. Selecting a location displays the number of existing snapshots that can be replicated. Selecting a location that has no snapshots configures the replication task to take a manual snapshot of that location and replicate it to the destination. |
Recursive | Select to also replicate all snapshots contained within the selected source dataset snapshots. Clear to only replicate the selected dataset snapshots. |
Naming Schema | Pattern of naming custom snapshots to be replicated. Enter the name and strftime(3) {0}, {1}, {2}, {3}, and {4} strings that match the snapshots to include in the replication. Separate entries by pressing Enter. The number of snapshots matching the patterns are shown. |
SSH Transfer Security | Data transfer security. The connection is authenticated with SSH. Data can be encrypted during transfer for security or left unencrypted to maximize transfer speed. Encryption is recommended, but can be disabled for increased speed on secure networks. |
Destination Location: On this System
Name | Description |
---|---|
Destination | Define the path to a system location that stores replicated snapshots. Click the folder to see all locations on the destination system or click in the field to manually type a location path (Example: pool1/dataset1). Selecting a location defines the full path to that location as the destination. Appending a name to the path creates a new zvol at that location. For example, selecting pool1/dataset1 stores snapshots in dataset1, but clicking the path and typing /zvol1 after dataset1 creates zvol1 for snapshot storage. |
Encryption | Select to use encryption when replicating data. Additional encryption options appear. |
Destination Location: On a Different System
Name | Description |
---|---|
SSH Connections | Select a saved remote system SSH connection or choose Create New to create a new SSH connection. |
Destination | Define the path to a system location that stores replicated snapshots. Click the folder to see all locations on the destination system or click in the field to manually type a location path (Example: pool1/dataset1). Selecting a location defines the full path to that location as the destination. Appending a name to the path creates a new zvol at that location. For example, selecting pool1/dataset1 stores snapshots in dataset1, but clicking the path and typing /zvol1 after dataset1 creates zvol1 for snapshot storage. |
Encryption | Select to use encryption when replicating data. Additional encryption options appear. |
Name | Description |
---|---|
Replication Schedule | Text |
Destination Snapshot Lifetime | When replicated snapshots are deleted from the destination system. Same as Source uses the configured snapshot lifetime value from the source dataset periodic snapshot task. Never Delete never deletes snapshots from the destination system. Custom sets a how long a snapshot remains on the destination system. Enter a number and choose a measure of time from the dropdown list. |
Schedule | Select specific times to snapshot what you specified in Source Datasets and replicate the snapshots to the location in Destination Dataset. Select a preset schedule or choose Custom to use the advanced scheduler. |
Text | Text |
General
Name | Description |
---|---|
Name | Descriptive name for the replication. |
Direction | PUSH sends snapshots to a destination system. PULL connects to a remote system and retrieves snapshots matching a naming schema. |
Transport | SSH is supported by most systems. It requires a previously created connection in System > SSH Connections. SSH+NETCAT uses SSH to establish a connection to the destination system, then uses py-libzfs to send an unencrypted data stream for higher transfer speeds. This only works when replicating to a FreeNAS, TrueNAS, or other system with py-libzfs installed. LOCAL efficiently replicates snapshots to another dataset on the same system without using the network. LEGACY uses the legacy replication engine from FreeNAS 11.2 and earlier. |
Number of retries for failed replications | Number of times the replication is attempted before stopping and marking the task as failed. |
Logging Level | Message verbosity level in the replication task log. |
Enabled | Activates the replication schedule. |
Transport Options
Name | Description |
---|---|
SSH Connection | Choose a connection that has been saved in System > SSH Connections. |
Stream Compression | Select a compression algorithm to reduce the size of the data being replicated. Only appears when SSH is chosen for Transport type. |
Limit | Limit replication speed to this number of bytes per second. |
Allow Blocks Larger than 128KB | Allow this replication to send large data blocks. The destination system must also support large blocks. This setting cannot be changed after it has been enabled and the replication task is created. For more details, see zfs(8). |
Allow Compressed WRITE Records | Use compressed WRITE records to make the stream more efficient. The destination system must also support compressed WRITE records. See zfs(8). |
Source
Name | Description |
---|---|
Source | Define the path to a system location that has snapshots to replicate. Click the folder to see all locations on the source system or click in the field to manually type a location (Example: pool1/dataset1). Multiple source locations can be selected or manually defined with a comma (,) separator. |
Recursive | Replicate all child dataset snapshots. When selected, Exclude Child Datasets becomes available. |
Include Dataset Properties | Include dataset properties with the replicated snapshots. |
(Almost) Full Filesystem Replication | Completely replicate the selected dataset. The target dataset will have all of the properties, snapshots, child datasets, and clones from the source dataset. |
Properties Exclude | List any dataset properties that will not be included with the replication. |
Periodic Snapshot Tasks | Snapshot schedule for this replication task. Choose from previously configured periodic snapshot tasks. This replication task must have the same Recursive and Exclude Child Datasets values as the chosen periodic snapshot task. Selecting a periodic snapshot schedule removes the Schedule field. |
Replicate Specific Snapshots | Only replicate snapshots that match a defined creation time. To specify which snapshots will be replicated, select this checkbox and define the snapshot creation times that will be replicated. For example, setting this time frame to Hourly will only replicate snapshots that were created at the beginning of each hour. |
Also Include Naming Schema | Pattern of naming custom snapshots to include in the replication with the periodic snapshot schedule. Enter the strftime(3) strings that match the snapshots to include in the replication. When a periodic snapshot is not linked to the replication, enter the naming schema for manually created snapshots. Has the same {0}, {1}, {2}, {3}, and {4} string requirements as the naming schema in a periodic snapshot task. Separate entries by pressing Enter. |
Saving Pending Snapshots | Prevent source system snapshots that have failed replication from being automatically removed by the Snapshot Retention Policy. |
Destination
Name | Description |
---|---|
Destination | Define the path to a system location that stores replicated snapshots. Click the folder to see all locations on the destination system or click in the field to manually type a location path (Example: pool1/dataset1). Selecting a location defines the full path to that location as the destination. Appending a name to the path creates a new zvol at that location. For example, selecting pool1/dataset1 stores snapshots in dataset1, but clicking the path and typing /zvol1 after dataset1 creates zvol1 for snapshots. |
Destination Dataset Read-only Policy | SET changes all destination datasets to readonly=on after finishing the replication. REQUIRE stops replication unless all existing destination datasets to have the property readonly=on. IGNORE disables checking the readonly property during replication. |
Encryption | Select to use encryption when replicating data. Additional encryption options appear. |
Encryption Key Format | Appears when Encryption is set. Choose between a Hex (base 16 numeral) or Passphrase (alphanumeric) style encryption key. |
Passphrase | Appears when Encryption Key Format is set to PASSPHRASE. Enter an alphanumeric encryption key. |
Store Encryption key in Sending TrueNAS database | Set to store the encryption key in the TrueNAS database. |
Encryption Key Location in Target System | Appears when Store Encryption key in Sending TrueNAS database** is unset. Choose a temporary location for the encryption key that will decrypt replicated data. |
Replication from scratch | If the destination system has snapshots but they do not have any data in common with the source snapshots, destroy all destination snapshots and do a full replication. Warning: enabling this option can cause data loss or excessive data transfer if the replication is misconfigured. |
Snapshot Retention Policy | When replicated snapshots are deleted from the destination system. Same as Source: use the Snapshot Lifetime from from the source periodic snapshot task. Custom: define a Snapshot Lifetime for the destination system. None: never delete snapshots from the destination system. |
Replication Schedule
Name | Description |
---|---|
Run Automatically | Select to either start this replication task immediately after the linked periodic snapshot task completes or continue to create a separate Schedule for this replication. |
Schedule | Start time for the replication task. |
Only Replicate Snapshots Matching Schedule | Appears when Schedule checkbox is set. Set to use the Schedule in place of the Replicate Specific Snapshots time frame. The Schedule values are read over the Replicate Specific Snapshots time frame. |
Resilver Priority
Name | Description |
---|---|
Enabled | Select to run resilver tasks between the configured times. |
Begin | Choose the hour and minute when a resilver process can run at a higher priority. |
End | Choose the hour and minute after which a resilver process must return to running at a lower priority. A resilver process running after this time can likely take much longer to complete due to running at a lower priority compared to other disk and CPU activities, such as replications, SMB transfers, NFS transfers, Rsync transfers, S.M.A.R.T. tests, pool scrubs, user activity, etc. |
Days of the Week | Select the days to run resilver tasks. |
Scrub Task
Name | Description |
---|---|
Pool | Choose a pool to scrub. |
Threshold days | Controls the task schedule by setting how many days must pass before a completed scrub can run again. If you schedule a scrub to run daily and set Threshold days to 7, the scrub attempts to run daily. If the scrub succeeds, it will check but won’t run again until seven days pass. Using a multiple of seven ensures the scrub runs on the same weekday. |
Description | Describe the scrub task. |
Schedule | How often to run the scrub task. Choose one of the presets or Custom to use the Advanced Scheduler. |
Enabled | Clear to disable the scheduled scrub without deleting it. |
TrueNAS can send, receive, or synchronize data with a Cloud Storage provider.
These providers are supported for Cloud Sync tasks in TrueNAS CORE:
Name | Description |
---|---|
Description | Enter a description of the Cloud Sync Task. |
Direction | PUSH sends data to cloud storage. PULL receives data from cloud storage. Changing the direction resets the Transfer Mode to COPY. |
Transfer Mode | SYNC: Files on the destination are changed to match those on the source. If a file does not exist on the source, it is also deleted from the destination. COPY: Files from the source are copied to the destination. If files with the same names are present on the destination, they are overwritten. MOVE: After files are copied from the source to the destination, they are deleted from the source. Files with the same names on the destination are overwritten. |
Directory/Files | Select the directories or files to be sent to the cloud for Push syncs, or the destination to be written for Pull syncs. Be cautious about the destination of Pull jobs to avoid overwriting existing files. |
Name | Description |
---|---|
Credential | Select the cloud storage provider credentials from the list of available Cloud Credentials. |
Folder | Enter or select the cloud storage location to use for this task. |
Name | Description |
---|---|
Schedule | Select a schedule preset or choose Custom to open the advanced scheduler. |
Enable | Enable this Cloud Sync Task. Clear to disable this Cloud Sync Task without deleting it. |
Name | Description |
---|---|
Follow Symlinks | Follow symlinks and copy the items to which they link. |
Pre-script | Script to execute before running sync. |
Post-script | Script to execute after running sync. |
Exclude | List of files and directories to exclude from sync. Separate entries by pressing Enter. See rclone filtering for more details about the --exclude option. |
Upload Chunk Size | Files are split into chunks of this size before upload. The number of chunks that can be simultaneously transferred is set by the Transfers number. The single largest file being transferred must fit into no more than 10,000 chunks. |
Remote Encryption | Use rclone crypt to manage data encryption during PUSH or PULL transfers: PUSH: Encrypt files before transfer and store the encrypted files on the remote system. Files are encrypted using the Encryption Password and Encryption Salt values. PULL: Decrypt files that are being stored on the remote system before the transfer. Transferring the encrypted files requires entering the same Encryption Password and Encryption Salt that was used to encrypt the files. Additional details about the encryption algorithm and key derivation are available in the rclone crypt File formats documentation. |
Transfers | Number of simultaneous file transfers. Enter a number based on the available bandwidth and destination system performance. See rclone –transfers. |
Bandwidth Limit | A single bandwidth limit or bandwidth limit schedule in rclone format. Separate entries by pressing Enter. Example: 08:00,512 12:00,10MB 13:00,512 18:00,30MB 23:00,off. Units can be specified with the beginning letter: b, k (default), M, or G. See rclone –bwlimit. |
TrueNAS connects to the Cloud Storage Provider and simulates a file transfer without sending or receiving data.
Name | Description |
---|---|
Choose a preset | Populates the rest of the fields. |
Minutes | Minutes when the task runs. |
Hours | Hours when the task runs. |
Days | Days when the task runs. |
Months | Months when the task runs. |
Days of Week | Days of the week when the task runs. |
The TrueNAS CORE Network screens control how the system integrates into the overall network environment.
Use the Network > Interface Screen to add various network interfaces to your TrueNAS.
Use the COLUMNS button to display options to modify the information displayed in the Interfaces table. Options are Type, Link State, DHCP, IPv6 Auto Configure, IP Addresses, Description, Active Media Type, Active Media Subtype, VLAN Tag, VLAN Parent Interface, Bridge Members, LAGG Ports, LAGG Protocol, MAC Address, MTU or Reset to Defaults.
Use ADD to display the Interface Add screen.
To see the details for any interface click the
symbol to the right of the interface.Each interface has a detailed view with the current interface settings and additional actions available for the interface.
Use EDIT to display the Network Interface Edit screen. Several settings are not editable and do not appear on the Edit screen.
Use RESET CONFIGURATION to reset the selected interface. Resetting the configuration interrupts network connectivity. The Reset Configuration dialog displays. You must select Confirm to activate the RESET CONFIGURATION button.
The Interface Add screen displays additional configuration settings based on the type of interface selected.
Interface Settings
Settings | Description |
---|---|
Type | Select the type of interface from the dropdown list. Select Bridge to create a logical link between mutliple networks. Select Link Aggregation to combine multiple network connections into a single interface. Select VLAN for a virtual LAN to partition and isolate a segment of the connection. |
Name | Enter a name for the interface. Use the format bridgeX laggX or vlanX where X is a number representing a non-parent interface. |
Description | Enter a description for the interface. For example, what it is used for. |
DHCP | Select to enable DHCP. Leave checkbox clear to crate a static IPv4 or IPv6 configuration. Only one interface can be configured for DCHP. |
Autoconfigure IPv6 | Select to automatically configure the IPv6 address with rtsol(8). Only one interface can be configured this way. |
Other Settings
Settings | Description |
---|---|
Dsable Hardware Offloading | Select to turn off hardware offloading for network traffice processing. Warning! Disabling hardware offloading can reduce network performance, and is only recommended when the interface is managing jails, plugins or virtual machines. |
MTU | A maximum transmission unit (MTU) is the largest protocol data unti that can be communicated. The largest workable MTU size varies with network interfaces and equipment. 1500 and 9000 are standard Ethernet MTU sizes. Leave blank restores this field to the default value of 1500. |
Options | Enter additional parameters from ifconfig(8). |
Other Settings
Settings | Description |
---|---|
IP Addresses | Select an IP address from the dropdown list to define an alias for the interface on this TrueNAS controller. The alias can be an IPv4 or IPv6 address. |
ADD | Adds a row to configure another IP address. A DELETE button displays to allow you to delete the extra IP address. |
Bridge Settings
Settings | Description |
---|---|
Bridge Members | Select network interfaces to include in the bridge from the dropdown list. |
Link Aggreation Settings
Settings | Description |
---|---|
Lagg Protocol | Select the lagg protocol from the dropdown list. This determines the outgoing and incoming traffic ports. LACP is the recommended protocol if the network switch is capable of active LACP. Failover is the default protocol choice and should be used if the network switch does not support active LACP. See lagg(4) for more details. |
Lagg Interfaces | Select the interfaces on your TrueNAS to use in the aggregation from the dropdown list. Warning! Lagg creation fails if any of the selected interfaces have been manually configured. |
VLAN Settings
Settings | Description |
---|---|
Parent Interface | Select the VLAN parent interface on your TrueNAS from the dropdown list. Usually Ethernet card connected to a switch port configured for the VLAN. New link aggregations are not available until the system is restared. |
Vlan Tag | Enter the numeric tag configured in the switched network. This is a required field. |
Priority Code Point | Select the Class of Service from the dropdown list. The available 802.1p class of service ranges from **Best effort (default) to Network control (highest). |
The Interface Edit screen displays only the editable configuration settings for the inface selected.
