TrueNAS Scale Setup
Overview
Intiial TrueNAS Scale setup, post-installation.
Network
Interfaces
The primary interface of the TrueNAS server should have a static IP configuration. Edit the interface of choice.
| Setting | Value | Description |
|---|---|---|
Name | eno1 | Interface name on system. |
DHCP | false | Enable for dynamic IP address from network. |
Autoconfigure IPv6 | false | Enable to autoconfigure IPv6 on the interface. |
MTU | 1500 | Use a standard MTU size for your environment. |
Aliases | 172.16.13.13/24 | Define the static IP address for the system here, modify the value to match your network. |
Hostname and Domain
| Setting | Value | Description |
|---|---|---|
Hostname | coolnas | System hostname, requires restart. |
Inherit domain from DHCP | false | Enable to inherit domain from DHCP provider. |
Domain | local | Keep as local unless on configured domain. |
Additional Domains | | Additional search domains. |
Service Announcement
| Setting | Value | Description |
|---|---|---|
NetBIOS-NS | false | Enable to advertise NetBIOS Name for legacy clients. |
mDNS | false | Enable to advertise via Multicast DNS. |
WS-Discovery | false | Enable to advertise NetBIOS Name via WS-Discovery. |
DNS Servers
Configure your preferred DNS providers. Quad9 and Cloudflare examples are provided.
| Setting | Value | Description |
|---|---|---|
Nameserver 1 | 9.9.9.9 | Quad9 IPv4. |
Nameserver 2 | 149.112.112.112 | Quad9 IPv4. |
Nameserver 1 | 2620:fe::fe | Quad9 IPv6. |
Nameserver 2 | 2620:fe::9 | Quad9 IPv6. |
Nameserver 1 | 1.1.1.1 | Cloudflare IPv4. |
Nameserver 2 | 1.0.0.1 | Cloudflare IPv4. |
Nameserver 1 | 2606:4700:4700::1111 | Cloudflare IPv6. |
Nameserver 2 | 2606:4700:4700::1001 | Cloudflare IPv6. |
Default Gateway
| Setting | Value | Description |
|---|---|---|
IPv4 Default Gateway | 172.16.13.1 | Default IPv4 network gateway (router IP address). |
IPv6 Default Gateway | | Default IPv6 network gateway (router IP address). |
Outbound Network
In an ideal world, toggle Allow Specific and select required services. At minimum Allow All will allow TrueNAS to function properly.
Other Settings
| Setting | Value | Description |
|---|---|---|
HTTP Proxy | | Configure if a proxy connection is preferred. |
Enable Netwait Feature | false | Enable to utilize Netwait IP List. |
Host Name Database | | Additional hosts to append to /etc/hosts. |
System Settings - General
GUI
| Setting | Value | Description |
|---|---|---|
Theme | iX Dark | Pick your poison. |
GUI SSL Certificate | truenas_default | Self-signed certificate by default, can be changed after adding a new certificate. |
Web Interface IPv4 Address | 172.16.13.13 | Set this to the static IP address of your TrueNAS server on the network. Available IPs will be presented in the dropdown. |
Web Interface IPv6 Address | :: | Disabled by default, can be left disabled in most cases. |
Web Interface HTTP Port | 80 | |
Web Interface HTTPS Port | 443 | |
HTTPS Protocols | TLSv1.3 | Allowed cryptographic protocols. Use TLS 1.3; stop using weak HTTPS. |
Web Interface HTTP -> HTTPS Redirect | true | Enable this to prevent connections to the server over HTTP. Highly recommended, TrueNAS ships with a self-signed certificate. |
Other Options
| Setting | Value | Description |
|---|---|---|
Crash Reporting | false | Enable to send crash reports to iXsystems. |
Usage Collection | false | Enable to send usage statistics to iXsystems. |
Show Console Messages | false | Enable to display console messages in browser windows. |
Localization
| Setting | Value | Description |
|---|---|---|
Language | English (en) | Local language as configured in setup. |
Console Keyboard Map | English (US) (us) | Keyboard to assume from the user. |
Timezone | America/New_York | Timezone for the system. |
Date Format | 2020-04-20 | Date format for the system. |
Time Format | 12:00:00 | Clock format for the system. |
NTP Servers
Use your time servers of choice; common providers include NTP Pool, NIST ITS, and Cloudflare.
| Address | Burst | IBurst | Prefer | Min Poll | Max Poll |
|---|---|---|---|---|---|
0.pool.ntp.org | false | true | false | 6 | 10 |
1.pool.ntp.org | false | true | false | 6 | 10 |
2.pool.ntp.org | false | true | false | 6 | 10 |
System Settings - Advanced
These settings can be left mostly unmodified, but should be reviewed. These will see more configuration during setup of other applications on the system.
Console
| Setting | Value | Description |
|---|---|---|
Show Text Console without Password Prompt | false | When false, require password to open browser console. |
Enable Serial Console | false | Only enable this if you have and intend to use serial ports. |
MOTD Banner | Authorized Access Only | Message to present users connecting via SSH, consider changing it from the default. |
Setup Two-Factor
Enable two-factor authentication to improve the login security of a TrueNAS system.
Navigate to Credentials - 2FA to configure two-factor authentication as detailed in this section.
Configure 2FA
Modify the values of the Two-Factor Authentication User Settings if necessary. The default values for token generation are suitable for most. Consider enabling the 2FA requirement for SSH connections.
| Setting | Value | Description |
|---|---|---|
| One-Time Password (OTP) Digits | 6 | Length of tokens, 6 is standard. |
| Interval | 30 | Interval, in seconds, between token regeneration. |
| Window | 0 | Grace period for tokens. 1 would be one before and one after the current token. |
| Enable Two-Factor Auth for SSH | true | Require token for SSH login. |
Save 2FA
Before enabling two-factor authentication, add the TOTP key to your 2FA app of choice. Save the token by either:
- Select
Show QRand scan the key into an authenticator app. - Copy the
Secretkey into an authenticator app manually. - To avoid manual configuration,
Provisioning URIcan also be manually added to an authenticator app.
Enable 2FA
Select Enable Two-Factor Authentication to enable the configuration. Two-factor authentication will now be required for dashboard login and, if configured, SSH login.
