Thanks for the support vids! I’m new to FreeNAS but am a longtime Linux Admin so setting it up was pretty easy. I am working on setting up a private cloud for a client of mine using NextCloud. So far so good thanks to you! Aloha!
Wow thank you this video was very helpful! Some things like the source and destination made no sense to me but you made everything totally understandable.
Hi Tom, thanks for your videos. I have learned lots from them. Maybe you should do a tutorial on how to install Subsonic. I really struggle getting it to work. Thanks again and keep up the good work!!
My favorite thing about using a jail was being able to access programs in the jail from the FreeNAS host by just basically ./jails/myjail/root/sbin/command
Okej so i just realized, the only reason this is nice is because FreeNAS does not allow packages to be installed without tempering with the package manager.
I´ve redirected to watch this video from an IXSystems advertising mail that i received today. To me, it sounds like acknowledgment for your good job. If it is ( or not ) I liked a lot.
Tom, I don't know what it is but you are always doing a video about something I have just dug into or have on my list to dig into. I also like the fact you are local.
I did have a Yamaha XT250, but I sold that because I have been playing more with my Honda CT90's. I really enjoy off road / dual sport. I have had a ton of motorcycles over the years.
Hey Tom, thanks for this video, some decent information is there ..... Not sure if you agree, but with the introduction of the Docker and RancherOS item into FreeNAS, would it also be beneficial to do a video on how to set up and get Docker running on FreeNAS? I've tried following the official and unofficial guides I've found, however no luck so far.....
Hey Tom - so while your way of doing permissions for jails will work, it's not very secure. What you can do is from within the Jail itself you can add groups to the jail with the same GroupID as the ones on the host system. This tutorial from the FreeNas forums is what I had used when I setup the permissions for my jails. forums.freenas.org/index.php?threads/tutorial-how-to-install-plex-in-a-freenas-11-0-jail.19412/
yes, there are more secure ways of doing it, I did this to show the easy way as most people want it to work for Plex, I don't recommend jails for use in any commercial environment
I am using jails (on FreeBSD not on FreeNAS) for commercial use for more than 5 years. Actually Jails are the benefit of FreeBSD compared to Linux. On FreeNAS jails are quite limited in the GUI, please spend some time to check the man pages and understand how jails work and why they exist. I would highly recommend using jails in commercial environments. Thanks for the video and your passion, keep up your work, great channel.
I have been running jls on freenas/ freebsd for 3 or 4 years. In my experience some jls are super easy with updates.. Others like plex.. They predictably break with major new releases, point releases are a mixed bag. Personally, I wouldn't recommend jls for any mission critical applications. Separate bare metal for hypervisor and/or containers. FreeNAS for storage.. Rock hard stable imho.
Yes this is correct, the permissions do not NEED to be wide open. It's fine to use in a commercial environment if you just set the permissions properly. In this example LS is using syncthing. You can get Syncthing working in a jail if you create a user called 'sync' with a uid of 983. This matches the user sync inside the jail so the permissions carry over.
Permissions are what frustrates me and from google searches seems a common one. Plugins are installed storage is there but write permissions denied. Users groups everything seems wide open permissions ( probably terrible security) yet constant PERMISSION DENIED. Chmod 777. Add group etc etc. Would be great to have a better understanding of permissions to help keep sanity lol.
Tom thank you very much for another great video. Would you please consider doing one on using RAM for the PLEX transcoding. I have seen a few comments in the forums but trust your expertise. Since a lot of us have 64 and 128 GB of RAM for our FreeNAS Builds it would be nice to use RAM instead of punishing another SSD.
I can't believe no one got back to you man. Here I am 3 years late, and hoping you found it already. sudo mkdir /mnt/ramdisk sudo mount -t tmpfs -o rw,size=10G tmpfs /mnt/ramdisk then add something like this to /etc/fstab tmpfs /mnt/ramdisk tmpfs rw,size=10G 0 0 In my example I set it to 10 gig, but you can obviously increase this value. If you're not afraid of DDR3, you can easily kit your rig to 96 gigs or more. I built out an old Dell r410 as its technically a workstation, but is in a 1U form factor as its meant to be rack mounted. Yes, this is basically copy paste from linuxhint. I recommend you all add them to your resources as their write ups are succinct and accurate.