Interface Settings
Settings | Description |
---|---|
Name | Displays the name for the selected interface. This field cannot be edited. |
Description | Enter a description for the interface. For example, what it is used for. |
DHCP | Select to enable DHCP. Leave checkbox clear to crate a static IPv4 or IPv6 configuration. Only one interface can be configured for DCHP. |
Autoconfigure IPv6 | Select to automatically configure the IPv6 address with rtsol(8). Only one interface can be configured this way. |
Other Settings
Settings | Description |
---|---|
Disable Hardware Offloading | Select to turn off hardware offloading for network traffic processing. Warning! Disabling hardware offloading can reduce network performance, and is only recommended when the interface is managing jails, plugins, or virtual machines. |
MTU | A maximum transmission unit (MTU) is the largest protocol data unti that can be communicated. The largest workable MTU size varies with network interfaces and equipment. 1500 and 9000 are standard Ethernet MTU sizes. Leave blank restores this field to the default value of 1500. |
Options | Enter additional parameters from ifconfig(8). |
Other Settings
Settings | Description |
---|---|
IP Addresses | Select an IP address from the dropdown list to define an alias for the interface on this TrueNAS controller. The alias can be an IPv4 or IPv6 address. |
ADD | Adds a row to configure another IP address. A DELETE button displays to allow you to delete the extra IP address. |
Use APPLY to save changes to settings and return to the Interfaces screen.
It is recommended to set up your system connections before setting up data sharing. This allows integrating TrueNAS into your specific security and network environment before attempting to store or share critical data.
The Network Summary gives a concise overview of the current network setup. Information about the currently active Interfaces, Default Routes, and Nameservers is provided. These areas are not editable.
Interfaces shows any configured physical, bridge, LAGG, and vlan interfaces. All detected physical interfaces are listed, even when unconfigured. The IPv4 or IPv6 address displays when a Static IP is saved for an interface.
Default Routes lists all saved TrueNAS Default Routes. Go to Network > Global Configuration to configure Default Routes.
Nameservers lists any configured DNS name servers that TrueNAS uses. To change this list, go to Network > Global Configuration. The TrueNAS Hostname and Domain, Default Gateway, and other options are available in Network > Global Configuration.
Define any Static Routes in Network > Static Routes.
Out of Band Management is managed from Network > IPMI. This option is visible only when TrueNAS detects the appropriate physical hardware.
It is recommended to set up your system connections before setting up data sharing. This allows integrating TrueNAS into your specific security and network environment before attempting to store or share critical data.
The Network Summary gives a concise overview of the current network setup. Information about the currently active Interfaces, Default Routes, and Nameservers is provided. These areas are not editable.
Interfaces shows any configured physical bridge, LAGG, and vlan interfaces. All detected physical interfaces are listed, even when unconfigured. The IPv4 or IPv6 address displays when a static IP is saved for an interface.
Default Routes lists all saved TrueNAS Default Routes. Go to Network > Global Configuration to configure Default Routes.
Nameservers lists any configured DNS name servers that TrueNAS uses. To change this list, go to Network > Global Configuration. The TrueNAS Hostname and Domain, Default Gateway, and other options are available in Network > Global Configuration.
Define any Static Routes in Network > Static Routes.
Out-of-band management is managed from Network > IPMI. This option is visible only when TrueNAS detects the appropriate physical hardware.
The Network > Global Configuration screen has all the general TrueNAS networking settings that are not specific to any interface.
Disruptive Change
Making changes to the network interface the web interface uses can result in losing connection to TrueNAS! Fixing any misconfigured network settings might require command line knowledge or physical access to the TrueNAS system.
Options are organized into several categories.
Many of these fields have default values you can change to meet requirements of the local network. The Hostname and Domain field values display on the Dashboard > System Information card. Some options only display when the appropriate hardware is present.
Setting | Description |
---|---|
Hostname | Enter the system host name. If an Enterprise system with two controllers, this is the first TrueNAS controller host name. Upper and lower case alphanumeric, (.) and (-) characters are allowed. |
Hostname (TrueNAS Controller 2) | Enter the host name of second TrueNAS controller (for HA only). Upper and lower case alphanumeric, (.) and (-) characters are allowed. |
Hostname (Virtual) | Ener the virtual host name. When using a virtualhost, this is also used as the Kerberos principal name. Enter the fully qualified host name plus the domain name. Upper and lower case alphanumeric, (.) and (-) characters are allowed. |
Domain | Enter the system domain name. |
Additional Domains | Enter additional domains to search. Separate entries by pressing Enter. Adding search domains can cause slow DNS lookups |
Setting | Description |
---|---|
NetBIOS-NS | Select to advertise the SMB service NetBIOS name. Legacy NetBIOS name server. Can be required for legacy SMB1 clients to discover the server. When advertised, the server appears in Network Neighborhood. |
mDNS | Select to use the system host name (in Hostname) to advertise enabled and runnint services. Multicast DNS. For example, this controls if the server appears under Network on MacOS clients. |
WS-Discovery | Select to use the SMB Service NetBIOS Name to advertise the server to WS-Discovery clients. This causes the computer to appear in the Network Neighborhood of modern Windows OSes. |
Setting | Description |
---|---|
Nameserver 1 | Enter the primary DNS server IP address. |
Nameserver 2 | Enter the secondary DNS server IP address. |
Nameserver 3 | Enter the tertiary DNS server IP address. |
Setting | Description |
---|---|
IPv4 Default Gateway | Enter the IP address to use instead of the default gateway provided by DHCP for IPv4 service. Typically not set. |
IPv6 Default Gateway | Enter the IP address to use instead of the default gateway provided by DHCP for IPv6 service. Typically not set. |
Setting | Description |
---|---|
HTTP Proxy | Enter the proxy information for the network in the format http://my.proxy.server:3128 or http://user:password@my.proxy.server:3128. |
Enable Netwait Feature | Select to prevents network services from starting until the interface can ping the addresses listed in the Netwait IP list. |
Netwait IP List | Select only appears when Enable Netwait Feature is set. Enter a list of IP addresses to ping. Separate entries by pressing Enter. Each address is tried until one is successful or the list is exhausted. Leave empty to use the default gateway. |
Host Name Database | Enter the database host name. Used to add one entry per line which is appended to |
Use the Network Static Routes screen to define static routes on your TrueNAS. By default, no static routes are defined on a default TrueNAS system.
Use the blue Columns button to display options to change the information displayed in the Static Routes table. Options are Unselect All, Gateway, Description or Reset to Defaults.
Use Add to dispay the Static Routes Add screen.
Setting | Description |
---|---|
Destination | Enter the desination IP using the format A.B.C.D/E where E is the CIDR mask. |
Gateway | Enter the IP address of the gateway. |
Description | Enter any notes or identifiers describing the static route. |
The SUBMIT button activates after entering values in the required fields. Use CANCEL to exit without saving and retun to the Static Routes screen.
Use the INetwork > IPMI screen to configure the TrueNAS for an IPMI connection. The IPMI configuration screen provides a shortcut to the most basic IPMI configuration.
Setting | Description |
---|---|
TrueNAS Controller | Select a TrueNAS controller from the dropdown list. All IPMI changes are applied to that TrueNAS controller. |
Channel | Select the communications channel to use from the dropdown list. Available channel numbers vary by hardware. |
Password | Enter a password for connecting to the IPMI interface from a web browser. The password must include at least one upper case letter, one lower case letter, one digit, and one special character (punctuation, e.g. ! # $ %, etc.). It must also be 8-16 characters long. |
DHCP | Select to use DHCP to set the IPv4 Address, IPv4 Netmask, and Ipv4 Default Gateway. If checkbox is clear you must manually enter these settings. |
IPv4 Address | Enter the static IP address of the IPMI web interface. This is the address TrueNAS connects to when you click the MANAGE button. |
IPv4 Netmask | Enter the subnet mask associated with the IP address. |
IPv4 Default Gateway | Enter the default gateway of the IPv4 connection. This is associated with the IP address. |
VLAN ID | Enter the VLAN identifier if the IPMI out-of-band management interface is not on the same VLAN as management networking. |
IDENTIFY LIGHT | Displays a dialog to activate an IPMI identify light on the compatible connected hardware. |
MANAGE | Connects the TrueNAS to the IPMI web interface login screen. |
Use SAVE to save the IPMI settings.
See IPMI
Use the Storage Pools screens to add or manage storage pools on your TrueNAS. The Pools screen displays a table of all the pools and datasets configured in your TrueNAS.
Use the to display the Pools Actions dropdown list of pool operations.
Use ADD to display the Import Pool configuration wizard screens.
Use the <class=“fa fa-ellipsis-v” aria-hidden=“true” title=“Options”> for the root dataset to display the Action Menu for the root dataset which is different than the options for nested datasets. Use the <class=“fa fa-ellipsis-v” aria-hidden=“true” title=“Options”> > for nested datasets to display the Action Menu for nested datasets. See Datasets Screen for more information on dataset screens.
The import pool wizard has four configuration screens that allow you to add a new pool or import an existing pool based on the selection made.
Select the Create new Pool radio button to add a new pool and configure each setting.
Select the Import an existing pool to import an existing pool. See Importing a Pool for more information.
Use the CREATE POOL button to display the Create Pool screen which is the Pool Manager screen.
Displays a dialog with the Auto TRIM and Confirm checkoboxes. Auto TRIM allows TrueNAS to periodically check the pool disks for storage blocks it can reclaim.
Displays a dialog with a warning about unavailable data, backing up data before exporting/disconnecting, and lists services that could be disrupted by the process. Select from the three options:
Setting | Description |
---|---|
Destroy data on this pool? | Select to destroy data on the pool disks. |
Delete configuration of shares that used this pool? | Selected by default to delete share configurations listed. |
Confirm Export/Disconnect | Activates the Export/Disconnect button. |
Export/Disconnect | Use to display the confirmation dialog where you must enter the name of the pool and confirm you want to proceed with this operation. |
Use CANCEL to exit the process and close the dialog.
Displays the Pool Manager screen.
Use CANCEL to exit without saving and display the Pools screen.
Use ADD VDEVS to add vdevs to the exiting pool.
Displays a start-scrub confirmation dialog. Select Confirm to activate the START SCRUB button. Use CANCEL to exit back to the Pools screen without starting the scrub.
Displays the Pool Status screen which displays the status of the pool, the datasets and the disks for the selected pool. Select the to display the options available to datasets and disks. The Expand Pool function can be used to add a new disk to a single-disk stripe pool in order to create or re-create a mirror pool, if the disk capacity of the new disk meets the requirements.
The Pool Manager screen displays after selecting either the Create new Pool radio button on the Create or Import Pool screen or the Add Vdev option for an existing pool.
Pool Manager adds the initial vdev when you create the pool or want to add to an existing pool. At initial creation you have the option to select the type of vdev for this pool. When accessing Pool Manager for an existing pool from the Pool Actions dropdown and selecing Add Vdev, the pool vdev type is already specified and limits what you can add as a Data type vdev. For example, a pool with a mirror vdev requires you to add a minimum of two disks to the existing mirror. In order to transform a single disk stripe to a mirror, use the Expand Pool
Setting | Description |
---|---|
Name | Displays the name of the pool for which you are adding the vdev. |
Encryption | Select to apply encryption to the storage pool. All datasets created on an encrypted pool inherit encryption from this root dataset. |
RESET LAYOUT | Click to reset the proposed layout displayed. Click before you save to remove any vdev types selected and move disks assigned to any vdev back to the Available Disks list. |
ADD VDEV | Displays a dropdown list of the types of vdevs on the system. Vdev types are Data, Cache, Log, Hot Spare, Metadata or Dedup. Click to add vdev types to an existing or new pool vdev setup. |
Available Disks | List of available disks on the TrueNAS. Select the checkbox to the left of the disk and then select the blue to the right of the vdev type (if more than one vdev type exists or is added with the ADD VDEV button) to move the disks to that vdev. To move it back to the Available Disks list select the disk checkbox(es) and the blue . |
Data VDevs | List of disks assigned to the vdev(s). To move disks back to the Available Disks list select the disk checkbox(es) and the blue symbol. |
vdev type | Displays under the Data Vdevs table(s). For an existing pool, the default vdev type is the vdev type for that existing pool. For initial pool creation, the default type is Stripe. After adding disks to the Data VDevs a expand symbol displays with avaialbe options to change the default type of vdev (for example, if two disks are moved to a Data VDev, the Mirror option displays along with Strip). |
Estimated raw capacity: 0 B | Displays the raw storage capacity of the disks for the Data VDev type. |
Filter disks by name | Click on to display the field where you enter the filter or search parameters. |
Filter disks by capacity | Click on to display the field where you enter the filter or search parameters. |
Use CANCEL to exit without saving and display the Pools screen.
Use CREATE to add the pool vdev.
Use ADD VDEVS to add vdevs to the exiting pool.
The Pool Status screen which displays the status of the pool, the datasets and the disks for the selected pool.
Each Dataset has two options available from the . Select either Extend which displays the Extend Vdev dialog that allows you to select a new disk from a dropdown list, or Remove which displays a confirmation dialog before you remove the dataset from the pool.
Each disk has four options available from the :
Edit displays the Edit Pool Disk screen where you can change disk settings.
Offline displays the Offline Disk conformation dialog where you confirm you want to offline the disk. Select the Confirm checkbox to activate the OFFLINE button or click CANCEL to exit the dialog and return to the Pool Status screen.
Replace displays the Replacing disk dialog where you select the member disk from a dropdown list. Use Force to override safety checks and add the disk to the pool. Warning, this erases data on the disk!
Detach displays the Detach Disk dialog where you must select Confirm before the DETACH button activates. This detaches the disk from the pool.
The Edit Pool Disk screen displays disk configutation settings.
Settings on the Edit Pool Disk screen are the same as those on the Storage > Disks > Edit Disk screen. See Disk Screens for more information on disk settings.
Use the Edit Permissions option on the parent dataset Dataset Actions menu to display the Edit Permissions screen. This option is only availble on the parent dataset. See Dataset Screens and Setting Up Permissions for more information on pool and dataset permissions.
Use the Storage > Pools Add Dataset screen to add a dataset to your TrueNAS. A TrueNAS dataset is a file system that is created within a data storage pool. There are two settings options, BASIC OPTIONS and ADVANCED OPTIONS. Use the basic option unless you want to customize your dataset for specific uses cases.
Use SUBMIT without entering settings to quickly create a dataset with the default options or after entering settings to save and create the dataset.
The Name and Options fields are required to create the dataset. Datasets typically inherit most of these settings from the root or parent dataset, only a dataset name is required before clicking SUBMIT.
