TrueNAS SCALE
Is an Operating System for server based on Debian. It uses ZFS
Setup¶
- This guide is pretty good:
- Pool
- Create a pool named
tank- If you have only one pool on your system, do not select the Encryption option for this pool. - Source
- Auto SMART shouldn't be enabled by default, instead setup a weekly
zpool trim POOLNAME
- Create a pool named
- Dataset
- Configure an encrypted dataset below the root for all sensitive data
- System
- SSH in System Settings → Service
Notes¶
- Reactivate apt ⚠️ but beware of the consequences:
chmod +x /bin/apt* /bin/dpkg* - An integration exist with Home Assistant
Applications¶
- Truecharts aren't super reliable according to Wendel (July 2022)
- Better use a KVM which host Docker
Hosting Docker on VM¶
- Recommendation: host the files in TrueNAS, not in the VM
- So you can use compression, snapshots, …
UEFI¶
There's an issue with the Debian bootloader and the VM:
You have to copy debian/grubx64.efi to EFI/BOOT/bootx64.efi
This is inside /boot/efi/
Network¶
There are issues with routing VM network to VM Host - see this post
- Connect to the console
- Start 1. Configure network interface
- Disable DHCP on your main interface
- Create a new interface with N, bridge, and set the alias to 192.168.1.1/24 (or whatever is appropriate for your network).
- Apply and persist
- Reboot
Network File System¶
A dataset can contain all required data accessible via Network File System - config in this post too
- When creating the dataset:
- ACL Type: NFSv4
- ACL Mode: Passthrough
- Create users & groups, same GUID as VM
- When creating the NFS share
- Set the service to be NFSv4
- Set the host to the Docker host ip
- Security: SYS
- Maproot user & Maproot group: the one created
- Mount the NFS on the client and set on boot - see NFS
Nextcloud¶
- Sync can be disabled to speed up performance on the dataset
- Guide here if you use a host VM + Docker
- If you use Snap
- Copy the content of
/var/snap/nextcloudto the/nfs/nextcloud - Edit
/etc/fstabto add a mount from NFS to/var/snap/nextcloud- ⚠️ Don't mount a bind from the
/nfsto the snap, otherwise you'll have an ordering problem infstab
- ⚠️ Don't mount a bind from the
- Copy the content of
Data¶
NFS¶
- NFSv4 should be a bit better
Virtual Machine¶
- Access virsh:
sudo virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" COMMAND - Get the
domainof the VM: In the TrueNAS interface → Virtualization → Select the VM → Download Logs and observe the name
Install Windows in a VM¶
See Kernel-based Virtual Machine
Enable TPM Virtualization¶
- ⚠️ Not supported OOTB!
- Binary installation
sudo chmod +x /bin/apt* /bin/dpkg*- Download the swtpm, swtpm-libs, libtpms0, swtpm-tools, gnutls-bin packages
- Install them with
sudo apt install -f /path/to/file.deb sudo chmod -x /bin/apt* /bin/dpkg*
- System setup
sudo chmod 770 /var/lib/swtpm-localca/sudo nano /etc/apparmor.d/abstractions/libvirt-qemuand add at the end - SourceIDTOREPLACEcan be found when starting the VM (which will fail) and check the kern log:cat /var/log/kern.logor is the VM UUID (seen invirsh edit) without the-/var/db/system/syslog-IDTOREPLACE/log/swtpm/libvirt/qemu/** rw, /var/lib/libvirt/swtpm/** krw, /var/log/swtpm/** rw,
systemctl reload apparmor.service
- Run the VM - need to do that everytime
sudo virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" edit DOMAINVMand add at the end (but before</devices>) - Sourcexml <devices> <tpm model='tpm-tis'> <backend type='emulator' version='2.0'/> </tpm> </devices>sudo virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" start DOMAINVM- Simple Protocol for Independent Computing Environments and VNC web displays available from the interface won't be initialized - so you have to rely on a local VNC viewer
- Port is not opened if you didn't start the machine from the web UI at least once
Display settings for SPICE¶
- Port: 5900 or higher
- Resolution: 1024x768
- Bind: 0.0.0.0
- Web interface: true