documents lan storage
freeNAS configuration
freeNAS install
- Create freeNAS install USB 3.0 Sandisk bootable thumbdrive using Etcher - download or Rufus - download
- Insert freeNAS install USB and a USB 3.0 Sandisk boot target or use a small SSD
- Install… it will ask to set a root password
- Pull freeNAS install USB and reboot
freeNAS first pool setup
- Login to FreeNAS (root - yoursecurepassword)
- View Dashboard check for any notifications
- From FreeNAS Dashboard -> Storage -> Pools -> Add -> Create new pool
- Name: nspool
- Type: raidz2
- Add Drives (the 4 disks) -> Set to raidz2 (default is raidz2)
- Confirm Create (will delete all data)
- Clean up Network
- Hostname: sg
- Domain: ns.lan
- Add S.M.A.R.T. Test schedule to drives
- Tasks - S.M.A.R.T. Test
- Disks: (disk in each pool as a task) ada0, ada1, ada2
- Type: LONG
- Description: Monthly SMART test
- Schedule: Montly (0 0 - -) First day of month at 12AM
- Add SCRUB schedule to drives
- Tasks - Scrub Tasks
- Pool: nspool
- Threshold days: 14
- Description: Weekly Scrub
freeNAS SMB Share Dataset Configuration
Groups
Group |
GID |
Description |
nsadmin |
1009 |
Netstack System Administration Group |
nsbackup |
1008 |
Netstack Backup Group |
nsprojects |
1001 |
Netstack Projects Group |
nspublic |
1000 |
Netstack Public Group |
Users
user |
UID |
Description |
root |
0 |
only use on head |
nsadmin |
1009 |
only use in emergency |
buadmin |
1008 |
backup user for scripts |
nsprouser |
1001 |
basic project user template |
nspubuser |
1000 |
public share only user template |
- Check Status of nspool Storage - Pools - Gear Status
- Add Projects dataset Storage - Pools -> nspool -> Add Dataset
- Name: Projects
- Comments: netstack Projects
- Sync: Inherit (standard)
- Compression: Inherit (lz4) (default)
- Enable Atime: Inherit (on) (default)
- ZFS Dedulication: Inherit (off) (default)
- Case Sensitivity: Sensitive (default)
- Share Type: Generic
- SAVE
- Add Public dataset Storage - Pools -> nspool -> Add Dataset
- Name: Public
- Comments: netstack Public share
- Sync: Inherit (standard)
- Compression: Inherit (lz4) (default)
- Enable Atime: Inherit (on) (default)
- ZFS Dedulication: Inherit (off) (default)
- Case Sensitivity: Sensitive (default)
- Share Type: Generic
- SAVE
- Create group nspublic Accounts - Groups -> Add
- GID: 1000
- Name: nspublic
- SAVE
- Create group nsprojects Accounts - Groups -> Add
- GID: 1001
- Name: nsprojects
- SAVE
- Create user nspubuser Accounts - Users -> Add
- Full Name: Netstack Public User
- Username: nspubuser
- Email: nspubuser@netstack.org
- Password: somethingyouset
- User ID: 1000
- New Primary Group: unchecked - use nspublic as Primary Group
- Primary Group: nspublic
- Auxiliary Groups: none
- Home Directory: /mnt/nspool/Public
- Home Directory Permissions:
|
User |
Group |
Other |
Read |
X |
X |
X |
Write |
X |
|
|
Execute |
X |
X |
X |
- Authentication (leave default)
- SAVE
- Repeat for nsprouser but with nsprojects as primary group
- Add Public SMB share Sharing - Windows Shares (SMB) - Add
- Path: /mnt/nspool/Public
- Name: Public
- Description: netstack Public SMB share
- Enabled: yes - checked
- Time Machine: no
- Allow Guest Access: no
- Enable Shadow Copies: yes - checked
- SAVE
- Edit ACL on Public Dataset Storage - Pools - nspool - Public
- Path: /mnt/nspool/Public
- User: root (default)
- Group: nspublic (select from pulldown)
- Apply Group: yes - Checked (need to check this to apply the group or it will not change)
- Default ACL Options: OPEN
- Apply Permissions Recursively: yes - Checked (good habbit when changing directories)
- Save