Setting | Description |
---|---|
Name | Enter a unique identifier for the dataset. The name cannot be changed after the dataset is created. |
Comments | Enter notes about the dataset. |
Sync | Select an option from the dropdown list. Select Standard uses the sync settings requested by the client software. Select Always to wait for data writes to complete, or select Disabled to never wait for writes to complete. |
Compression level | Select an option to encode information in less space than the original data occupies. It is recommended to choose a compression algorithm that balances disk performance with the amount of saved space: lz4 is generally recommended as it maximizes performance and dynamically identifies the best files to compress. zstd is the Zstandard compression algorithm that has several options for balancing speed and compression. gzip options range from 1 for least compression, best performance, through 9 for maximum compression with greatest performance impact. zle is a fast algorithm that only eliminates runs of zeroes. lzjb is a legacy algorithm that is not recommended for use. |
Enable Atime | Select an option from the dropdown list. Inherit (off) inherits from the pool. on updates the access time for files when they are read. off disables creating log traffic when reading files to maximize performance. |
Encryption | Select Inherit (non-encrypted) to inherit the root or parent dataset encryption properties. Clear the checkmark to either not encrypt the dataset or to configure encryption settings other than those used by the root or parent dataset. See Encryption for more information on encryption. |
Use the Other Options to help tune the dataset for particular data sharing protocols:
Setting | Description |
---|---|
ZFS Deduplication | Select an option to transparently reuse a single copy of duplicated data to save spacefrom the dropdown list. Options are Inherit (off), on, verify or off. Deduplication can improve storage capacity, but is RAM intensive. Compressing data is generally recommended before using deduplication. Deduplicating data is a one-way process. *Deduplicated data cannot be undeduplicated! |
Case Sensitivity | Select an option from the dropdown list. Sensitive assumes file names are case sensitive. Insensitive assumes file names are not case sensitive. Mixed understands both types of file names. Case sensitivity cannot be changed after the dataset is created! |
Share Type | Select an option from the dropdown list to define the type of data sharing the dataset uses to optimize the dataset for that sharing protocol. Options are Generic or SMB. AFP type shares use SMB unless directed to select Generic. The type of share cannot be changed after the dataset is created! |
Use ADVANCED OPTIONS to add additional dataset settings such as quota management tools, basic ACL permissions and a few additional Other Options settings fields.
Setting | Description |
---|---|
Quota for this datset | Enter an integer to define the maximum allowed space for the dataset. 0 disables quotas. |
Quota warning alert at, % | Enter an integer to generate a warning level alert when consumed space reaches the defined percentage. By default, Inherit is selected and the dataset inherits this value from the parent dataset. Clear the checkmark to change the value. |
Quota critical alert at, % | Enter an integer to generate a critical level alert when consumed space reaches the defined percentage. By default, Inherit is selected and the dataset inherits this value from the parent dataset. Clear the checkmark to change the value. |
Reserved space for this dataset | Enter an integer to reserve additional space for datasets that contain logs which could eventually take up all the available free space. 0 is unlimited. |
Additional Other Options settings
Setting | Description |
---|---|
Read-only | Select an option from the dropdown list. On prevents the dataset being modified. Off allows users accessing the dataset to modify its contents. |
Exec | Select an option from the dropdown list. On allows processes to executd from within this dataset. Off prevents processes from executing in the dataset. It is recommended to set to On. |
Snapshot directory | Select an option to control visibility of the |
Copies | Select an option from the dropdown list to specify the number of duplicate ZFS user data copies stored on this dataset. Choose between 1, 2, or 3 redundant data copies. This can improve data protection and retention, but is not a substitute for storage pools with disk redundancy. |
Record Size | Select an option from the dropdown list for the Logical block size in the dataset. Matching the fixed size of data, as in a database, could result in better performance. |
ACL Mode | Select an option from the dropdown list to determine how chmod behaves when adjusting file ACLs. See the zfs aclmode property.Passthrough only updates ACL entries that are related to the file or directory mode. Restricted does not allow chmod to make changes to files or directories with a non-trivial ACL. An ACL is trivial if it can be fully expressed as a file mode without losing any access rules. Restricted is typically used to optimize a dataset for SMB sharing, but can require further optimizations. For example, configuring an rsync task with this dataset could require adding --no-perms in the Rsync task Auxiliary Parameters field. |
Metadata (Special) Small Block Size | Enter an integer for the threshold block size for including small file blocks into the special allocation class (fusion pools). Blocks smaller than or equal to this value are assigned to the special allocation class while greater blocks are assigned to the regular class. Valid values are zero or a power of two from 512B up to 1M. The default size 0 means no small file blocks are allocated in the special class. Add a special class vdev to the pool before setting this property. |
Use the Storage > Pools Edit Dataset screen to change setting for an existing dataset. The settings are identical to the Add Dataset screens above. to access the Edit Dataset screens, click the for a dataset and select Edit Options.
Use the Storage > Pools Edit Permissions screen to change permissions settings for a parent dataset. To access the Edit Permissions screens, click the for a dataset and select Edit Options.
Setting | Description |
---|---|
Dataset Path | Displays the dataset path for the selected dataset. |
Setting | Description |
---|---|
User | Either type to search for or use dropdown list to select an existing user on the system that controls this dataset. Dropdown list displays all user on the TrueNAS system. |
Apply User | Select to confirm selected user. As a check on errors, if not selected the user is not submitted. |
Group | Either type to search for or use dropdown list to select an existing group on the system that controls this dataset. Dropdown list displays all user on the TrueNAS system. |
Apply Group | Select to confirm selected group. As a check on errors, if not selected the group is not submitted. |
Setting | Description |
---|---|
Access Mode | Select the Read, Write and Execute checkboxes for User, Group, and Other to set the permissions levels. |
Setting | Description |
---|---|
Apply Permissions Recursively | Select to apply permissions recursively to all directories and files within the current dataset. |
Traverse | Select to apply permissions recursively to all child datasets of the current dataset. |
Click USE ACL MANAGER to open the ACL editor to further customize permissions. After selecting the Select a preset ACL radio buttons on the Create an ACL dialog, select a Default ACL Option from the dropdown list. Options are OPEN, Restricted or HOME. Or Create a custom ACL and then click CONTINUE to display the Edit ACL screen with the default permissions for the option you selected.
Setting | Description |
---|---|
Path | Displays the dataset path for the selected dataset. |
User | Either type to search for or use dropdown list to select an existing user on the system that controls this dataset. Dropdown list displays all user on the TrueNAS system. |
Apply User | Select to confirm selected user. As a check on errors, if not selected the user is not submitted. |
Group | Either type to search for or use dropdown list to select an existing group on the system that controls this dataset. Dropdown list displays all user on the TrueNAS system. |
Apply Group | Select to confirm selected group. As a check on errors, if not selected the group is not submitted. |
Setting | Description |
---|---|
Who | Select from the dropdown list of options. Default for each of the three groups of settings is owner@, group@ and everyone@ but you can change this to either of these additional options User or Group. Selection modifies values displayed in other settings. |
ACL Type | Select either Allow or Deny from the dropdown list to specify how permissions apply to the value selected in Who. Select Allow to grant the specified permissions or Deny to restrict the specified permissions. |
Permissions Type | Select either Basic or Advanced from the dropdown list. Basic shows general permissions. Advanced shows each specific type of permission for finer control. |
Permissions | Select the permissions to apply to the selected value in Who. The list of permissions changes based on the value selected in Permissions Type. See Permissions for more information on permissions by permissions type (Basic and Advanced). |
Flags Type | Select the set of ACE inheritance flags to display. Options are Basic or Advanced. If Basic non-specific inheritance options show in the list. If Advanced the dropdown list shows specific inheritance settings for finer control. |
Flags | Select how this ACE applies to newly created directories and files within the dataset. If Flag Type is set to Basic options are Inherit or No Inherit. If Flag Type is set to Advanced flags are File Inherit, Directory Inherit, No Propagate Inherit, Inherit Only, or Inherited. |
Use ADD ACL ITEM to add another set of the ACL permission settings.
Select Apply permissions recursively to apply the ACL settings recursively to all directories and files in the current dataset.
USE PERMISSIONS EDITOR opens the EDIT Permissions screen.
TrueNAS allows setting data or object quotas for user accounts and groups cached on or connected to the system. Go to Storage > Pools, find the desired dataset, and click to open the Dataset Actions menu and see the User Quota and Group Quota options.
Clicking User Quotas from the Dataset Actions menu shows the User Quotas screen.
Setting | Description |
---|---|
Filter User Quotas | Enter a string to show saved quotas that match the string. |
Columns | Displays options to customize the table view to add or remove information. Options are Select All, ID, Data Quota, DQ Used, DQ % Used, Object Quota, Objects Used, OQ % Used, and Reset to Defaults. After selecting Select All the option toggles to Unselect All. |
Actions | Shows additional options to manage or add entries to this screen. |
Setting | Description |
---|---|
Toggle Display | Changes the view between filter and list views. By default, only user accounts with a quota are shown (filter view). Switching to the list view shows all available users, even if the user has no quota assigned. |
Set Quotas (Bulk) | Opens the Set User Quotas screen to add quotas. |
Click the
icon to display a detailed individual user quota view.Click the Edit User window.
Edit button to display theThe Edit User window allows modifying individual user data and object quota values.
Settings | Description |
---|---|
User | Displays the name of the selected user. |
User Data Quota (Examples: 500KiB, 500M, 2 TB) | Enter the amount of disk space the selected user can use. Entering 0 allows the user to use all disk space. You can enter human-readable values such as 50 GiB, 500M, 2 TB, etc.). If units are not specified, the value defaults to bytes. |
User Object Quota | Enter the number of objects the selected user can own. Entering 0 allows unlimited objects. |
Click Set Quota to save changes or Cancel to close the window without saving.
Click Actions > Set Quotas (Bulk) to see the Set User Quotas screen.
Settings | Description |
---|---|
User Data Quota (Examples: 500KiB, 500M, 2 TB) | Enter the amount of disk space the selected user can use. Entering 0 allows the user to use all disk space. You can enter human-readable values such as 50 GiB, 500M, 2 TB, etc.). If units are not specified, the value defaults to bytes. |
User Object Quota | Enter the number of objects the selected user can own. Entering 0 allows unlimited objects. |
Settings | Description |
---|---|
Select Users Cached by this System | Select the users from the dropdown list of options. |
Search for Connected Users | Click in the field to see the list of users on the system or type a user name and press Enter. A clickable list displays of found matches as you type. Click on the user to add the name. A warning dialog displays if there are not matches found. |
Click Submit to set the quotas or Cancel to exit without saving.
Clicking Group Quotas from the Dataset Actions menu shows the Edit Group Quotas screen.
The Edit Group Quotas screen displays the names and quota data of any groups cached on or connected to the system.
Setting | Description |
---|---|
Filter Group Quotas | Enter a string to show saved quotas that match the string. |
Columns | Displays options to customize the table view to add or remove information. Options are Select All, ID, Data Quota, DQ Used, DQ % Used, Object Quota, Objects Used, OQ % Used, and Reset to Defaults. After selecting Select All the option toggles to Unselect All. |
Actions | Shows additional options to manage or add entries to this screen. |
Setting | Description |
---|---|
Toggle Display | Changes the view between filter and list views. By default, only group accounts with a quota are shown (filter view). Switching to the list view shows all available groups, even if the group has no quota assigned. |
Set Quotas (Bulk) | Opens the Set Group Quotas screen to add quotas. |
Click the
icon to display a detailed individual group quota view.Click the Edit Group window.
Edit button to display theThe Edit Group window allows you to modify the group data quota and group object quota values for an individual group.
Settings | Description |
---|---|
Group | Displays the name of the selected group(s). |
Group Data Quota (Examples: 500KiB, 500M, 2 TB) | Enter the amount of disk space the selected group can use. Entering 0 allows the group to use all disk space. You can enter human-readable values such as 50 GiB, 500M, 2 TB, etc.). If units are not specified, the value defaults to bytes. |
Group Object Quota | Enter the number of objects the selected group can own or use. Entering 0 allows unlimited objects. |
Click Set Quota to save changes or Cancel to close the window without saving.
Click **Actions > Set Quotas (Bulk) ** to see the Set Group Quotas screen.
Settings | Description |
---|---|
Group Data Quota (Examples: 500KiB, 500M, 2 TB) | Enter the amount of disk space the selected group can use. Entering 0 allows the group to use all disk space. You can enter human-readable values such as 50 GiB, 500M, 2 TB, etc.). If units are not specified, the value defaults to bytes. |
Group Object Quota | Enter the number of objects the selected group can own or use. Entering 0 allows unlimited objects. |
Settings | Description |
---|---|
Select Groups Cached by this System | Select the users from the dropdown list of options. |
Search for Connected Groups | Click in the field to see the list of groups on the system or type a group name and press Enter. A clickable list displays of found matches as you type. Click on the group to add the name. A warning dialog displays if there are no matches found. |
Click Submit to set the quotas or Cancel to exit without saving.
Use the Storage > Pools Add Zvol screen to add a zvol to a pool.
Basic Options
Setting | Description |
---|---|
Zvol name | Enter a short name for the zvol. Using a zvol name longer than 63-characters can prevent accessing zvols as devices. For example, a zvol with a 70-character filename or path cannot be used as an iSCSI extent. This setting is required. |
Comments | Enter any notes about this zvol. |
Size for this zvol | Specify size and value. Units like t, TiB, and G can be used. The size of the zvol can be increased later, but cannot be reduced. If the size is more than 80% of the available capacity, the creation fails with an out of space error unless Force size is also selected. |
Force size | Select to force the system to create a zvol that brings a pool to over 80% capacity (not recommended). By default, the system does not create a zvol if that operation brings the pool to over 80% capacity. |
Sync | Select an option from the dropdown list that sets the data write synchronization. Inherit sets zvol to get sync settings from the parent dataset, Standard uses the sync settings requested by the client software, Always that waits for data writes to complete,or Disabled that never waits for writes to complete. |
Compression level | Select a compression option from the dropdown list. Select Off to not compress data to save space. Refer to Compression for a description of the available algorithms. |
ZFS Deduplication | Do not change this setting unless instructed to do so by your iXsystems support engineer. |
Sparse | Select to provide thin provisioning. Use with caution as writes fail when the pool is low on space. |
Read-only | Select an option from the dropdown list to set whether the zvol can be modified. Options are Inherit to get and use the parent pool or root dataset settings, On to prevent modifying the zvol, or Off to allow the zvol to be modified. |
Inherit (Encryption Options) | Select to enable the zvol to use the encryption properties of the root dataset. |
Selecting ADVANCED OPTIONS adds one additional setting.
Setting | Description |
---|---|
Block size | select the default Inherit or select from the other dropdown list options 4KiB, 8KiB, 16KiB, 32KiB, 64KiB or 128KiB. See Creating a Zvol for more information on these options and block sizes. |
SUBMIT activates after all required fields are populated. Use to save settings.
Use CANCEL to exit without saving settings and display the Pools screen.
Use the Storage > Snapshots screens to create and manage snapshots on your TrueNAS.
Use the to display the Show Extra Columns dialog, and after clickng SHOW, the Snapshot screen changes to dipslay the blue COLUMNS button with options to modify the table information. It also changes the individual snapshots listed to show the individual snapshot action options from the
rather than the expand symbol that, after clicking on it, expands the selected snapshot to show details with the action options on the bottom of the expanded view of the snapshot. To return to the previous display click the to display the Hide Extra Columns dialog, and after clickng HIDE, the blue COLUMNS button no longer displays and the list of snapshots displays the expand symbol.Use ADD to display the Snapshot > Add screen.
Name | Description |
---|---|
Dataset | Select a dataset or zvol from the dropdown list to use as the storage location for snapshots. |
Name | Enter a unique name. This cannot be used with the value in Naming Schema |
Naming Schema | |
Recursive | Select to include child datasets of the selected dataset. |
Use SUBMIT to save settings. Use CANCEL to exit without saving and display the Snapshots screen.
The expanded snapshot view includes date created, space used, and the amount of data accessible by this dataset.
