TrueNAS

## Installation Helpful Resource: <https://youtu.be/psVNn-JVT9Q> 1. View [[Integrated Dell Remote Access Controller|iDRAC]] interface in firefox 1. Set console to be HTML5 2. Load .iso virtual media to the CD/ROM 3. `F11` to open UEFI manager 4. change boot order and select boot device 1. select `Virtual Media Optical Disk` 5. Install with the minimal prompts to the 2 mirrored SSD's 6. Reboot 7. Change the boot order to now boot from the SSD's first 8. Boot into TrueNAS 9. Begin [[TrueNAS#Configuration]] ## Configuration ### Link Aggregation In the console follow the prompts to add all current interfaces to a `lagg` using [[LACP]], Then configure the aggregation for DHCP Now the web console should be available at a listed IP Address ### Configure SMART Tests - `Tasks > S.M.A.R.T Test > Add` ```txt All Disks Type: LONG Description: Long SMART test Schedule: Monthly (0 0 1 * *) on the first day of the month at 00:00 (12:00 AM) SAVE ``` ### Hardening - [[Device Hardening]] - <https://www.truenas.com/docs/scale/communityrecommends/hardened-backup-repository-for-veeam/#configure-smart-tests> 1. Use Fixed IP Address not DHCP 2. Disable Service Announcement - NetBIOS-NS - mDNS - WS-Discovery 3. use well known [[DNS]] servers (or your own gateway/[[DNS]] server like Pi-Hole) - `1.1.1.1` - `8.8.8.8` 4. Keep 1 interface for management layer and 3 interfaces in [[LACP]] for data 5. `System > General > web interface address` - use HTTPS redirect 6. make SSH NOT start automatically. - And in the advanced settings `ssh > pencil icon > advanced > auxillary parameters` - add `AllowUsers root@#.#.#.#` where `#.#.#.#` is the IP Address of the computer you want to be able to SSH from 7. Give root an email for those important notifications (destination) - configure the notifications: `system > email` - use the gmail OAuth and my service account email 8. Periodic snapshots: `tasks > periodic snapshots` - <https://www.truenas.com/docs/scale/communityrecommends/hardened-backup-repository-for-veeam/#configure-zfs-periodic-snapshots> - hourly, daily, and weekly 9. Configure SSH rules ### Configure Users and groups for shared volumes - <https://www.truenas.com/community/threads/how-to-set-up-truenas-from-beginning-to-end-including-secure-remote-access-to-files-and-web-gui.89229/> - To create shared volumes you can access through connection to your local network, see the following instructions. - Go to accounts on the left panel. - Click on groups. - Click add. - Enter a group name (you can leave the GID as it is). - Enable permit sudo and samba authentication. - Submit. - Go to accounts on the left panel. - Click on users. - Click add. - Fill in all the empty field under Identification - Uncheck new primary group. - Choose the group you made previously from the drop down menu in primary groups. - Go ahead and check all of the boxes under Home Directory Permissions. - Under Authentication check permit sudo and Samba authentication. - Submit. - Go to Storage -> Pools - Click add. - Select create new pool then click create pool. - Go back to Storage -> Pools - You should see the name of your new pool pop up. - Click on the three dots on the right side of that name. - Click add Zvol (this must be done!) - Put in a name and select a size for the Zvol (for a 1TB drive I used 1 GB, this is block device mainly used for VMs, so you can use less if you don't plan on using VMs on your NAS, more if you do). - Click submit. - Click on the three dots on the right side of the pool once again. - Click add dataset. - Type in a name and click submit. - Now you should be able to see the name of that dataset underneath your pool in Storage -> Pools - Click on the three dots on the right side of the name of the dataset. - Click on permissions. - Set the user under owner to www and group to www. - Click apply user and apply group. - Under access mode, check all of the boxes. - Click apply permissions recursively under advanced. - Click save. - Click on the three dots on the right side of the name of the dataset. - Click on permissions. - Click on ACL manager. - Click on the preset open under the dropdown menu. - Set the user under owner to www and group to www. - Click apply user and apply group. - Click apply permissions recursively under