I tried downloading directly from NZBGEEK and the files ended up going to a Sabnzbd download/complete file that I apparently don't have access. I'm admittedly very new to freenas in general. How can I gain access to these folders to get to my files? Any help or ridicule will be welcome.
Another option is to run Ubuntu/CentOS with LXD on ZFS. I've found that the users and groups in the core OS are pushed to the containers and you can setup Datasets that map the ZFS share to the mnt folder in the container/vm. That way you don't have to setup a group or set of users in the jail that match to host OS, less work in Linux. ;-) Side note: making sure bridging works can be a pain for some cloud based installations, but there's lots of instructions for getting it changed successfully while SSH'd in. Ps. I've been told that you can run a KVM instance in an LXD container to run Windows VM's. I haven't tried it in my test environment yet, but it could be done.
Agreed. I am using ZFS on Ubuntu server with Docker and it rocks, I tried out freenas but found it more time consuming to setup in regarding jails and plugins compared to Ubuntu and Docker
Hey Tom, can you elaborate on why you don't recommend jails in a commercial environment? Is it to do with security/stability/performance/portability? Is it just that you wouldn't recommend opening them up to the outside? Or what makes you say that? I'm currently in the works of creating a couple of jails on our FreeNAS box, to host some internal DB's and wikis. I thought that it would be better to go to jails instead of VMs, because of the smaller memory footprint, since ZFS ARC will benefit from more memory :).
Jails are very useful in terms of efficiency and can be setup securely they offer more of a technical challenge to maintain as updates to the underlying operating system can cause the need to be changes in the jail. As long as you understand that and have technical know how for solving those issues, they are fine.
Ah yea, so basically the portability if you could say it that way. Thanks for your answer, I'm fine with the jails needing some change management. The FreeNAS box will be updated only when we're sure we can update without the jails being affected. So I'll be test running the jails with a testbox before upgrading the main box. Thanks again for your response, you've got a great thing going on with this channel!
Tom, My plugin's work great. When I install VM's and point it to the Volume I made for it, they initially boot, but upon reboot, go to a SHELL> environment that I have to manually select the grub file to boot, then work find It is like they all overwrite each others root. Am I failing to create individual folders for each VM's root filesystem? Guess it wont do it itself? Any videos addressing this?
Thanks a lot for the video! Helped a lot! BTW, Have you guys test how FreeNAS runs on amd platforms? FreeNAS strongly recommend using Intel platforms but I already have an AM4 mb (no cpu though), should I switch to Intel or AMD is fine? Thanks!
@@LAWRENCESYSTEMS the reason I am asking is that I tried to setup Plex and the box I need to choose while setting up is gray out so I can't choose it. I doubled check mount points made sure permission it's open to all.
It's great people are trying to help and I really don't like the new UI, but the new UI will become default, very, very soon. You may as well have embraced the inevitable and done it in that environment.