Name | Icon | Description |
---|---|---|
Delete | Displays a delete confirmation dialog. Select Confirm to activate the DELETE* button. | |
Clone to New Dataset | Displays the Clone to New Dataset screen. | |
Rollback | Displays the Dataset Rollback From Snapshot dialog. |
WARNING: Rolling the dataset back destroys data on the dataset and can destroy additional snapshots that are related to the dataset. This can result in permanent data loss! Do not roll back until all desired data and snapshots are backed up.
Name | Description |
---|---|
Stop Roolback if Snapshot Exists | Select the safety level for the rollback action. Select the radio button that best fits. Rollback is cancelled when the safety check finds additional snapshots that are directly related to the dataset being rolled back. |
Newer intermeidate, Child, and clone | Select to stop rollback when the safety check finds any related intermediate, child dataset, or clone snapshots that are newer than the rollback snapshots. |
Newer Clone | Select to stop rollbck when the safety check finds any related clone snapshots that are newer than the rollback snapshot. |
No Safety Check (CAUTION) | Select to stop rollback if snapshot exists. The rollback destroys any related intermediate, child dataset, and cloned snapshots that are newer than the rollback snapshot. |
Confirm | Select to confirm the selection and activate the ROLLBACK button. |
See Creating Snapshots for more information on creating and managing snapshots.
Use Storage > VMware-Snapshots to add a VMWare snapshot that coordinates ZFS snapshots when using TrueNAS as a VMware datastore.
Name | Description |
---|---|
Hostname | Enter the IP address or host name of the VMware host. When clustering, use the IP address or host name of the vCenter server for the cluster. |
Username | Enter a user account name created on the VMware host. The account must have permission to snapshot virtual machines. |
Password | Enter the password associated with the value in Username. |
ZFS Filesystem | Select a file system to snapshot from the dropdown list. Values populate from the VMWare host response. |
Datastore | Select an option from the dropdown list after entering the Hostname, Username, and Password, click FETCH DATASTORES to populate the menu. Select the datastore to synchronize. Selecting a datastore also select any previously mapped datasets. |
Use FETCH DATASTORES to have TrueNAS connect to the VMware host.
Use the Storage > Disks screen to add or manage disks in your TrueNAS.
Use the blue Columns button to display a list of options to modify the information displayed in the list of disks.
Use the
expand symbol to the right of any disk on the list to expand that disk to show settings and actions for that disk.The Disks individual disk information screen includes details about the disk settings and status. It also provides access to disk actions the user can take.
Use EDIT to display the Edit Disk screen.
Use MANUAL TEST to display the Manual S.M.A.R.T. Tests dialog where you can specify the type of test as LONG, SHORT, CONVEYANCE or OFFLINE.
Use S.M.A.R.T. TEST RESULTS to display the results of any S.M.A.R.T. tests executed on the system.
Use WIPE to delete obsolete data off an unused disk. This option does not display unless your disk is unused. See Wiping a Disk for more information on how to use this function.
The settings on the Edit Disk are the same as those on the Add Disk screen.
Settings | Description |
---|---|
Name | Enter the FreeBSD disk device name. For example, ada0. |
Serial | Enter the serial number for this disk. |
Description | Enter notes or a description for this disk. For example, where it is located or what it is used for. |
HDD Standby | Select the option from the dropdown list for the minutes of inactivity before the drive enters standby mode. Select from Always On or the minutes in a range from 5 to 330. See this forum post for information on identifying spun down drives. Temperature monitoring is disabled for standby disks. |
Force HDD Standby | Select to allow the drive to enter standby, even when non-physical S.M.A.R.T. operations could prevent the drive from sleeping. |
Advanced Power Management | Select an option from the dropdown list to select a power management profile from the menu. Options are Disabled, Level 1 - Minimum power usage with Standby (spindown), Level 64 - Intermediate power usage with Standby, Level 127 - Maximum power usage with Standby, Level 128 - Minimum with power usage without Standby (no spindown), Level 192 - Intermediate power usage without Standby, Level 254 - Maximum performance, maximum power usage. |
Acoustic Level | Select the option from the dropdown list to modify disks that understand AAM Options are Disabled, Minimum, Medium or Maximum. |
Enable S.M.A.R.T. | Select to enable allowing the system to conduct periodic S.M.A.R.T. tests. |
S.M.A.R.T. extra opitons | Enter additional smartctl(8) options. |
Critical | Enter a numeric value to set the threshold temperature in Celsius. If the drive temperature is higher than this value, a LOG_CRIT level log entry is created and an email i s sent. 0 disables this check. |
Difference | Enter a value where the the system reports if the drive temperature changed by this many degrees Celsius since the last report. 0 disables the report. |
Informational | Enter a value where the system reports if the drive temperature is at or above this temperature in Celsius. 0 disables this report. |
SED Password | Use to set or change the password of this SED. This password is used insead of the global SED password. |
Clear SED Password | Select to chear the SED password for this disk. |
Use SAVE to save settings and return the Disks screen or use CANCEL to exit without saving.
Use the Import Disk screen to perform a one time disk import, only one disk at a time, on you TrueNAS system.
Settings | Description |
---|---|
Disk | Select the disk to import from the dropdown list. The import copies the data from the selected disk to an existing ZFS dataset. Only one disk can be imported at a time. This is a required field. |
Filesystem type | Select one radio button option to specity the file system type that is on the disk to import. Options are UFS, NTFS, MSDOSFS or EXT2FS. |
Destination Path | Browse to locate the dataset on the TrueNAS that is to hold the copied data. |
The SAVE button activates after required fields are populated.
See Import Disks for more information on importing a disk into your TrueNAS.
The Active Directory (AD) service shares resources in a Windows network environment. Go to Directory Services > Active Directory to set up AD on TrueNAS. The first Active Directory screen is a list of basic options.
Name | Description |
---|---|
Domain Name | Enter the Active Directory domain (example.com) or child domain (sales.example.com). Required field. |
Domain Account Name | Enter the Active Directory administrator account name. Required field. |
Domain Account Password | Enter the password for the Active Directory administrator account. Required when configuring a domain for the first time. After initial configuration, the password is not needed to edit, start or stop the service. |
Enable (requires password or Kerberos principle) | Enable the Active Directory services. Must enter the Domain Account Password when selecting this option for the first time. |
Click ADVANCED OPTIONS to access extra options shown below.
Click REBUILD DIRECTORY SERVICE CACHE to resync the cache if it becomes out of sync. Or if fewer users than expected are available or visible in the permissions editors.
Name | Description |
---|---|
Verbose logging | Select to log attempts to join the domain to |
Allow Trusted Domains | Selected if you do not want the username to include a domain name. Clear the checkbox to force the domain names to be prepended to usernames. One possible reason to not select this value is to prevent username collisions when this is selected and there are identical usernames across multiple domains. |
Use Default Domain | Leave checkbox clear to prepend the domain name to the user name. When not selected prevents name collisions when Allow Trusted Domains is set and multiple domains use the same user name. |
Allow DNS Updates | Select to enable Samba to do DNS updates when joining a domain. |
Disable FreeNAS Cache | Select to disable caching AD users and groups. This can help when unable to bind to a domain with a large number of users or groups. |
Restrict PAM | Select to restrict SSH access in certain circumstances. When selected only members of BUILTIN\Administrators have SSH access. |
Site Name | Enter the relative distinguished name of the site object in the Active Directory. |
Kerberos Realm | Select an existing realm added in Directory Services > Kerberos Realms. |
Kerberos Principal | Select the location of the principal in the keytab. Keytab created in Directory Services > Kerberos Keytabs. |
Computer Account OU | The organizational unit where new computer accounts get created. OU strings read from top to bottom without RDNs. Use slashes (/) as delimiters, like Computers/Servers/NAS. Use the backslash (\) to escape characters but not as a separator. Backslash interpretation takes place at many levels. Backslashes might need doubling or even quadrupling to take effect. When left blank, new computer accounts get created in the Active Directory default OU. |
AD Timeout | Number of seconds before timeout. To view the AD connection status, open the interface Task Manager. |
DNS Timeout | Number of seconds before a timeout. Increase this value if AD DNS queries time out. |
Winbind NSS Info | Select the schema to use when querying AD for user/group info from the dropdown list. rfc2307 uses the schema support included in Windows 2003 R2. sfu is for Service For Unix 3.0 or 3.5. sfu20 is for Service For Unix 2.0. |
Netbios Name | The Netbios name of this NAS is truenas. This name must differ from the Workgroup name and be no greater than 15 characters. |
NetBIOS alias | Alternative names that SMB clients can use when connecting to this NAS. Can be no greater than 15 characters. |
LEAVE DOMAIN | Disconnects the TrueNAS system from the Active Directory. |
Click SAVE to save settings.
Click BASIC OPTIONS to return to the Active Directory display of basic options only.
Click EDIT IDMAP to navigate to the Directory Services > Idmap screen.
Click REBUILD DIRECTORY SERVICE CACHE to resync the cache if it becomes out of sync. Or if fewer users than expected are available in the permissions editors.
On a system running Unix or a Unix-like OS, Idmap acts as a translator. Windows Security Identifier (SID)s convert to a user ID (UID) and group ID (GID). Use the Identity Mapping (Idmap) screen to configure Idmap service on the TrueNAS.
Click Edit IDMAP on the Active Directory > Advanced Options screen. The Edit Idmap screen displays. It lists all domains configured on the TrueNAS.
You can customize the information displayed in the Idmap table. Click the blue COLUMNS button to display a dropdown list of options. A check mark next to the option name means the column is currently visible. Select from Unselect All, Backend, DNS Domain Name, Range Low, Range High, Certificate or Reset to Defaults.
Click ADD to open the Idmap Add screen. Enable Active Directory before attempting to add new domains.
Click the more_vert icon to display the options for each domain, Edit or Delete.
Name | Description |
---|---|
Idmap Backend | Select the plugin interface for Windbind to use from the dropdown list. Plugin interfaces for Windbind use varying backends. These backends store SID/uid/gid mapping tables. The correct setting depends on the NAS deployment environment. |
Name | Enter the pre-Windows 2000 domain name or select from the dropdown list. |
DNS Domain Name | Enter the DNS name of the domain. |
Range Low | Determines the range of UID/GID numbers which this Idmap backend translates. External credentials like a Windows SID must map to a UID or GID number inside this range. Ignores external credentials outside this range. |
Range High | Determines the range of UID/GID numbers which this Idmap backend translates. External credentials like a Windows SID must map to a UID or GID number inside this range. Ignores external credentials outside this range. |
SSSD Compat | Select to generate Idmap low range based on same algorithm that SSSD uses by default. |
Click SAVE to save settings and return to the Idmap screen.
Click CANCEL to exit without saving and return to the Idmap screen.
Lightweight Directory Access Protocol (LDAP) is an industry standard. Directory information services deployed over an Internet Protocol (IP) network can use LDAP. Configure LDAP server settings on your TrueNAS using the Directory Services > LDAP screen.
Click SAVE to save settings.
Click ADVANCED OPTIONS to display extra LDAP configuration options.
Click REBUILD DIRECTORY SERVICE CACHE to resync the cache if it becomes out of sync. Or if fewer users than expected are available in the permissions editors.
Name | Description |
---|---|
Hostname | Enter the LDAP server host names or IP addresses. Separate entries with an empty space. To create an LDAP failover priority list, enter more than one host name or IP address. If a host does not respond, the system tries the next host on the list. This continues until the new connection succeeds. |
Base DN | Top level of the LDAP directory tree to use when searching for resources. For example, dc=test,dc=org. |
Bind DN | Enter an administrative account name on the LDAP server. For example, cn=Manager,dc=test,dc=org. |
Bind Password | Enter the password for the administrative account in Bind DN. |
Enable | Select to activate the configuration. Leave checkbox clear to disable the configuration without deleting it. |
Name | Description |
---|---|
Allow Anonymous Binding | Select to disable authentication and allow read and write access to any client. |
Kerberos Realm | Select an option configured on your system from the dropdown list. |
Kerberos Principle | Select an option configured on your system from the dropdown list. |
Encryption Mode | Select an encryption mode for the LDAP connection from the dropdown list. Select OFF to not encrypt the LDAP connection. Select ON to encrypt the LDAP connection with SSL on port 636. Select START_TLS to encrypt the LDAP connection with STARTTLS. This option uses the default LDAP port 389. |
Certificate | A certificate is not required when using a username and password. A certificate is not required when using Kerberos authentication. Select a certificate added to your system from the dropdown list. The default option is freenas_default. Or add a new LDAP certificate-based authentication for the LDAP provider to sign. See Certificate Signing Requests for more information. |
Validate Certificates | Select to validate the authenticity of the certificate. |
Disable LDAP User/Group Cache | Select to disable caching LDAP users and groups in large LDAP environments. When disabled, LDAP users and groups do not display on dropdown lists. They are still accepted when typed into fields. |
LDAP timeout | Default value is 10 seconds. Increase if Kerberos ticket queries are not responding within the default time. |
DNS timout | Default value is 10 seconds. Increase if DNS queries take too long to respond. |
Samba Schema (DEPRECATED - see help text) | Samba 4.13.0 deprecated Samba Schema. Select if SMB shares need LDAP authentication and the LDAP server is already configured with Samba attributes. If selected, specify the type of schema from the Schema dropdown list. |
Auxiliary Parameters | Enter for nslcd.conf. |
Schema | Select the Samba schema from the dropdown list. Options are RFC2307 or RFC2307BIS. |
Click SAVE to save settings and return to the LDAP screen.
Click BASIC OPTIONS to return to the LDAP display of basic options only.
Click EDIT IDMAP to navigate to the Directory Services > Idmap screen.
NIS is a client–server directory service protocol. Usage scenarios include the distribution of user and host names between networked computers. Use the Directory Services > NIS screen to configure Network Information Service on your TrueNAS.
NIS is limited in scalability and security. For modern networks, LDAP has replaced NIS.
Name | Description |
---|---|
NIS Domain | Enter a name and list any NIS domain host names or IP addresses. Press Enter to separate server entries. |
NIS Servers | Enter a name and list any NIS server host names or IP addresses. Press Enter to separate server entries. |
Secure Mode | Select to have ypbind(8) refuse to bind to any NIS server not running as root on a TCP port over 1024. |
Manycast | Select for ypbind to bind to the fastest responding server. |
Enable | Select to enable the configuration. Leave checkbox clear to disable the configuration without deleting it. |
Click SAVE to save configuration settings.
Click REBUILD DIRECTORY SERVICE CACHE to resync the cache if it becomes out of sync. Or if fewer users than expected are available in the permissions editors.
Kerberos is an authentication protocol. It allows nodes on a network to perform identity checks in a secure manner. Kerberos uses realms and keytabs to authenticate clients and servers. Go to Directory Services > Kerberos to configure Kerberos. These screens configure Kerberos realms and keytabs on your TrueNAS.
Both Kerberos Realms and Kerberos Keytabs display a table of what is currently on the system.
Click the blue Columns button to display a list of options. These options customize the table display. This button is available for both the realms and keytabs screens.
Click ADD to display the settings screens for either realms or keytabs.
Select Kerberos Settings to open the settings screen but no table.
Your network must contain a Key Distribution Center (KDC) to add a realm. A Kerberos realm is an authorized domain that a Kerberos server can use to authenticate a client. By default, TrueNAS creates a Kerberos realm for the local system.
Click ADD to create a realm on the TrueNAS. Click SUBMIT to save changes.