- Add Projects SMB share Sharing - Windows Shares (SMB) - Add
- Path: /mnt/nspool/Projects
- Name: Projects
- Description: netstack Projects
- Enabled: yes - checked
- Time Machine: no
- Allow Guest Access: no
- Enable Shadow Copies: yes - checked
- SAVE
- Edit ACL on Public Dataset Storage - Pools - nspool - Projects
- Path: /mnt/nspool/Projects
- User: root (default)
- Group: nsprojects (select from pulldown)
- Apply Group: yes - Checked (need to check this to apply the group or it will not change)
- Default ACL Options: RESTRICTED
- Apply Permissions Recursively: yes - Checked (good habbit when changing directories)
- Save
- RESTART SMB Service
- Test SMB connectivity on Windows
- Windows Machine
- File Browse to: \192.168.128.2\ or sg.ns.lan
- Network credentials: nspubuser - passwordyouset
- Under Network > SG should see Projects and Public
- Click on Public
- Should be able to read and write files
- Click on Project
- Should NOT be able to access folder
- Enable SMB Service Services - SMB - Edita
- Number of servers: 4 (each takes 1 core)
- Allow no-root mount: Checked
- Enable NFSv4: Checked
- Restart NFS Service
Windows 10 SMB Share browse
- Open File Explorer
- Type “\sg.ns.lan” (or \192.168.128.2) into path bar
- Windows should request credentials
- With correct credentials, File Explorer will display all datasets associated with server
Windows 10 Map Network Drive
- Right click on “This PC”
- Select “Map network drive…”
- Select Drive to map: “Z:”
- Folder: “\sg.ns.lan” (or \192.168.128.2)
- Reconnect at sign-in: checked (yes)
- Connect using different credentials: checked (yes)
- Enter credentials: nsprouser - thepasswordyouset
- Finish
- You should have access, you can edit or insert credentials directly see “Windows 10 credentials debug” below
Windows 10 credentials debug
- Search for “credentials” Select “Manage Windows Credentials Control panel” Application
- Click Windows Credentials
- Add, Edit or Remove the associated Windows Credentials
- Clear Windows 10 local credentials
- Press the Windows key + R together to open the Run box. Type the following command and hit Enter.
rundll32.exe keymgr.dll, KRShowKeyMgr
- Select and delete the credential
Windows 10 bash mount Mounting DrvFs
In order to mount a Windows drive using DrvFs, you can use the regular Linux mount command. For example, to mount a removable drive D: as /mnt/d directory, run the following commands:
$ sudo mkdir /mnt/d
$ sudo mount -t drvfs D: /mnt/d
Now, you will be able to access the files of your D: drive under /mnt/d. When you wish to unmount the drive, for example so you can safely remove it, run the following command:
Mounting network locations
When you wish to mount a network location, you can of course create a mapped network drive in Windows and mount that as indicated above. However, it’s also possible to mount them directly using a UNC path:
$ sudo mkdir /mnt/share
$ sudo mount -t drvfs '\\server\share' /mnt/share
Note the single quotes around the UNC path; these are necessary to prevent the need to escape the backslashes. If you don’t surround the UNC path with single quotes, you need to escape the backslashes by doubling them (e.g. \\server\share).
WSL does not have any way to specify which credentials to use to connect to a network share. If you need to use different credentials to connect to the server, specify them in Windows by navigating to the share in File Explorer, using the Windows Credential Manager, or the net use command. The net use command can be invoked from inside WSL (using net.exe use) via interop. Type net.exe help use for more information on how to use this command.