Spot on at the end that youtube does not 100% notify you even if you smash the bell because thats how SHITHOUSE and SCUMMY the company is and they even ADMITTED it recently on one of the staff vlogs
You do not have to open up full permissons on a volume to have a jail able to write. I recommend reading forums.freenas.org/index.php?threads/how-to-giving-plugins-write-permissions-to-your-data.27273/ I prefer solution 3, which is to add the jails service user to the group which has permissons to write to the share. 1. Login to the jail by using command "jls" to list all jails and then "jexec tcsh" 2. Run "ps aux" inside the jail to figure out the user the service is running as 2. Then add a group inside the jail with the same guid as the group in the freenas system which has permissons on the volume 3. Add the jail user to that group inside the jail. This is the terminal output of me finding the user name of the resilio service in my freenas. root@freenas:~ # jls JID IP Address Hostname Path 1 mqttclient /mnt/Vol1/jails/mqttclient 2 myplex /mnt/Vol1/jails/myplex 3 192.168.10.15 nextcloud /mnt/Vol1/jails/nextcloud 5 resilio_1 /mnt/Vol1/jails/resilio_1 6 troll /mnt/Vol1/jails/troll 7 vpn /mnt/Vol1/jails/vpn 11 zoneminder /mnt/Vol1/jails/zoneminder 12 owncloud_1 /mnt/Vol1/jails/owncloud_1 root@freenas:~ # jexec 5 tcsh root@resilio_1:/ # uid uid: Command not found. root@resilio_1:/ # ps ax PID TT STAT TIME COMMAND 11054 - SJ 3:30.57 /usr/pbi/resilio-amd64/bin/python2.7 /usr/pbi/resilio-amd64/control.py start 192.168.10.14 12346 11461 - SsJ 1:43.49 /usr/sbin/syslogd -s 11563 - SsJ 624:57.84 /usr/pbi/resilio-amd64/bin/rslsync --config /usr/pbi/resilio-amd64/etc/resilio.conf 11580 - IsJ 0:05.64 /usr/sbin/cron -s 3388 0 SJ 0:00.03 tcsh 3398 0 R+J 0:00.00 ps ax root@resilio_1:/ # ps aux USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 11054 0.0 0.1 157272 46548 - SJ 22May18 3:30.58 /usr/pbi/resilio-amd64/bin/python2.7 /usr/pbi/resilio-amd64/control.py start 192.168.10.14 12346 root 11461 0.0 0.0 14520 1188 - IsJ 22May18 1:43.49 /usr/sbin/syslogd -s resilio 11563 0.0 0.2 120048 51356 - SsJ 22May18 624:57.85 /usr/pbi/resilio-amd64/bin/rslsync --config /usr/pbi/resilio-amd64/etc/resilio.conf root 11580 0.0 0.0 16624 1412 - IsJ 22May18 0:05.64 /usr/sbin/cron -s root 3388 0.0 0.0 23596 3348 0 SJ 9:46PM 0:00.03 tcsh root 3405 0.0 0.0 18768 1996 0 R+J 9:46PM 0:00.00 ps aux
Thanks for the support vids! I’m new to FreeNAS but am a longtime Linux Admin so setting it up was pretty easy. I am working on setting up a private cloud for a client of mine using NextCloud. So far so good thanks to you! Aloha!
Thank you!! i have been racking my brain with plugins, jails and permissions for the past day and this video solved all of my problems
Wow thank you this video was very helpful! Some things like the source and destination made no sense to me but you made everything totally understandable.
Hi Tom, thanks for your videos. I have learned lots from them. Maybe you should do a tutorial on how to install Subsonic. I really struggle getting it to work. Thanks again and keep up the good work!!
Thanks for the video comes in handy for I just got back to testing FreeNas and was wondering how and where the data would be stored.
My favorite thing about using a jail was being able to access programs in the jail from the FreeNAS host by just basically ./jails/myjail/root/sbin/command
Okej so i just realized, the only reason this is nice is because FreeNAS does not allow packages to be installed without tempering with the package manager.
I´ve redirected to watch this video from an IXSystems advertising mail that i received today. To me, it sounds like acknowledgment for your good job.
If it is ( or not ) I liked a lot.
Thanks, Me and iXsystems have become friends from the videos. :)
Yes yes 👍 thank you! How did you know I am working on rebuilding my freenas box? Information power boost. Cheers mate!
If leaving permissions as 777 will it not give evry user on the network access to that folder? that's really not secure in my opinion
for the permissions you have to create a user in a jail with the same userID as the system, in this case you don't have to wide open permissions
Yep, Kris Moore and or original Freenas videos state this. This is a must instead of just opening it all up. Glad someone said it.
@Lawrence Systems I'm having trouble understanding. Are Jails like symlinks or is the data copied from the Source to the Destination?
I was *just* struggling my way through this. Thanks!
Tom, I don't know what it is but you are always doing a video about something I have just dug into or have on my list to dig into. I also like the fact you are local.
I see that you are a motorcycle enthusiast as well. :)
Lawrence Systems / PC Pickup This weather have been killing me. I ride every day I can, just not in snow. What bike do you have??