Basic Options
Name | Description |
---|---|
Realm | Enter a name for the realm. |
Advanced Options
Name | Description |
---|---|
KDC | Enter the name of the Key Distribution Center. If there is more than one value separate the values by pressing Enter. |
Admin Server | Define the server that performs all changes to the database. If there is more than one value separate the values by pressing Enter. |
Password Server | Define the server that performs all password changes. If there is more than one value separate the values by pressing Enter. |
A keytab (key table) is a file that stores encryption keys for various authentication scenarios. Kerberos keytabs allow systems and clients to join an Active Directory or LDAP. Keytabs make it possible to join without entering a password.
After generating the keytab, use the Add Kerberos Keytab screen to add it to your TrueNAS.
Kerberos Keytab
Name | Description |
---|---|
Name | Enter a name for the keytab. |
Choose File | Opens a file explorer window where you can locate and select the keytab file. |
Click SUBMIT to save settings or CANCEL to exit without saving.
Use the Directory Services > Kerberos Settings screen to enter any extra settings.
Name | Description |
---|---|
Appdefaults Auxiliary Parameters | Define any extra settings for use by some Kerberos applications. [appdefaults] section of krb.conf(5) lists the available settings and syntax. |
Libdefaults Auxiliary Parameters | Define any settings used by the Kerberos library. [libdefaults] section of krb.conf(5) lists the available settings and their syntax. |
File sharing is a core benefit of a NAS. TrueNAS helps foster collaboration between users through network shares.
TrueNAS can use AFP, iSCSI shares, Unix NFS shares, Windows SMB shares, and WebDAV shares.
Apple Filing Protocol (AFP) facilitates workgroup and Internet file sharing. It does this in a mixed-platform environment. Go to Sharing > AFP to set up an AFP share. Click ADD to edit AFP share settings.
AFP share creation is deprecated in CORE 13.0. A Recommendation dialog displays when accessing this screen and suggests sharing data with a different protocol.
Click CREATE AN SMB SHARE to display the SMB BASIC OPTIONS configuration screen.
Click CONTINUE WITH AFP SETUP to continue to the AFP > ADD BASIC OPTIONS configuration screen.
Click ADVANCED OPTIONS to display extra configuration settings. These configuration settings allow modifying the share Permissions and adding a Description. You can also specify any Auxiliary Parameters.
General Options
These settings display on the BASIC OPTIONS screen.
Name | Description |
---|---|
Path | Browse to the pool or dataset to share. Netatalk does not fully support nesting additional pools, datasets, or symbolic links beneath this path. |
Name | The pool name that appears in the connect to server dialog of the computer. This is a required field. |
Time Machine | Select to advertise TrueNAS as a Time Machine disk so Macs can find it. Configuring multiple shares for Time Machine use is not recommended. When multiple Macs share the same pool, low disk space issues and failed backups can occur. |
Use as Home Share | Select to allow the share to host user home directories. Only one share can be the home share. |
Enabled | Select to enable this AFP share. Clear checkmark to disable this AFP share without deleting it. |
Permissions
These settings display on the BASIC OPTIONS screen and after clicking ADVANCED OPTIONS.
Name | Description |
---|---|
Default Umask | Umask used for newly created files. Default is 000. This means anyone can read, write, and execute. |
File Permissions | Only works with Unix ACLs. New files created on the share are set with the selected permissions. |
Directory Permissions | Only works with Unix ACLs. New directories created on the share are set with the selected permissions. |
AFP3 Unix Privs | Select to enable Unix privileges supported by OSX 10.5 and higher. Do not enable this if the network contains Mac OSX 10.4 clients or lower as they do not support this feature. Only works with Unix ACLs. |
Allow | Comma-delimited list of allowed users and/or groups where groupname begins with a @. Note that adding an entry denies any user or group that is not specified. |
Read Only | Comma-delimited list of allowed users and/or groups where groupname begins with a @. Note that adding an entry denies any user or group that is not specified. |
Allow Hosts | Allow host names or IP addresses to connect to the share. Click ADD to add multiple entries. If neither Allow Hosts or Deny Hosts contains an entry, then allow AFP share access for any host. If there is an entry in Allow Hosts list but none in Deny Hosts list, then only allow hosts on the Allow Hosts list. If there is a entry in Deny Hosts list but none in Allow Hosts list, then allow all hosts that are not on the Deny Hosts list. If there are entries in both Allow Hosts and Deny Hosts list, then allow all hosts that are on the Allow Hosts list. If there is a host not on the Allow Hosts and not on the Deny Hosts list, then allow it. |
Deny | Comma-delimited list of allowed users and/or groups where groupname begins with a @. Note that adding an entry allows any user or group that is not specified. |
Read/Write | Comma-delimited list of allowed users and/or groups where groupname begins with a @. Note that adding an entry allows any user or group that is not specified. |
Deny Hosts | Deny host names or IP addresses access to the share. Click ADD to add multiple entries. If neither Allow Hosts or Deny Hosts contains an entry, then allow AFP share access for any host. If there is an entry in Allow Hosts list but none in Deny Hosts list, then only allow hosts on the Allow Hosts list. If there is an entry in Deny Hosts list but none in Allow Hosts list, then allow all hosts that are not on the Deny Hosts list. If there are entries in both Allow Hosts and Deny Hosts list, then allow all hosts that are on the Allow Hosts list. If there is a host not on the Allow Hosts and not on the Deny Hosts list, then allow it. |
Other Options
These settings display after clicking ADVANCED OPTIONS.
Name | Description |
---|---|
Descriptions | Optional description. |
Zero Device Number | Select to enable when the device number is inconstant across a reboot. |
No Stat | Select to allow AFP to not stat the pool path when enumerating the pools list. This is useful for automounting or pools created by a preexec script. |
Auxiliary Parameters | Additional afp.conf parameters not covered by other option fields. |
Click SUBMIT to save settings and create the share.
Click CANCEL to exit the Add screen without saving and return to the AFP screen.
To edit an existing AFP share, go to Sharing > Apple Shares (AFP) and click .
Internet Small Computer Systems Interface (iSCSI) represents standards for using Internet-based protocols for linking binary data storage device aggregations. IBM and Cisco submitted the draft standards in March 2000. Since then, iSCSI has seen widespread adoption into enterprise IT environments.
iSCSI functions through encapsulation. The Open Systems Interconnection Model (OSI) encapsulates SCSI commands and storage data within the session stack. The OSI further encapsulates the session stack within the transport stack, the transport stack within the network stack, and the network stack within the data stack. Transmitting data this way permits block-level access to storage devices over LANs, WANs, and even the Internet itself (although performance may suffer if your data traffic is traversing the Internet).
The table below shows where iSCSI sits in the OSI network stack:
OSI Layer Number | OSI Layer Name | Activity as it relates to iSCSI |
---|---|---|
7 | Application | An application tells the CPU that it needs to write data to non-volatile storage. |
6 | Presentation | OSI creates a SCSI command, SCSI response, or SCSI data payload to hold the application data and communicate it to non-volatile storage. |
5 | Session | Communication between the source and the destination devices begins. This communication establishes when the conversation starts, what it talks about, and when the conversion ends. This entire dialogue represents the session. OSI encapsulates the SCSI command, SCSI response, or SCSI data payload containing the application data within an iSCSI Protocol Data Unit (PDU). |
4 | Transport | OSI encapsulates the iSCSI PDU within a TCP segment. |
3 | Network | OSI encapsulates the TCP segment within an IP packet. |
2 | Data | OSI encapsulates the IP packet within the Ethernet frame. |
1 | Physical | The Ethernet frame transmits as bits (zeros and ones). |
Unlike other sharing protocols on TrueNAS, an iSCSI share allows block sharing and file sharing. Block sharing provides the benefit of block-level access to data on the TrueNAS. iSCSI exports disk devices (zvols on TrueNAS) over a network that other iSCSI clients (initiators) can attach and mount.
There are a few different approaches for configuring and managing iSCSI-shared data:
TrueNAS CORE web interface: the TrueNAS web interface is fully capable of configuring iSCSI shares. This requires creating and populating zvol block devices with data, then setting up the iSCSI Share. TrueNAS Enterprise licensed customers also have additional options to configure the share with Fibre Channel.
TrueNAS SCALE web interface: TrueNAS SCALE offers a similar experience to TrueNAS CORE for managing data with iSCSI; create and populate the block storage, then configure the iSCSI share.
TrueNAS EnterpriseTrueNAS Enterprise customers that use vCenter to manage their systems can use the TrueNAS vCenter Plugin to connect their TrueNAS systems to vCenter and create and share iSCSI datastores. This is all managed through the vCenter web interface.
For more information on iSCSI shares also see:
Users can configure an iSCSI block share using either the wizard or the individual configuration screens. The wizard steps users through the configuration process in an ordered sequence. Using the seven tabs on the iSCSI screen allows users to configure settings in any order they choose (a manual process).
The iSCSI Wizard configuration forms guide users through the process of setting up an iSCSI block share. Click WIZARD to display the first configuration screen.
Use Next to advance to the next wizard configuration form. Use Back to return to a previous wizard configuration form. Use Cancel to exit the configuration wizard.
The manual configuration screens allow you to add or edit an iSCSI block share. There are seven configuration screens accessed from tabs at the top of the iSCSI screen. Unlike the wizard configuration option, you can move from one screen to another in any sequence.
TrueNAS EnterpriseFibre Channel is an Enterprise feature in TrueNAS CORE. Only TrueNAS systems licensed for Fibre Channel have the Fibre Channel Ports tab on the Sharing > Block Shares (iSCSI) screen.
Fibre Channel is a high-speed data transfer protocol providing in-order, lossless delivery of raw block data. Fibre Channel is primarily used to connect computer data storage to servers in storage area networks in commercial data centers. The Fibre Channel protocol is fast, cost effective, and reliable over a wide variety of storage workloads.
Initiators and Authorized Access screens only apply to iSCSI block shares and can be ignored when configuring Fibre Channel ports.
The Fibre Channel Ports screen displays a table of ports configured on the TrueNAS.
Use the blue Columns button to display options to can change the Fibre Channel table display. Options are Unselect All, WWPN, State or Reset to Defaults.
Click chevron_right to expand the Fibre Channel Ports options.
The Mode radio buttons display additional information on the screen based on the selection made.
Name | Description |
---|---|
Initiator | Sets the port as an initiator. Displays Connected Initiators on the right side of the screen for the selected target. |
Target | Sets the port as a target. Dipslays the Targets dropdown list field on the right side of the screen. Select the port from the list. Connected Initiators for the selected target display below the dropdown field. |
Disabled | Disables the selected Fibre Channel port. |
SAVE after making any setting change.
The Targets > Add screen Target Mode dropdown list includes options to select iSCSI, Fibre Channel, or Both.
The Targets > Add screen Target Mode dropdown list includes options to select iSCSI, Fibre Channel, or Both.
Unix and Unix-like operating systems often use the Network File System (NFS) protocol. NFS shares data across a network as part of a distributed file system. Go to Sharing > Unix Shares (NFS) to access the NFS screen to create a Network File System (NFS) share on TrueNAS.
Click COLUMNS to change the NSF table view. Options include Unselect All, Description, Enabled or Reset to Defaults.
Click ADD to open the BASIC OPTIONS configuration screen.
Name | Description |
---|---|
Path | Type or browse to the full path to the pool or dataset to share. Click ADD to add another Path setting field. Repeat to configure multiple paths. |
Description | Enter any notes or reminders about the share. |
All dirs | Select checkbox to allow the client to mount any subdirectory within the Path. Clear to only allow clients to mount the Path endpoint. |
Quiet | Select to suppress some syslog diagnostics to avoid error messages. See exports(5) for examples. Clear checkbox to allow all syslog diagnostics. This can lead to additional cosmetic error messages. |
Enabled | Select checkbox to enable this NFS share. Clear checkbox to disable this NFS share without deleting the configuration. |
Click ADVANCED OPTIONS to display extra settings. These settings allow tuning the share access permissions and defining authorized networks.
Access Settings
Name | Description |
---|---|
Read Only | Select checkbox to prohibit writing to the share. Clear checkbox to allow writing to the share. |
Maproot User | Enter a new string or select a user to apply that user permissions to the root user. Dropdown list displays a list of all users on the system. |
Maproot Group | Enter a new string or select a group to apply that group permissions to the root user. Dropdown list displays a list of all groups on the system. |
Mapall User | Enter a new string or select a user to apply permissions for the chosen user to all clients. |
Mapall Group | Enter a new string or select a group to apply permissions for the chosen group to all clients. |
Authorized Networks | Enter an allowed network in network/mask CIDR notation. Click ADD to define another authorized network. Defining an authorized network restricts access to all other networks. Leave empty to allow all networks. |
Authorized Hosts and IP addresses | Enter a host name or IP address to allow that system access to the NFS share. Click ADD to define another allowed system. Defining authorized systems restricts access to all other systems. Leave field empty to allow all systems access to the share. |
Click SUBMIT to save NFS share settings.
Click CANCEL to exit without saving and return to the NFS Shares screen.
To edit an existing NFS share click the more_vert for the share and select Edit. The options available are identical to the ADD share setting options.
Web Distributed Authoring and Versioning (WebDAV) is an extension of HTTP. It is a protocol designed to help with web content authoring and management. Use the Sharing WebDAV screen to configure WebDAV on your TrueNAS.
Click COLUMNS to change the columns displayed in the table. Options are Select All, Description, Path, Enabled, Read Only, Change User and Group Owners or Reset to Defaults.
Click ADD to open the WebDAV configuration screen.
Name | Description |
---|---|
Name | Enter a name for the share. |
Description | Optional. |
Path | Browse to the pool or dataset to share. |
Read Only | Select to prohibit users from writing to this share. |
Change User & Group Ownership | Change existing ownership of all files in the share to user webdav and group webdav. Clearing the check mark means you must manually set ownership of the files accessed through WebDAV to the webdav or www user/group. |
Enabled | Select to enable this WebDAV share. Leave checkbox clear to disable this WebDAV share without deleting it. |
Server Message Block (SMB) is a file sharing protocol. Windows and other operating systems use SMB.
Go to Sharing > Windows Shares (SMB) to display the SMB screen and setup SMB shares on your TrueNAS.
Click Columns to change the information displayed in the table. Options are Unselect All, Path, Description, Enabled and Reset to Defaults.
Click Add to display the BASIC Options settings screen.
Name | Description |
---|---|
Path | Use the file browser or click the /mnt to select the pool, dataset or directory to share. |
Name | Enter a name for the SMB share. |
Purpose | Select a preset purpose configuration. This locks in predetermined values for the share. This includes Advanced Options, as well as the Path Suffix. Select from the dropdown list. Options are: No presets Default share parameters Multi-user time machine Multi-protocol (AFP/SMB) shares Multi-protocol (NFSv3/SMB) shares Private SMB Datasets and Shares SMB WORM. Files become readonly via SMB after 5 minutes. Note: The SMB WORM preset only impacts writes over the SMB protocol. Prior to deploying this option in a production environment the user needs to determine whether the feature meets his / her requirements. See “What do all the presets do?” for more information on presets. |
Description | Optional. Explains the purpose of the share. |
Enabled | Select to enable this SMB share. Clear checkbox to disable the share without deleting the configuration. |
Access and Other Options are the two options groups. Access settings allow systems or users to access or change the shared data.