advanced. - Click save - Go to Services - Enable SMB and click on start automatically. - Go to Sharing -> Windows Shares (SMB) - Click add. - Select the path to your dataset. - Click submit. - Now to access this folder from your Windows machine on your local network. - Go to file explorer -> network - Click on the top field and enter the IP address of your TrueNAS machine in this fashion (should be the same as the IP address you used to connect to your WebGUI) - `\\youripaddress` - When it asks for username and password, use the username of the new account you created in the WebGUI and its password. - If you see your folder, great! If not, refer back to the previous steps to see if you did anything wrong. ### snapshots Snapshots only store the differential of the change so if data is 100GB and i add 1GB the snapshot is only 1GB ### Setup iperf3 on the server (Optional) ```bash apt-get install iperf3 ``` In the `~/.profile` file, add this line: ```bash iperf3 -s & ``` this will make it so upon server startup iperf3 will be run as an independant process that can can gather data from. By default it listens on port `5021` ## Troubleshooting ### Issue with unable to add drives to a ZFS Pool > [EFAULT] Failed to wipe disk da14: [Errno 22] Invalid argument > I just want to add my thanks to the OP for creating and particularly to swissroot for the link that made it all come together. > > I bought 6 4Tb Seagate drives from a recycler thinking that I could just plug them into my Dell T620 bays and load them up as mirrored vdevs. Its a new build that I'm playing with and while I waited for my H220 flashed to LSI HBA from The Art of Server, I noticed that the H710P raid card could see all the devices but only one was open and usable and five were marked as 'blocked'. That is a well-documented issue that should be fixed by updating the firmware of the card but mine wasn't playing ball. I figured that the H220/LSI would see the drives and make them available when I installed it. > > No bueno! The H220 could see the drives but at 0.00Gb; at least I could format them through the BIOS interface for the H220 if only one at a time and 15 hours each. I thought that was the end of the issue but I suspected it might not be. > > Fast forward, all got formatted through the H220, I fired up TrueNAS core and it could see all the drives but threw an error when I tried to create the vdevs. Searching that error brought me to this thread and the link provided by swissroot provided the info I needed to sg_format the drives in parallel to a 512 byte sector rather than 520 byte. > > For those reading this with the same issue, what I've learned so far is that used HDD are often good value but if they have been used in Netapp/EMC hardware, they need to be mounted on an HBA (not a raid card) and re-formatted to 512 byte sectors in order for them to work and be mounted as useable drives in Freenas/Truenas. > > The reason this is pretty unique and hard to track down is that it seems to be an issue that is limited or confined to situations where drives that have been used in other storage arrays that utilise 520 bytes sectors are used in equipment that is looking for 512 byte sectors. #### Resolution <https://bitfix.be/freenas-error-unable-to-gpt-format-the-disk-ada0/> 1. Login via SSH, execute commands below. - if you need to configure - `System > SSH Keypairs > add` Generate SSH keypair for root user - `Accounts > Users > root` for root and put public key in appropriate area - `Services > SSH > Actions (configure)` allow `Log in as Root with Password` - On remote machine `ssh root@#.#.#.#` 2. `sysctl kern.geom.debugflags=0x10` 3. `dd if=/dev/zero of=/dev/da0 bs=512 count=1` - My cheat way: - `for disk in $(ls /dev | grep -E "(^da[0-9]$) | (^da1[1-5]$)"); do dd if=/dev/zero of=/dev/$disk bs=512 count=1;done` - The `dd` command way might not work so if not resort to the next option - Failsafe - `sg_format --format --size=512 --six -v /dev/da9` - `for disk in $(ls /dev | grep -E "(^da[0-9]$) | (^da1[1-5]$)"); do sg_format --format --size=512 --six -v /dev/$disk && echo "$disk reformatteded";done` 4. Log into web interface and use “View Disks” to wipe the drives in that interface 5. Create new ZFS volume including these disks. ## Services [[Plex]]