TrueNAS Nightly Development DocumentationThis content follows experimental nightly development software. Pre-release software is intended for testing purposes only.
Use the Product and Version selectors above to view content specific to a stable software release.
Advanced Settings Screen
14 minute read.
Advanced settings have reasonable defaults in place. A warning message displays for some settings advising of the dangers of making changes. Changing advanced settings can be dangerous when done incorrectly. Use caution before saving changes.
Make sure you are comfortable with ZFS, Linux, and system configuration, backup, and restoration before making any changes.
The Advanced Settings screen provides configuration options for the console, syslog, audit, kernel, sysctl, storage (system dataset pool), replication, WebSocket sessions, cron jobs, init/shutdown scripts, allowed IP addresses, isolated GPU device(s), self-encrypting drives, and global two-factor authentication.
Save Debug saves a system debug file to the local machine.
The Console widget displays the current console settings for TrueNAS.
Configure opens the Console configuration screen.
Console settings configure how the Console Setup menu displays, the serial port it uses and the port speed, and the banner users see when accessing it.
The Syslog widget displays the existing system logging settings that specify how and when the system sends log messages to the syslog server.
Configure opens the Syslog configuration screen.
The Syslog settings specify the logging level the system uses to record system events to the boot device. There are also options to configure a remote syslog server for recording system events.
The Audit widget displays the current audit storage and retention policy settings. The public-facing API allows querying audit records, exporting audit reports, and configuring audit dataset settings and retention periods.
The Audit configuration screen sets the retention period, reservation size, quota size and percentage of used space in the audit dataset that triggers warning and critical alerts.
Click Configure to open the Audit configuration screen and manage storage and retention policies
The Kernel widget shows options for configuring the Linux kernel installed with TrueNAS.
The Cron Jobs widget displays No Cron Jobs configured until you add a cron job, then it shows the information on cron job(s) configured on the system.
Add opens the Add Cron Job configuration screen.
Click on any job listed in the widget to open the Edit Cron Jobs configuration screen populated with the settings for that cron job.
The Add Cron Job and Edit Cron Job configuration screens display the same settings.
Cron Jobs lets users configure jobs that run specific commands or scripts on a regular schedule using cron(8). Cron jobs help users run repetitive tasks.
The Init/Shutdown Scripts widget displays No Init/Shutdown Scripts configured until you add either a command or script, then the widget lists the scrips configured on the system.
Add opens the Add Init/Shutdown Script configuration screen. Any script listed is a link that opens the Edit Init/Shutdown Script configuration screen populated with the settings for that script.
Init/Shutdown Scripts lets users schedule commands or scripts to run at system startup or shutdown.
The Sysctl widget displays either No Sysctl configured or the existing sysctl settings on the system.
Add to add a tunable that configures a kernel module parameter at runtime.
The Add Sysctl or Edit Sysctl configuration screen settings let users set up tunables that configure kernel parameters at runtime.
Storage widget displays the pool configured as the system dataset pool and allows users to select the storage pool they want to hold the system dataset. The system dataset stores core files for debugging and keys for encrypted pools. It also stores Samba4 metadata, such as the user and group cache and share-level permissions.
Configure opens the Storage Settings configuration screen.
If the system has one pool, TrueNAS configures that pool as the system dataset pool. If your system has more than one pool, you can set the system dataset pool using the Select Pool dropdown. Users can move the system dataset to an unencrypted pool, or an encrypted pool without passphrases.
Users can move the system dataset to a key-encrypted pool, but cannot change the pool encryption type afterward. If the encrypted pool already has a passphrase set, you cannot move the system dataset to that pool.
The Replication widget displays the number of replication tasks that can execute simultaneously on the system. It allows users to adjust the maximum number of replication tasks the system can perform simultaneously.
Click Configure to open the Replication configuration screen.
Enter a number for the maximum number of simultaneous replication tasks you want to allow the system to process and click Save.
The Access widget displays a list of all active sessions, including the user who initiated the session and what time it started. It also displays the Session Timeout setting for your current session. It allows administrators to manage other active sessions and to configure the session timeout for their account.
Terminate Other Sessions ends all sessions except for the one you are currently using. You can also end individual sessions by clicking the logout icon next to that session if it is not the admin user session. You must check a confirmation box before the system allows you to end sessions.
The logout button is inactive for your current session and active for all other current sessions. It cannot be used to terminate your current session.
Session Timeout displays the configured token duration for your current session (default five minutes). TrueNAS logs out user sessions that are inactive for longer than the configured token setting. New activity resets the token counter.
If the configured session timeout is exceeded, TrueNAS displays a Logout dialog with the exceeded ticket lifetime value and the time that the session is scheduled to terminate.
Configure opens the Token Settings screen.
The Token Settings screen allows users to configure the Session Timeout for the current account.
Select a value that fits your needs and security requirements. Enter the value in seconds.
The default lifetime setting is 300 seconds or five minutes.
The maximum is 2147482 seconds, or 24 days, 20 hours, 31 minutes, and 22 seconds.
The Allowed IP Addresses widget displays IP addresses and networks added to the system that are allowed to use the API and UI. If this list is empty, then all IP addresses are allowed to use API and UI.
Configure opens the Allowed IP Addresses configuration screen.
Entering an IP address to the allowed IP address list denies access to the UI or API for all other IP addresses not listed.
Use only if you want to limit system access to a single or limited number of IP addresses. Leave the list blank to allow all IP addresses.
Click Add next to Allowed IP Addresses to add an entry to the allowed IP Addresses list. Ensure the first address and/or subnet includes your current client system.
You can enter a specific IP address, for example, 192.168.1.1, for individual access, or use an IP address with a subnet mask, like 192.168.1.0/24, to define a range of addresses.
You can add as many addresses as needed.
Click Save. A Restart Web Service dialog opens. Select Confirm and then Continue to restart the web UI and apply changes.
The Self-Encrypting Drive (SED) widget displays the system ATA security user and password.
Configure opens the Self-Encrypting Drive configuration screen.
The Self-Encrypting Drive configuration screen allows users to set the ATA security user and create a SED global password.
The Isolated GPU Device(s) widget displays any isolated graphics processing unit (GPU) device(s) configured on your system.
Configure opens the Isolated GPU PCI Ids screen, which allows users to isolate additional GPU devices.
The Isolate GPU PCI IDs configuration screen allows you to isolate GPU devices for a virtual machine (VM).
To isolate a GPU, you must have at least two in your system; one allocated to the host system for system functions and/or applications, and the other available to isolate for use by a VM.
Select the GPU device ID from the dropdown list and click Save.
Isolated GPU devices are reserved for use by configured applications or a VM.
To allocate an isolated GPU device, select it while creating or editing the VM configuration. When allocated to a VM, the isolated GPU connects to the VM as if it were physically installed in that VM and becomes unavailable for any other allocations.
The Global Two Factor Authentication widget allows you to set up two-factor authentication (2FA) for your system.
Configure opens the Global Two Factor Authentication Settings configuration screen.
TrueNAS EnterpriseThe System Security widget allows administrators of Enterprise-licensed systems to enable or disable FIPS 140-2 compliant algorithms. This requires a system reboot to apply the settings. High Availability (HA) systems reboot the standby controller and then prompt to failover and reboot the primary controller.
Settings opens the System Security configuration screen.
Click the Enable FIPS toggle to enable or disable enforcement, then click Save. The system prompts to reboot (or failover for HA systems) to apply the settings.