Name | Description |
---|---|
Enable ACL | Select to add Access Control List (ACL) support to the share. Leave checkbox clear to disable ACL support and delete any existing ACL for the share. |
Export Read Only | Select to prohibit writes to the share. Leave checkbox clear to allow writes to the share. |
Browsable to Network Clients | Select to include this share name when browsing shares. Home shares are only visible to the owner regardless of this setting. |
Allow Guest Access | Select to make privileges the same as the guest account. Windows 10 version 1709 and Windows Server version 1903 have disabled guest access. Guest access for these clients requires extra client-side configuration. MacOS clients: Trying to connect as a user that does not exist in TrueNAS does not default to the guest account. The Connect As: Guest option must be specifically chosen in MacOS to log in as the guest account. See the Apple documentation for more details. |
Access Based Share Enumeration | Select to restrict share visibility to users with read or write access to the share. See the smb.conf manual page. |
Hosts Allow | Enter a list of allowed host names or IP addresses. Separate entries by pressing Enter. A more detailed description with examples see here. |
Hosts Deny | Enter a list of denied host names or IP addresses. Separate entries by pressing Enter. |
The Other Options have settings for improving Apple software compatibility. There are also ZFS snapshot features, and other advanced features.
Name | Description |
---|---|
Use as Home Share | Select to allow the share to host user home directories. Gives each user a personal home directory when connecting to the share. This personal home directory is not accessible by other users. This allows for a personal, dynamic share. It is only possible to use one share as the home share. See the configuring Home Share article for detailed instructions. |
Time Machine | Select to enable Apple Time Machine backups on this share. |
Enable Shadow Copies | Select to allow export ZFS snapshots as Shadow Copies for Microsoft Volume Shadow Copy Service (VSS) clients. |
Export Recycle Bin | When selected, moves and renames deleted files from the same dataset to per-user subdirectory within the .recycle directory at either the root of the SMB share if the path is the same dataset as the SMB share, or at the root of the current dataset if datasets are nested. Nested datasets do not have automatic deletion based on file size. These files do not take any extra space. Do not rely on this function for backups or replacements of ZFS snapshot. |
Use Apple-style Character Encoding | Select to convert NTFS illegal characters in the same manner as MacOS SMB clients. By default, Samba uses a hashing algorithm for NTFS illegal characters. |
Enable Alternate Data Streams | Select to allow multiple NTFS data streams. Disabling this option causes MacOS to write streams to files on the file system. |
Enable SMB2/3 Durable Handles | Select to allow using open file handles that can withstand short disconnections. Support for POSIX byte-range locks in Samba is also disabled. This option is not recommended when configuring multi-protocol or local access to files. |
Enable FSRVP | Select to enable support for the File Server Remote VSS Protocol (FSVRP). This protocol allows Remote Procedure Call (RPC) clients to manage snapshots for a specific SMB share. The share path must be a dataset mountpoint. Snapshots have the prefix fss- followed by a snapshot creation timestamp. A snapshot must have this prefix for an RPC user to delete it. |
Path Suffix | Appends a suffix to the share connection path. This provides unique shares on a per-user, per-computer, or per-IP address basis. Suffixes can contain a macro. See the smb.conf manual page for a list of supported macros. The connectpath must be preset before a client connects. |
Auxiliary Parameters | Additional smb.conf settings. |
Click Submit to save settings. This creates the share and adds it to the Sharing > Windows Shares (SMB) list.
Click CANCEL to exit without saving and return to the main SMB screen.
The Services screen lists all services available on the TrueNAS.
Activate or configure a service on the Services page.
Use the right slider to scroll down to the bottom of the list of services or click on page 2, or the or arrows.
Begin typing in the Filter Search field to narrow down the list of services to locate a service.
After you configure a service, determine if you want it to start after the system boots. If so, select Start Automatically for that service.
Click the toggle to start or stop the service, depending on the current state. Hover the mouse over the toggle to see the current state of that service. The toggle turns blue when it is running.
Click the
icon to display the settings screen for a service.Sharing provides documentation for services related to data sharing. Tasks provides documentation for services related to automated tasks.
The articles in the Services navigation panel are also listed below:
The Apple Filing Protocol (AFP) is a network protocol that allows file sharing over a network. It is like SMB and NFS, but it is for Apple systems.
Apple began using the SMB sharing protocol as the default option for file sharing in 2013. At that time Apple ceased development of the AFP sharing protocol. The recommendation is to use SMB sharing instead of AFP. AFP sharing is still used if files are being shared with legacy Apple products. Please see https://en.wikipedia.org/wiki/Apple_Filing_Protocol and https://appleinsider.com/articles/13/06/11/apple-shifts-from-afp-file-sharing-to-smb2-in-os-x-109-mavericks
Use the Services AFP screen to configure Apple Filing Protocol (AFP) service on your TrueNAS.
Click SAVE to save settings.
Click CANCEL to exit without saving and return to the Services screen.
General Option
Name | Description |
---|---|
Database Path | The database information stored in the path. If the pool has read-only status, the path must still be writable. |
Access
Name | Description |
---|---|
Guest Account | Select an account to use for guest access. This account must have permissions to the shared pool or dataset. Any client connecting to the guest service has the privileges of the guest account user. This user must exist in the password file, but does not need a valid login. Root user cannot be the guest account. |
Guest Access | Select to disable the password prompt that displays before clients access AFP shares. |
Max Connections | Maximum number of simultaneous connections permitted via AFP. The default limit is 50. |
Chmod Request | Indicates how to handle access control lists. Select Ignore to disregard requests. Selecting Ignore also gives the parent directory ACL inheritance full control over new items. Select Preserve to preserve ZFS ACEs for named users and groups or the POSIX ACL group mask. Select Simple to configure chmod() as requested without any extra steps. |
Map ACLs | Maps permissions for authenticated users. Select Rights (default, Unix-style permissions), None, or Mode (ACLs). |
Other Options
Name | Description |
---|---|
Log Level | Record AFP service messages up to the specified log level in the system log. The system logs severe and warning level messages by default. |
Bind Interfaces | Specify the IP addresses to listen for AFP connections. Leave blank to bind to all available IPs. If no IP addresses specified, advertise the first IP address of the system. If no IP addresses specified, listen for any incoming request. |
Global Auxiliary | Additional afp.conf(5) parameters. |
ISPs often change the IP address of the system. With Dynamic Domain Name Service (DDNS) the current IP address continues to point to a domain name. This provides uninterrupted access to TrueNAS.
General Options
Name | Description |
---|---|
Provider | Select the provider from the dropdown list of supported providers. If a specific provider is not listed, select Custom Provider. Enter the information in the Custom Server and Custom Path fields. |
Custom Server | Displays after selecting Custom Provider in the Provider field. Enter the DDNS server name. For example, members.dyndns.org denotes a server like dyndns.org. |
Custom Path | Displays after selecting Custom Provider in the Provider field. Enter the DDNS server path. Path syntax can vary by provider. Obtain path syntax from that provider. For example, /update?hostname= is a simple path for the update.twodns.de custom sever. The host name is automatically appended by default. For more examples see In-A-Dyn documentation. |
CheckIP-Server SSL | Use HTTPS for the connection to the CheckIP Server. |
CheckIP Server | Name and port of the server that reports the external IP address. For example, entering checkip.dyndns.org:80 uses Dyn IP detection to discover the remote socket IP address. |
CheckIP Path | Path to the CheckIP server. For example, no-ip.com uses a CheckIP Server of dynamic.zoneedit.com and CheckIP Path of |
SSL | Use HTTPS for the connection to the server that updates the DNS record. |
Domain Name | Fully qualified domain name of the host with the dynamic IP address. Separate multiple domains with a space, comma (,), or semicolon (;). For example, myname.dyndns.org; myothername.dyndns.org. |
Update Period | How often the IP is checked in seconds. |
Credentials
Name | Description |
---|---|
Username | User name for logging in to the provider and updating the record. |
Password | Password for logging in to the provider and updating the record. |
The SAVE button activates after you enter your domain name in Domain Name. Click to save all settings.
After configuring your DDNS service, turn the service on using the Services screen.
File Transfer Protocol (FTP) is a communication protocol. It transfers data across a computer network. Configure FTP service settings on TrueNAS using the FTP services screen.
After making changes to settings click SAVE to confirm and save your changes.
Click ADVANCED OPTIONS to display advanced settings options. Click BASIC OPTIONS to return to the basic settings options.
Click CANCEL to exit without saving.
Name | Description |
---|---|
Port | Enter the port the FTP service listens on. |
Clients | Enter the maximum number of simultaneous clients. |
Connections | Enter the maximum number of connections per IP address. 0 is unlimited. |
Login Attempts | Enter the greatest number of attempts client permitted before disconnect. Increase if users are prone to misspellings or typos. |
Timeout | Enter the maximum client idle time in seconds before disconnect. Default value is 600 seconds. |
Certificate | Select from the dropdown list the SSL certificate to use for TLS FTP connections. Currently listed as freenas_default. To create a certificate, go to System > Certificates. |
Click Advanced Options if you need to customize your FTP service. Advanced Options are more detailed than the Basic Options settings.
Access Settings
Name | Description |
---|---|
Always Chroot | Select to only allow users access their home directory if they are in the wheel group. This option increases security risk. |
Allow Root Login | Select to allow root logins. Selecting this option increases security risk. Not recommended. |
Allow Anonymous Login | Select to allow anonymous FTP logins with access to the directory specified in Path. |
Allow Local User Login | By default, only members of the ftp group can to log in. Select this checkbox to allow any local user to log in. |
Require IDENT Authentication | Select to require IDENT authentication. Selecting this option results in timeouts when ident (or in Shell identd ) is not running on the client. |
File Permissions | Select to define default permissions for newly created files. |
Directory Permissions | Select to define default permissions for newly created directories. |
TLS Settings
Unless necessary, do not allow anonymous or root access. For better security, enable TLS when possible. This is effectively FTPS. When FTP is exposed to a WAN, enable TLS.
Name | Description |
---|---|
Enable TLS | Select to allow encrypted connections. Requires a certificate. To create or import a certificate go to System > Certificates. |
TLS Policy | Select the policy from the dropdown list of options. Options are On, Off, Data, !Data, Auth, Ctrl, Ctrl + Data, Ctrl +!Data, Auth + Data or Auth +!Data. Defines whether the control channel, data channel, both channels, or neither channel of an FTP session must occur over SSL/TLS. The policies are described here. |
TLS Allow Client Renegotiations | Select to allow client renegotiation. This option is not recommended. Selecting this option breaks several security measures. See mod_tls for details. |
TLS Allow Dot Login | If selected, TrueNAS checks the user home directory for a .tlslogin file. This file must contain one or more PEM-encoded certificates. System prompts user for password authentication if file not found. |
TLS Allow Per User | If selected, allows sending a user password unencrypted. |
TLS Common Name Required | Select to require the common name in the certificate match the FQDN of the host. |
TLS Enable Diagnostics | Select to make logs more verbose. Useful in troubleshooting a connection. |
TLS Export Certificate Data | Select to export the certificate environment variables. |
TLS No Certificate Request | Select if the client cannot connect due to a problem with the certificate request. Example: the client server is unable to handle the server certificate request. |
TLS No Empty Fragments | Not recommended. This option bypasses a security mechanism. |
TLS No Session Reuse Required | This option reduces connection security. Only select if the client does not understand reused SSL sessions. |
TLS Export Standard Vars | Select to put in place several environment variables. |
TLS DNS Name Required | Select to require the client DNS name resolve to its IP address, and the cert contain the same DNS name. |
TLS IP Address Required | Select to require the client certificate IP address match the client IP address. |
Bandwitdth Settings
Name | Description |
---|---|
Local User Upload Bandwidth: (Examples: 500 KiB, 500M, 2 TB) | Enter a value. If measurement is not specified it defaults to KiB. This field accepts human-readable input in KiBs or greater (M, GiB, TB, etc.). The unlimited default is 0 KiB. |
Local User Download Bandwidth | Enter a value. If measurement is not specified it defaults to KiB. This field accepts human-readable input in KiBs or greater (M, GiB, TB, etc.). The unlimited default is 0 KiB. |
Anonymous User Upload Bandwidth | Enter a value. If measurement is not specified it defaults to KiB. This field accepts human-readable input in KiBs or greater (M, GiB, TB, etc.). The unlimited default is 0 KiB. |
Anonymous User Download Bandwidth | Enter a value. If measurement is not specified it defaults to KiB. This field accepts human-readable input in KiBs or greater (M, GiB, TB, etc.). The unlimited default is 0 KiB. |
Other Options Settings
Name | Description |
---|---|
Minimum Passive Port | Used by clients in PASV mode. A default of 0 means any port above 1023. |
Maximum Passive Port | Used by clients in PASV mode. A default of 0 means any port above 1023. |
Enable FXP | Select to enable the File eXchange Protocol (FXP). Not recommended as this leaves the server vulnerable to FTP bounce attacks. |
Allow Transfer Resumption | Select to allow FTP clients to resume interrupted transfers. |
Perform Reverse DNS Lookups | Select to allow performing reverse DNS lookups on client IPs. Causes long delays if reverse DNS isn’t configured. |
Masquerade Address | Public IP address or host name. Select if FTP clients cannot connect through a NAT device. |
Display Login | Specify the message displayed to local login users after authentication. This is not displayed to anonymous login users. |
Auxiliary Parameters | Select to add additional proftpd(8 parameters. |
Network devices often use Link Layer Discovery Protocol (LLDP) to communicate information. This information includes their identities, abilities and peers on a LAN. The LAN is typically wired Ethernet. The TrueNAS LLDP services screen configures LLDP on the system.
General Options
Name | Description |
---|---|
Interface Description | Select to enable receive mode. Interface description stores any peer information received. |
County Code | Select the two-letter ISO 3166-1 alpha-2 code used to enable LLDP location support. The dropdown list is a comprehensive list of two-character country codes. |
Location | Enter the physical location of the host. |
Network File System (NFS) is an open IETF standard remote file access protocol. Use the Services NFS screen to enable NFS services on your TrueNAS.
Click SAVE to save settings and return to the Services screen.
Click CANCEL to exit without saving and return to the Services screen.
Name | Description |
---|---|
Number of servers | Enter a number to specify how many servers to create. Increase if NFS client responses are slow. Keep this less than or equal to the number of CPUs reported by sysctl -n kern.smp.cpus to limit CPU context switching. |
Bind IP Addresses | Select IP addresses from dropdown list to listen to for NFS requests. Leave empty for NFS to listen to all available addresses. |
Enable NFSv4 | Select checkbox to switch from NFSv3 to NFSv4. |
NFSv3 ownership model for NFSv4 | Select checkbox to provide specific NFSv4 ACL support. This does not require the client and the server to sync users and groups. |
Require Kerberos for NFSv4 | Select checkbox to force NFS shares to fail if the Kerberos ticket is unavailable. |
Serve UDP NFS clients | Select checkbox if NFS clients need to use the User Datagram Protocol (UDP). |
Allow non-root mount | Select checkbox only if required by the NFS client. Select to allow serving non-root mount requests. |
Support >16 groups | Select checkbox when a user is a member of more than 16 groups. Requires correct configuration of group membership on the NFS server. |
Log mountd(8) requests | Select checkbox to log mountd syslog requests. |
Log rpc.statd(8) and rpc.lockd(8) | Select checkbox to log rpc.statd and rpc.lockd syslog requests. |
mountd(8) bind port | Enter a number to bind mountd only to that port. |
rpc.statd(8) bind port | Enter a number to bind rpc.statd only to that port. |
rpc.lockd(8) bind port | Enter a number to bind rpc.lockd only to that port. |
The recommendation is to use the default settings for the NFS service. Make changes if there is a need for a specific setting.
OpenVPN is an open source connection protocol. OpenVPN creates a secure connection between 2 points in a network. VPN services use OpenVPN to safeguard data integrity and provide anonymity. There two OpenVPN services on TrueNAS, the OpenVPN Client and OpenVPN Server.
