TrueNASTrueNAS Nightly Development Documentation
This content follows experimental nightly development software. Pre-release software is intended for testing purposes only.
Use the Product and Version selectors above to view content specific to a stable software release.

Advanced Settings

Advanced Settings provides configuration options for the console, syslog, kernel, sysctl, replication, cron jobs, init/shutdown scripts, system dataset pool, isolated GPU device(s), self-encrypting drives, system access sessions, allowed IP addresses, audit logging, and global two-factor authentication.

Advanced settings have reasonable defaults in place. A warning message displays for some settings advising of the dangers of making changes. Changing advanced settings can be dangerous when done incorrectly. Use caution before saving changes.

Make sure you are comfortable with ZFS, Linux, and system configuration, backup, and restoration before making any changes.

TrueNAS Advanced Settings Screen
Figure 1: TrueNAS Advanced Settings Screen
TrueNAS Advanced Settings Screen
Figure 2: TrueNAS Advanced Settings Screen

This article provides information on sysctl, system dataset pool, setting the maximum number of simultaneous replication tasks the system can perform, and managing sessions.

Configuring System Auditing

The Audit widget displays the current audit storage and retention policy settings. The public-facing API allows querying audit records, exporting audit reports, and configuring audit dataset settings and retention periods.

Advanced System Setting Audit Widget
Figure 3: Advanced System Setting Audit Widget

The Audit configuration screen sets the retention period, reservation size, quota size and percentage of used space in the audit dataset that triggers warning and critical alerts.

Audit Settings
SettingsDescription
Retention (in days)Enter the number of days to retain local audit messages.
Reservation (in GiB)Enter the size (in GiB) of reserved space to allocate on the ZFS dataset where the audit databases are stored. The reservation specifies the minimum amount of space guaranteed to the dataset, and counts against the space available for other datasets in the zpool where the audit dataset is located. To disable, enter zero (0).
Quota (in GiB)Enter the size (in GiB) of the maximum amount of space that can be consumed by the dataset where the audit databases are stored. To disable, enter zero (0).
Quota Fill Warning (in %)Enter a percentage threshold. TrueNAS generates a warning level alert when the dataset quota reaches that capacity used. Allowed range: 5 - 80.
Quota Fill Critical (in %)Enter a percentage threshold. TrueNAS generates a critical level alert when the dataset quota reaches that capacity used. Allowed range: 50 - 95.

Click Configure to open the Audit configuration screen and manage storage and retention policies

Managing Sysctl Variables

Use Add on the Sysctl widget to add a tunable that configures a kernel module parameter at runtime.

AdvancedSysctlWidgetNoSysctl

The Add Sysctl or Edit Sysctl configuration screens display the settings.

AddSysctlConfigScreens

Enter the sysctl variable name in Variable. Sysctl tunables configure kernel module parameters while the system runs and generally take effect immediately.

Enter a sysctl value for the loader in Value.

Enter a description and then select Enabled. To disable but not delete the variable, clear the Enabled checkbox.

Click Save.

Managing the System Dataset Pool

Storage widget displays the pool configured as the system dataset pool and allows users to select the storage pool they want to hold the system dataset. The system dataset stores core files for debugging and keys for encrypted pools. It also stores Samba4 metadata, such as the user and group cache and share-level permissions.

AdvancedSystemStorageWidget

Configure opens the Storage Settings configuration screen.

Storage Settings Configuration Screen

If the system has one pool, TrueNAS configures that pool as the system dataset pool. If your system has more than one pool, you can set the system dataset pool using the Select Pool dropdown. Users can move the system dataset to an unencrypted pool, or an encrypted pool without passphrases.

SystemDatasetPoolConfigScreen

Users can move the system dataset to a key-encrypted pool, but cannot change the pool encryption type afterward. If the encrypted pool already has a passphrase set, you cannot move the system dataset to that pool.

Setting the Number of Replication Tasks

The Replication widget displays the number of replication tasks that can execute simultaneously on the system. It allows users to adjust the maximum number of replication tasks the system can execute simultaneously.

SystemAdvancedSettingsReplicationWidget

Click Configure to open the Replication configuration screen.

AdvancedSettingsReplicationConfigScreen

Enter a number for the maximum number of simultaneous replication tasks you want to allow the system to process and click Save.

Managing Allowed IP Addresses

Use the System > Advanced Settings screen Allowed IP Addresses configuration screen to restrict access to the TrueNAS web UI and API.

Entering an IP address limits access to the system to only the address(es) entered here. To allow unrestricted access to all IP addresses, leave this list empty.

Managing Access (WebSocket Sessions)

The Access widget displays a list of all active sessions, including the user who initiated the session and what time it started, the Session Timeout setting for your current session, and the UI Login Banner. It allows administrators to manage other active sessions and to configure the session timeout for their account.

The Terminate Other Sessions button ends all sessions except for the one you are currently using. You can also end individual sessions by clicking the logout button next to that session. You must check a confirmation box before the system allows you to end sessions.

The logout icon is inactive for the currently logged in administrator session and active for any other current sessions. It cannot be used to terminate the currently logged in active administrator session.

Session Timeout displays the configured token duration for the current session (default five minutes). TrueNAS logs out user sessions that are inactive for longer than that configured token setting for the user. New activity resets the token counter.

If the configured session timeout is exceeded, TrueNAS displays a Logout dialog with the exceeded ticket lifetime value and the time that the session is scheduled to terminate.

Click Extend Session to reset the token counter. If the button is not clicked, the TrueNAS terminates the session automatically and returns to the log in screen.\

Login Banner displays the custom text that TrueNAS displays before the login screen, if configured.

Click Configure to open the Access Settings screen and configure Session Timeout or Login Banner.

Select a value that fits user needs and security requirements. Enter the value in seconds.

The default session timeout setting is 300 seconds, or five minutes.

The minimum value allowed is 30 seconds and the maximum is 2147482 seconds, or 20 hours, 31 minutes, and 22 seconds.

Click Save.

Contents

  • Managing Cron Jobs: Provides information on adding or modifying cron jobs in TrueNAS.

    • Managing the Console Setup Menu: Provides information on the Console setup menu configuration settings including the serial port, port speed, password protection, and the banner users see.

      • Managing System Logging: Provides information on setting up or changing the syslog server, the level of logging and the information included in the logs, and using TLS as the transport protocol.

        • Managing Init/Shutdown Scripts: Provides information on adding or modifying init/shutdown scripts in TrueNAS.

          • Managing SEDs: Provides information on adding or modifying self-encrypting drive (SED) user and global passwords in TrueNAS.

            • Isolating GPU for VMs: Provides information on isolating Graphics Processing Units (GPU) installed in your system.

              • Managing Global 2FA (Two-Factor Authentication): Provides information on setting up and managing global two-factor authentication, and logging in with it enabled.

                • Developer Mode (Unsupported): Provides information on the unsupported TrueNAS developer mode and how to enable it.