Apple Mac Map Network Drive
Via Network Browse
- Click Finder -> Network -> sg
- Click “Connect As” and enter credentials
- Finder should show all resources on that server
Via GO
- Click Finder GO -> “Connect to Server”
- smb://sg.ns.lan (or smb://192.168.128.4)
- Select the dataset you want to mount
freeNAS NFS Share Dataset Configuration
- Check Status of nspool Storage - Pools - Gear Status
- Add NFS_ISO_Share Storage - Pools -> nspool -> Add Dataset LT-video
- Name: NFS_ISO_Share
- Comments: NFS ISO files for LAN Share
- Sync: Inherit (standard)
- Leave rest default
- SAVE
- Edit Permissions on Projects Dataset LT-video
- Give Write to Group and Other
- Apply Permissions Recursively
- Save
- Enable NFS Service Services - NFS - Edit LT-video
- Number of servers: 4 (each takes 1 core)
- Allow no-root mount: Checked
- Enable NFSv4: Checked
- Restart NFS Service
- Turn off NFS Sync for each Dataset ZFS performance issue LT-Video
root@freenas[/mnt/nspool]# ls
NFS_ISO_Share Projects
root@freenas[/mnt/nspool]# zfs set sync=disabled nspool/Projects
root@freenas[/mnt/nspool]# zfs set sync=disabled nspool/NFS_ISO_Share
root@freenas[/mnt/nspool]#
- Create NFS share Sharing - NFS - Add LT-video
- Path: /mnt/nspool/Projects
- All dirs (checked)
- Enabled (checked)
- Advanced: Security: sys
- Save
- Create NFS share Sharing - NFS - Add LT-video
- Path: /mnt/nspool/NFS_ISO_Share
- All dirs (checked)
- Enabled (checked)
- Advanced: Security: sys
- Save
- Add the NFS share to your xcp-ng server
Reference Links
Reference Videos
Hindsight Jail
- From FreeNAS Dashboard -> Jails -> ADD
- Jail Name: hindsight
- Release: 11.2-RELEASE
- NEXT:
- IPv4 Interface: em0
- IPv4 Address: 192.168.1.6
- IPv4 Netmask: 24
- NEXT:
- Confirm
Jail Summary
Jail Name : hindsight
Release : 11.2-RELEASE
IPv4 Address : em0|192.168.1.6/24
Confirm these settings.
- Confirm
- Basic: Auto-Start
- Jail: allow_set_hostname, allow_raw_sockets
- Install hindsight - Jail -> hindsight -> shell
- root@hindsight:~ # pkg install stow
- root@hindsight:~ # mkdir /usr/local/stow
- root@hindsight:~ # cd /usr/local/stow/
- root@hindsight:~ # scp cat@192.168.1.30:/Users/cat/Downloads/hindsight_bsd_stow.tgz .
- root@hindsight:~ # tar -xzvf hindsight_bsd_stow.tgz
- root@hindsight:~ # vi /etc/rc.d/hindsight
```
$ cat /etc/rc.d/hindsight
#!/bin/sh
#
PROVIDE: hindsight
REQUIRE: DAEMON
KEYWORD: shutdown
. /etc/rc.subr
name=hindsight
rcvar=hindsight_enable
command=”/usr/sbin/daemon”
command_args=”-P /var/run/hindsight.pid -T hindsight /usr/local/bin/hindsight /usr/local/hindsight/hindsight.cfg 7”
load_rc_config $name
#
DO NOT CHANGE THESE DEFAULT VALUES HERE
SET THEM IN THE /etc/rc.conf FILE
#
hindsight_enable=${hindsight_enable-“NO”}
pidfile=${hindsight_pidfile-“/var/run/hindsight.pid”}
run_rc_command “$1”
- root@hindsight:~ # chmod 555 /etc/rc.d/hindsight
- root@hindsight:~ # vi /etc/rc.conf
hindsight_enable=”YES”
- root@hindsight:~ # systemclt start hindsight
- root@hindsight:~ # systemclt status hindsight
- root@hindsight:~ # lsb_heka_cat /usr/local/hindsight/output/input/0.log
- syslog collector is running on the standard port 514
- pfsense collector is on port 4514
## Hindsight update
1. root@hindsight:~ # /etc/rc.d/hindsight status || (service hindsight status)
2. root@hindsight:~ # /etc/rc.d/hindsight stop || (service hindsight stop)
3. root@hindsight:~ # cd /usr/local/
4. root@hindsight:~ # scp cat@192.168.1.30:/Users/cat/Downloads/hs_bsd_stow.tgz .
5. root@hindsight:~ # stow -v -D *
6. root@hindsight:~ # rm -rf stow
7. root@hindsight:~ # tar -zxf hs_bsd_stow.tgz
8. root@hindsight:~ # cd stow
9. root@hindsight:~ # stow -v *
10. root@hindsight:~ # /etc/rc.d/hindsight start || (service hindsight start)
11. root@hindsight:~ # /etc/rc.d/hindsight status || (service hindsight status)
12. root@hindsight:~ # lsb_heka_cat /usr/local/hindsight/output/input/0.log
## Install new FreeNAS and import existing Pool
1. USB FreeNAS install to new USB
2. Login to FreeNAS firstime set pw (yoursecurepassword)
3. Storage -> Pools -> Add
- Import an existing pool
- NEXT:
- Is the pool encrypted? No
- NEXT:
- Pool: nspool
- NEXT:
- Confirm: IMPORT
Pool Import Summary
Pool to import : nspool | 9174643673441383865
Confirm these settings.
```