Use OpenVPN Client to configure the client settings.
General Options
Name | Description |
---|---|
Client Certificate | Select a valid client certificate from the dropdown list. The option is freenas_default. A certificate must exist on this system that is current and not revoked. Find more about generating certificates and CAs for OpenVPN here. |
Root CA | Select the root Certificate Authority used to sign the Client and Server certificates. Find more about generating certificates and CAs for OpenVPN here. |
Remote | Enter a valid IP address or domain name to which OpenVPN connects. |
Port | Enter a port number to use for the connection. |
Authentication Algorithm | Select an algorithm to authenticate packets. The dropdown list provides a list of algorithms to choose from. This is used to confirm packets sent over the network connection. Your network environment might need a specific algorithm. If not, select SHA1 HMAC which is a good standard algorithm to use. |
Cipher | Select a cipher algorithm to encrypt data channel packets sent through the connection. While not required, using a cipher increases connection security. Verify if your networking environment requires a particular cipher. If not, AES-256-GCM is a good default choice. The dropdown list provides a list of encryption ciphers to choose from. |
Compression | Select a compression algorithm from the dropdown list. Dropdown list options are LZ0 or LZ4. Leave the field empty to send data uncompressed. LZ0 is the standard compression algorithm. It is backwards compatible with previous (pre-2.4) versions of OpenVPN. LZ4 is a newer option that is typically faster with less system resources required. |
Protocol | Select the protocol to use when connecting with the remote system. Select from the dropdown list options UDP, UDP4, UDP6, TCP, TCP4 or TCP6. Select UDP or TCP. UDP sends packets in a continuous stream. It is generally faster and less strict about dropped packets than TCP. TCP sends packets sequentially. To force the connection to be IPv4 or IPv6 choose the UDP or TCP version with the 4 or 6 respectively. |
Device Type | Select a virtual network interface from the dropdown list. Options are TUN or TAP. The client and server Device Type must be the same. For information see here. |
Nobind | Select to enable and to prevent binding to local address and port. Required if running OpenVPN client and server at the same time. |
TLS Crypt Auth Enabled | Select to enable or clear checkbox to disable TLS Web Client Authentication. |
Additional Parameters | Enter any extra parameters for the client. This manually configures any of the core OpenVPN config file options. Refer to the OpenVPN Reference Manual for descriptions of each option. |
TLS Crypt Auth | Encrypts all TLS handshake messages to add another layer of security. OpenVPN server and clients share a required static key. Enter the static key for authentication/encryption of all control channel packets. Must enable tls_crypt_auth_enabled. |
Use OpenVPN Server to configure the server settings.
Configure and save your OpenVPN server settings. Click DOWNLOAD CLIENT CONFIG to generate the certificate file you need from the client system.
Click Client Certificate to generate the configuration file you need from the client system already imported on the system.
General Options
Name | Description |
---|---|
Server Certificate | Select a valid server certificate from the dropdown list. The option is freenas_default. A certificate must exist on this system that is current and not revoked. Find more about generating certificates and CAs for OpenVPN here. |
Root CA | Select the root Certificate Authority used to sign the Client and Server certificates. Find more about generating certificates and CAs for OpenVPN here. |
Server | Enter the IP address and netmask of the server. |
Port | Enter a port number to use for the connection. |
Authentication Algorithm | Select an algorithm to authenticate packets. The dropdown list provides a list of algorithms to choose from. Your network environment might require a specific algorithm. If not, select SHA1 HMAC which is a good standard algorithm to use. |
Cipher | Select a cipher algorithm to encrypt data channel packets sent through the connection. While not required, using a cipher increases connection security. Verify if your networking environment requires a particular cipher. If not, AES-256-GCM is a good default choice. The dropdown list provides a list of encryption ciphers to choose from. |
Compression | Select a compression algorithm from the dropdown list. Dropdown list options are LZ0 or LZ4. Leave the field empty to send data uncompressed. LZ0 is the standard compression algorithm. It is backwards compatible with previous (pre-2.4) versions of OpenVPN. LZ4 is a newer option that is typically faster with less system resources required. |
Protocol | Select the protocol to use when connecting with the remote system. Select from the dropdown list options UDP, UDP4, UDP6, TCP, TCP4 or TCP6. Select UDP or TCP. UDP sends packets in a continuous stream. It is generally faster and less strict about dropped packets than TCP. TCP sends packets sequentially. To force the connection to be IPv4 or IPv6 choose the UDP or TCP version with the 4 or 6 respectively. |
Device Type | Select a virtual network interface from the dropdown list. Options are TUN or TAP. The client and server Device Type must be the same. For more information see here. |
Topology | Select to configure virtual addressing topology when running in TUN mode. Dropdown list options are NET30, P2P or SUBNET. TAP mode always uses a SUBNET topology. |
TLS Crypt Auth Enabled | Select to enable or clear checkbox to disable TLS Web Client Authentication. |
Additional Parameters | Enter any extra parameters. |
TLS Crypt Auth | Encrypting TLS handshake messages adds another layer of security. OpenVPN server and clients share a required static key. Enabling tls_crypt_auth_enabled generates a static key if tls_crypt_auth is not provided. The generated static key is for use with OpenVPN client. Enter that key here. |
Self-Monitoring, Analysis and Reporting Technology (S.M.A.R.T.) is an industry standard. S.M.A.R.T. performs disk monitoring and testing. It checks drive reliability and predicts hardware failures.
Name | Description |
---|---|
Check Interval | Enter the time in minutes for smartd to wake up and check if any tests are configured to run. |
Power Mode | Select the power mode from the dropdown list. Options are Never, Sleep, Standby or Idle. S.M.A.R.T. only tests when the Power Mode is Never. |
Difference | Enter a number of degrees in Celsius. S.M.A.R.T. reports if a drive temperature changes by N degrees Celsius since the last report. |
Informational | Enter a threshold temperature in Celsius. S.M.A.R.T. sends a message with a LOG_INFO log level if the temperature is above the threshold. |
Critical | Enter a threshold temperature in Celsius. S.M.A.R.T. sends a message with a LOG_CRIT log level and send an email if the temperature is above the threshold. |
Due to security vulnerabilities and maintainability issues, the S3 service is deprecated in TrueNAS 13.0 and removed in TrueNAS 22.12 and newer versions. Beginning in CORE 13.0-U6, the CORE web interface generates an alert when the deprecated service is either actively running or is enabled to start on boot.
TrueNAS EnterpriseBeginning in CORE 13.0-U6, Enterprise customers with the S3 service running or enabled are prevented from upgrading to the next major version.
Please contact iX Support to review options for migrating to a TrueNAS release that has Minio applications available.
Use the Services SMB screen to configure SMB service settings. Unless a specific setting is needed or configuring for a specific network environment, it is recommended to use the default settings for the SMB service.
Name | Description |
---|---|
NetBIOS Name | Populates with the original host name of the system truenas. Enter a name that does not exceed 15 characters and is not the same name in Workgroup. |
NetBIOS Alias | Enter any aliases, separated by spaces. Each alias can be up to 15 characters long. |
Workgroup | Value must match Windows workgroup name. If unconfigured, TrueNAS uses Active Directory or LDAP to detect and select the correct workgroup. Active Directory or LDAP must be active for TrueNAS to do this. |
Description | Optional. Enter a server description. |
Enable SMB1 support | Select to allow legacy SMB clients to connect to the server. Note that SMB1 is being deprecated. The recommendation is to upgrade the client OS. The OS upgrade should support modern versions of the SMB protocol. |
NTLMv1 Auth | Select to allow smbd(8) attempts to authenticate users with NTLMv1 encryption. NTLMv1 is not secure and is a vulnerability. NTLMv1 authentication is off by default. This setting allows backward compatibility with older versions of Windows. It is not recommended. Do not use on untrusted networks. |
Name | Description |
---|---|
Unix Charset | Select an option from the dropdown list. Default is UTF-8 which supports all characters in all languages. |
Log Level | Select an option from the dropdown list. Options are None, Minimum, Normal, Full or Debug. Records SMB service messages up to the specified log level. Logs error and warning level messages by default. |
Use Syslog Only | Select to log authentication failures in |
Local Master | Select to determine if the system participates in a browser election. Leave checkbox clear when the network contains an AD or LDAP server. Leave checkbox clear when Vista or Windows 7 machines are present. |
Enable Apple SMB2/3 Protocol Extensions | Select to allow macOS to use these protocol extensions. Improves the performance and behavioral characteristics of SMB shares. Required for Apple Time Machine support. |
Administrators Group | Select an option from the dropdown list. Members of this group are local admins. Local admins have privileges to take ownership of any file in the SMB share. They can reset permissions. Local admins can administer the SMB server through the Computer Management MMC snap-in. |
Guest Account | Select an account to use for guest access from the dropdown list. Default is nobody. The selected account must have permissions to the shared pool or dataset. To adjust permissions, edit the dataset Access Control List (ACL). Add a new entry for the selected guest account, and configure the permissions in that entry. Deleting the selected user in Guest Account resets the field to nobody. |
File Mask | Overrides default file creation mask of 0644. File creation mask 0644 creates files with read and write access for everybody. |
Directory Mask | Overrides default directory creation mask of 0755. Directory creation mask 0755 grants directory read, write and execute access for everybody. |
Bind IP Addresses | Select from the dropdown list. These are the static IP addresses which SMB listens on for connections. If not selected, defaults to listen on all active interfaces. |
Auxiliary Parameters | Enter additional smb.conf options. See the Samba Guide for more information on these settings. To log more details when a client attempts to authenticate to the share, add log level = 1, auth_audit:5. |
Simple Network Management Protocol (SNMP) is an Internet Standard protocol. SNMP gathers and sorts data about managed devices on IP networks, such as LANs and WANs. Use the SNMP screen to configure SNMP service on your TrueNAS.
After selecting SNMP v3 Support more configuration fields display.
After filling in all required fields with appropriate values, the SAVE button activates. Click SAVE to save settings.
Click CANCEL to exit without saving and display the Services screen.
Field Descriptions
General Options
Name | Description |
---|---|
Location | Enter the location of the system. |
Contact | Enter the email address to receive SNMP service messages. |
Community | Enter a community other than the default public to increase system security. Value can only contain alphanumeric characters, underscores (_), dashes (-), periods (.), and spaces. Not required and can leave this empty for SNMPv3 networks. |
SNMP v3 Options
Name | Description |
---|---|
SNMP v3 Support | Select to to enable support for SNMP version 3. See snmpd.conf(5) for configuration details. |
Username | Enter a user name to register with this service. |
Authentication Type | Select an authentication method: — for none, SHA, or MD5 from the dropdown list. |
Password | Enter a password of at least eight characters. |
Privacy Protocol | Select a privacy protocol: — for none, AES, or DES from the dropdown list. |
Privacy Passphrase | Enter a separate privacy passphrase. Password is used when this is left empty. |
Other Options
Name | Description |
---|---|
Auxiliary Parameters | Enter any additional snmpd.conf options. Add one option for each line. |
Expose zilstat via SNMP | Select to enable. If enabled this option might have performance implications on your pools. |
Log Level | Select how many log entries to create. Dropdown list options are Emergency, Alert, Critical, Error, Warning, Notice, Info and Debug. |
Secure Socket Shell (SSH) is a network communication protocol. It provides encryption to secure data. Use the SSH services screen to configure SSH File Transfer Protocol (SFTP). SFTP is available by enabling SSH remote access to the TrueNAS system.
Allowing external connections to TrueNAS is a security vulnerability! Enable SSH only when there is a need for external connections. See Security Recommendations for more security considerations when using SSH.
General Options
Name | Description |
---|---|
TCP Port | Open a port for SSH connection requests. Enter the port number. |
Log in as Root with Password | Select to allow root logins. It is not recommended to allow root logins! A password must be set for the root user account. |
Allow Password Authentication | Select to allow password authentication. Enabling allows SSH login authentication using a password. Warning: Determine if directory services are enabled. If so, this setting grants access to all users imported by directory service. When disabled, authentication requires keys for all users. Involves extra SSH client and server setup. |
Allow Kerberos Authentication | Select to allow Kerberos authentication. Before enabling this option, valid entries must exist in: Directory Services > Kerberos Realms Directory Services > Kerberos Keytabs The system must be able to communicate with the Kerberos domain controller. |
Allow TCP Port Forwarding | Select to let users bypass firewall restrictions using the SSH port forwarding feature. |
ADVANCED OPTIONS displays additional configuration fields to set up SSH for specific uses cases.
Advanced Options
Name | Description |
---|---|
Bind Interfaces | Select interfaces on your system from the dropdown list for SSH to listen on. Leave all options unselected for SSH to listen on all interfaces. |
Compress Connections | Select to attempt to reduce latency over slow networks. |
SFTP Log Level | Select the syslog(3) facility of the SFTP server option from the dropdown list. Options are Quiet, Fatal, Error, Info, Verbose, Debug, Debug2 or Debug3. |
SFTP Log Facility | Select the syslog(3) facility of the SFTP server option from the dropdown list. Options are Daemon, User, Auth and Local 0 through Local7. |
Weak Ciphers | Select a cipher from the dropdown list. Options are None or AES128-CBC. To allow more ciphers for sshd(8) in addition to the defaults in sshd_config(5). Use None to allow unencrypted SSH connections. Use AES128-CBC to allow the 128-bit Advanced Encryption Standard. WARNING: these ciphers are security vulnerabilities. Only allow them in a secure network environment. |
Auxiliary Parameters | Add any more sshd_config(5) options not covered in this screen. Enter one option per line. Options added are case-sensitive. Misspellings can prevent the SSH service from starting. |
Trivial File Transfer Protocol (TFTP) is a basic protocol designed for simple file transfer. It provides no user authentication or the ability to browse a directory hierarchy. Use the TFTP service screen to configure TFTP service on the TrueNAS.
Path
Name | Description |
---|---|
Directory | Browse to an existing directory to use for storage. Some devices can require a specific directory name. Consult the documentation for that device to see if there are any restrictions. Click the > to the left of /mnt to open a list of directories. |
Connection
Name | Description |
---|---|
Host | The default host to use for TFTP transfers. Enter an IP address. For example, 192.0.2.1 or in Shell 192.0.2.1 |
Port | The UDP port number that listens for TFTP requests. For example, 8050 or in Shell 8050 . |
Username | Select the account to use for TFTP requests from the dropdown list. Options include but are not limited to root, daemon, operator, nobody and all other user names on the system. This account must have permission to what is specified in Directory. |
Access
Name | Description |
---|---|
File Permissions | Adjust the User and Group file permissions. Use the Read, Write and Execute checkboxes. Select all that apply. |
Allow New Files | Select when network devices need to send files to the system. |
Other Options
Name | Description |
---|---|
Auxiliary Parameters | Add more options from tftpd. Add one option on each line. |
An uninterruptible power supply is a hardware device that provides a backup source of power in the event of a power outage. Use the UPS services screen to configure a UPS for your TrueNAS.
TrueNAS EnterpriseTrueNAS High Availability (HA) systems are not compatible with uninterruptible power supplies (UPS).
SAVE activates after all required fields are populated.
CANCEL exits without saving and returns you to the Services screen.
General Options
Name | Description |
---|---|
Identifier | Type a description for the UPS device. You can use alphanumeric, period (.), comma (,), hyphen (-), and underscore (_) characters. This is a required field. |
UPS Mode | Select mode from the dropdown list. Master is an option if the UPS plugs directly into the system serial port. Select Slave to have this system shut down before the master system. The UPS remains the last item to shut down. See the Network UPS Tools Overview. |
Driver | Select the device driver from the dropdown list. See the Network UPS Tools compatibility list for a list of supported UPS devices. This is a required field. |
Port or Hostname | Select the serial or USB port connected to the UPS from the dropdown list. Options include a list of ports on your system and auto. Select auto to automatically detect and manage the USB port settings. Enter the IP address or host name of the SNMP UPS device when selecting an SNMP driver. If the UPS Mode field is set as Master, this is a required field. If set to Slave this field is not required. |
Monitor
Name | Description |
---|---|
Monitor User | Enter a user to associate with this service. Keeping the default is recommended. |
Monitor Password | Change the default password to improve system security. The new password cannot include a space or #. |
Extra Users | Enter accounts that have administrative access. See upsd.users(5) for examples. |
Remote Monitor | Select to have the default configuration listen on all interfaces using the known values of user: upsmon and password: fixmepass. |
Shutdown
Name | Description |
---|---|
Shutdown Mode | Select the battery option to use when the UPS initiates shutdown. Dropdown list options are UPS reaches low battery or UPS goes on battery. |
Shutdown Timer | Enter a value in seconds for the UPS to wait before initiating shutdown. Shutdown does not occur if power is restored while the timer is counting down. This value only applies when Shutdown Mode is set to UPS goes on battery. |
Shutdown Command | Enter a command to shut down the system when either battery power is low or the shutdown timer ends. |
Power off UPS | Select for the UPS to power off after shutting down the system. |
Name | Description |
---|---|
Send Email Status Updates | Select to enable sending messages to the address defined in the Email field. |
Enter any email addresses to receive status updates. Separate entries by pressing Enter. | |
Email Subject | Enter the subject for status emails. |
Other Options
Name | Description |
---|---|
No Communication Warning Time | Enter the number of seconds to wait before alerting that the service cannot reach any UPS. Warnings continue until situation resolved. |
Host Sync | Length of time in seconds for upsmon to wait while in master mode for the slaves to disconnect. This applies during a shutdown situation. |
Description | Enter a description for this service. |
Auxiliary Parameters (ups.conf) | Enter any extra options from ups.conf. |
Auxiliary Parameters (upsd.conf) | Enter any extra options from upsd.conf. |
The WebDAV protocol contains extensions to HTTP. These extensions expand the capabilities of a webserver. It can act as a collaborative authoring and management tool for web content. Use the Services WebDAV screen to enable WebDAV services on your TrueNAS.
Click ADD to open the WebDAV settings screen.
General Options
Name | Description |
---|---|
Protocol | Select the protocol from the dropdown list. HTTP keeps the connection unencrypted. HTTPS encrypts the connection. HTTP+HTTPS allows both types of connections. |
HTTP Port | Specify a port for unencrypted connections. The default port 8080 is recommended. Do not reuse a port. |
HTTP Authentication | Select the HTTP authentication type from the dropdown list. Basic Authentication is unencrypted. Digest Authentication is encrypted. Select No Authentication when you don’t want to use authentication. |
Webdav Password | Change the default of davtest as davtest is a known value. |
Following the upstream FreeBSD 13.2 end-of-life, announced July 1, 2024, virtualization features (plugins, jails, and virtual machines) in TrueNAS 13.0 are now obsolete.
Enterprise users or community users with a critical need to use containers or virtualization solutions in production should migrate to the tested and supported virtualization features available in TrueNAS SCALE. TrueNAS Enterprise customers can contact iXsystems to schedule a TrueNAS 24.04 or newer deployment. See CORE to SCALE Migrations for more information.
Following the upstream FreeBSD 13.2 end-of-life, announced July 1, 2024, virtualization features (plugins, jails, and virtual machines) in TrueNAS 13.0 are now obsolete.
Enterprise users or community users with a critical need to use containers or virtualization solutions in production should migrate to the tested and supported virtualization features available in TrueNAS SCALE. TrueNAS Enterprise customers can contact iXsystems to schedule a TrueNAS 24.04 or newer deployment. See CORE to SCALE Migrations for more information.
The Jails screen displays a list of jails installed on your system. Use to add, edit or delete jails.
Use the blue Columns dropdown list to display options to change the information displayed in the lis to of tables. Options are Select All, JID, Boot, State, Release, IPv4, IPv6, Type, Template, Basejail or Reset to Defaults.
Use the
icon to set the pool to use for jail storage.Use ADD to display the first configuration Wizard screen and to access the ADVANCED JAIL CREATION button to display advanced jail configuration screens.
Click the
icon to display the individual jail screen with its primary settings and additional action options for that jail.Click the
icon to collaspe the individual jail screen.Name | Description |
---|---|
EDIT | Used to modify the settings described in Advanced Jail Creation. You cannot edit a jail while it is running. You can only view the settings that are read only until you stop the jail operation. |
MOUNT POINTS | Select an existing mount point to edit. Either click EDIT or click ACTIONS > Add Mount Point to create a mount point for the jail. A mount point gives a jail access to storage located elsewhere on the system. You must stop a jail before adding, editing, or deleting a mount point. See Additional Storage for more details. |
RESTART | Stops and immediately starts a jail that is running or up. |
START | Starts a jail that has a current STATE of down. |
STOP | Stops a jail that has a current STATE of up. |
UPDATE | Runs freebsd-update to update the jail to the latest patch level of the installed FreeBSD release. |
SHELL | Displays the Shell screen which provides access a root command prompt to interact with a jail directly from the command line. Type exit to leave the command prompt and display the Jails screen. |
DELETE | Deletes the selected jail. Caution: deleting the jail also deletes all of the jail contents and all associated snapshots. Back up the jail data, configuration, and programs first. There is no way to recover the contents of a jail after deleting it! |
Action options change based on the jail state. For example, a stopped jail does not have a STOP or SHELL option.
TrueNAS has two options to create a jail. The Jail Wizard makes it easy to create a jail. ADVANCED JAIL CREATION opens the advanced configuration screens with all possible configuration settings. This form is recommended only for advanced users with ver specific requirements for a jail.
Following the upstream FreeBSD 13.2 end-of-life, announced July 1, 2024, virtualization features (plugins, jails, and virtual machines) in TrueNAS 13.0 are now obsolete.
Enterprise users or community users with a critical need to use containers or virtualization solutions in production should migrate to the tested and supported virtualization features available in TrueNAS SCALE. TrueNAS Enterprise customers can contact iXsystems to schedule a TrueNAS 24.04 or newer deployment. See CORE to SCALE Migrations for more information.
Use the Plugins screen to install and maintain 3rd party applications on your TrueNAS storage systems.
Use the blue Columns dropdown list to display options to change the information displayed in the lis to of tables. Options are Select All, Status, Admin Portals, IPv4 Address, IPv6 Address, Version, Plugin, Release, Boot, Collection or Reset to Defaults.
Use the
icon to set the pool to use for Plugin and Jail Manager storage.Use Browse a Collection to select 3rd party applications from either the iXsystems or Community libraries.
Use REFRESH INDEX to update the index of applications.
Use INSTALL to display the Plugins Add configuration screen and to access the ADVANCED PLUGIN INSTALLATION button to display advanced Plugin and jail configuration screens.
Click the
icon to display the individual plugin screen with its IP address, plugin name, release and version and the Github location for the collection. It includes additional action options for that plugin.Click the
icon to collaspe the individual plugin screen.Name | Description |
---|---|
Manage | Displays the System Overview screen for that application. For example, the netdatajail system overview with CPU and load graphics and options to view other information about this application. |
MOUNT POINTS | Displays the Jails Mount Points of nameofpluginjail screen. Click ACTIONS and select either Add to create a mount point for the jail used by the plugin, or Go Back to Jails to open the Jails screen. A mount point gives a jail access to storage located elsewhere on the system. You must stop a jail before adding, editing, or deleting a mount point. See Additional Storage for more details. |
RESTART | Starts a stopped plugin. |
STOP | Stops a plugin and the associated jail. |
UPDATE | Displays the Update plugin dialog where you can select the option to Update jail as well. Select Confirm to activate the UPDATE button. |
Uninstall | Displays a verification dialog for the plugin and related jail. Type the name displayed in the dialog and select Confirm to activate the DELETE button. |
Use the Add screen to install the plugin highlighted on the Plugins screen for a simple basic install of a third party application. Use the ADVANCED PLUGIN INSTALLATION button to open the advanced configuration screens with all possible configuration settings for the plugin and related jail. This form is recommended only for advanced users with ver specific requirements for a jail.
Setting | Description |
---|---|
Plugin Name | Displays the name of the plugin highliged on the Plugin screen. |
Jail Name | Required field. Enter a name that can include letters, numbers, periods (.), dashes (-), and underscores (_). |
DHCP | Select to allow DHCP to configure networking for the Jail**. |
NAT | Network Address Translation (NAT) to transform local network IP addresses into a single IP address. Select when the jail shares a single connection to the Internet with other systems on the network. |
IPv4 Interface | Select the IPv4 interface for the jail from the dropdown list. |
IPv4 Address | Enter the IPv4 address for VNET(9) and shared IP jails. |
IPv4 Netmask | Select the IPv4 netmask for the jail from the dropdown list. |
IPv6 Interface | Select the IPv6 interface for the jail from the dropdown list. |
IPv6 Address | Enter the IPv6 address for VNET(9) and shared IP jails. |
IPv6 Prefix | Select the IPv6 prefix for the jail from the dropdown list. |
Advanced Plugin Installation | Opens the advanced configuration screens. This form is recommended only for advanced users with ver specific requirements for a jail |
The Advanced Plugin Installation screens include four expandable configuration areas:
Click the
icon to collaspe any area of configuration settings.Use Next to advance to the next configuration settings section, or click the
icon to expand the configuration settings area.Following the upstream FreeBSD 13.2 end-of-life, announced July 1, 2024, virtualization features (plugins, jails, and virtual machines) in TrueNAS 13.0 are now obsolete.
Enterprise users or community users with a critical need to use containers or virtualization solutions in production should migrate to the tested and supported virtualization features available in TrueNAS SCALE. TrueNAS Enterprise customers can contact iXsystems to schedule a TrueNAS 24.04 or newer deployment. See CORE to SCALE Migrations for more information.
The Virtual Machines screen displays a list of virtual machines (VM) configured on your system.
Use the blue COLUMNS button to display a list of options to customize the list view. Options are Select All, Autostart, Virtual CPUs, Cores, Threads, Memory Size, Boot Loader Type, System Clock, VNC Port, Com Port, Description, Shutdown Timeout or Reset to Defaults.
Use ADD to display the Virtual Machines configuration Wizard.
The State toggle indicates the current state of the VM. Hover over the toggle with your mouse to see the state as STOPPED or RUNNING. The toggle turns blue when it is running.
Select the Autostart checkbox to set the VM to start automatically after a system reboot, or clear the checkbox to require manually starting the VM after a system reboot.
The Wizard consists of six individual configuration screens.
Confirmation Options displays the summary of settings. You can use BACK to return to previous screens to make changes or use SUBMIT to save settings and create the virtual machine.
After saving the VM, if you want to make changes you can select the the VM on the list, expand it and select EDIT to make changes.
You cannot advance to the next screen if the current screen has required fields. After entering all required information you can advance to the next screen.
Use Next to advance to the next wizard configuration form.
Use Back to return to a previous wizard configuration form.
Use Cancel to exit the configuration wizard.
The blue edit icons preceding each Wizard screen name, at the top of the screen, allow you to jump to the screen you selected but only if you have populated all required fields on the current screen and any screen that follows in the sequence of screens. If you select a screen that follows a Wizard screen that has required fields and you have not provided the information those required fields wants, the screen you selected does not display. You must enter all required fields before you can freely move around in the Wizard screens.
The individual virtual machine screens display the VM settings and provide optional operation buttons for that VM. Click the icon to expand that virtual machine and access current settings and operation actions.
The following operations are available on each VM screen:
Operation | Icon | Description |
---|---|---|
RESTART | Retarts the VM. | |
POWER OFF | Powers off and halts the VM, similar to turning off a computer power switch. | |
STOP | stop | Stops a running VM. Because a virtual machine doesn’t always respond well to STOP use the option to force the stop when prompted. |
START | Starts a VM. The toggle turns blue when the VM switches to running. | |
EDIT | Displays the Virtual Machines > Edit screen. You cannot edit a VM while it is running. You must first stop the VM and then you can edit the properties and settings. | |
DELETE | delete | Deletes a VM. You cannot delete a virtual machine that is running. You must first stop the VM and then you can delete it. |
DEVICES | device_hub | Displays the list of devices for this virtual machine. See xxx |
CLONE | Makes an exact copy or clone of the VM that you can select and edit. A Name dialog displays where you can enter a name for the cloned VM. Naming the clone VM is optional. The cloned VM displays on the Virtual Machines list with the extension _clone0. if you clone the same VM again the extension for the second clone is clone1. | |
VNC | settings_ethernet | Opens a noVCN window that allows you to connect to a |
SERIAL | keyboard_arrow_right | Opens the TrueNAS Shell screen. |
The STOP button and the system State toggle both try to send an ACPI power-down command to the VM operating system. Sometimes the commands time out, so it is better to use the POWER OFF button instead.
The Reporting screen displays graphs of system information for CPU, disk, memory, network, NFS, partition, target, UPS, ZFS and system functions.
Reporting data is saved to permit viewing and monitoring usage trends over time. This data is preserved across system upgrades and restarts.
Data files are saved in
Because reporting data is frequently written it should not be stored on the boot pool or operating system device.
Setting | Description |
---|---|
CPU | Displays the CPU Temperature, CPU Usage, and System Load graphs. |
Disk | Displays graphs for each disk in the system. |
Memory | Displays both the Physical memory utilization and Swap utilization graphs. |
Network | Displays an Interface Traffic graph for each interface in the system. |
NFS | Displays the NFS Stats (Operations) and NFS Stats (Bytes) graphs. |
Partition | Displays graphs showing disk space allocations. |
System | Displays both the Processes and Uptime graphs. |
Target | Displays graphs only for systems with iSCSI ports configured and shows the bandwidth statistics for iSCSI ports. |
UPS | Displays the graphs only if the system is configured for and uses a UPS. |
ZFS | Displays the ARC Size, ARC Hit Ratio, ARC Requests demand_data, ARC Requests demand_metadata, ARC Requests prefetch_data, and ARC Requests prefetch_metadata graphs with the Arc and L2 gigabytes and hits (%), and the hits, misses and total number of requests. |
Click on and drag a certain range of the graph to expand the information displayed in that selected area in the Graph. Click on the icon to zoom in on the graph. Click on the icon to zoom out on the graph. Click the to move the graph forward. Click the to move the graph backward.
The web interface has a web shell that makes it convenient to run command line tools from the web browser as the root user.
The prompt shows that the current user is root@truenas, the host name is truenas, and the current working directory is ~, where root is the user, truenas is the home directory of the logged-in user, and the symbol between the square brackets is the working directory.
The Shell screen includes three UI elements:
UI Element | Description |
---|---|
Set font size slider | Adjusts the size of text displayed in the shell main area. |
RESTORE DEFAULT | Resets the shell font and size. |
? | Displays the shell tooltip with helpful information about the screen. For example, CTRL+C kills a foreground process. It also lists built-in utilities such as: Iperf, Netperf, IOzone, arcstat, tw_cli, MegaCli, freenas-debug, tmux, and Dmidecode. |
Shell command history is available for the current session.
The default shell for a new installations is zsh. See Changing the Default Shell for instructions on changing to a different shell.
See Using Shell for information on navigating in shell, typing commands, and other general instructions.