I did have a Yamaha XT250, but I sold that because I have been playing more with my Honda CT90's. I really enjoy off road / dual sport. I have had a ton of motorcycles over the years.
Tom, thank you for this breakdown. Definitely helpful!
Hey Tom, thanks for this video, some decent information is there ..... Not sure if you agree, but with the introduction of the Docker and RancherOS item into FreeNAS, would it also be beneficial to do a video on how to set up and get Docker running on FreeNAS? I've tried following the official and unofficial guides I've found, however no luck so far.....
Hey Tom - so while your way of doing permissions for jails will work, it's not very secure. What you can do is from within the Jail itself you can add groups to the jail with the same GroupID as the ones on the host system.
This tutorial from the FreeNas forums is what I had used when I setup the permissions for my jails.
forums.freenas.org/index.php?threads/tutorial-how-to-install-plex-in-a-freenas-11-0-jail.19412/
yes, there are more secure ways of doing it, I did this to show the easy way as most people want it to work for Plex, I don't recommend jails for use in any commercial environment
I am using jails (on FreeBSD not on FreeNAS) for commercial use for more than 5 years. Actually Jails are the benefit of FreeBSD compared to Linux.
On FreeNAS jails are quite limited in the GUI, please spend some time to check the man pages and understand how jails work and why they exist.
I would highly recommend using jails in commercial environments.
Thanks for the video and your passion, keep up your work, great channel.
I have been running jls on freenas/ freebsd for 3 or 4 years. In my experience some jls are super easy with updates.. Others like plex.. They predictably break with major new releases, point releases are a mixed bag. Personally, I wouldn't recommend jls for any mission critical applications. Separate bare metal for hypervisor and/or containers. FreeNAS for storage.. Rock hard stable imho.
Thanks for the tip. This help me out significantly :)
Yes this is correct, the permissions do not NEED to be wide open. It's fine to use in a commercial environment if you just set the permissions properly. In this example LS is using syncthing. You can get Syncthing working in a jail if you create a user called 'sync' with a uid of 983. This matches the user sync inside the jail so the permissions carry over.
Permissions are what frustrates me and from google searches seems a common one. Plugins are installed storage is there but write permissions denied. Users groups everything seems wide open permissions ( probably terrible security) yet constant PERMISSION DENIED. Chmod 777. Add group etc etc. Would be great to have a better understanding of permissions to help keep sanity lol.
Tom thank you very much for another great video. Would you please consider doing one on using RAM for the PLEX transcoding. I have seen a few comments in the forums but trust your expertise. Since a lot of us have 64 and 128 GB of RAM for our FreeNAS Builds it would be nice to use RAM instead of punishing another SSD.
I can't believe no one got back to you man. Here I am 3 years late, and hoping you found it already.
sudo mkdir /mnt/ramdisk
sudo mount -t tmpfs -o rw,size=10G tmpfs /mnt/ramdisk
then add something like this to /etc/fstab
tmpfs /mnt/ramdisk tmpfs rw,size=10G 0 0
In my example I set it to 10 gig, but you can obviously increase this value. If you're not afraid of DDR3, you can easily kit your rig to 96 gigs or more. I built out an old Dell r410 as its technically a workstation, but is in a 1U form factor as its meant to be rack mounted.
Yes, this is basically copy paste from linuxhint. I recommend you all add them to your resources as their write ups are succinct and accurate.
Love the end note , nice work
I tried downloading directly from NZBGEEK and the files ended up going to a Sabnzbd download/complete file that I apparently don't have access. I'm admittedly very new to freenas in general. How can I gain access to these folders to get to my files? Any help or ridicule will be welcome.
Another option is to run Ubuntu/CentOS with LXD on ZFS. I've found that the users and groups in the core OS are pushed to the containers and you can setup Datasets that map the ZFS share to the mnt folder in the container/vm. That way you don't have to setup a group or set of users in the jail that match to host OS, less work in Linux. ;-)
Side note: making sure bridging works can be a pain for some cloud based installations, but there's lots of instructions for getting it changed successfully while SSH'd in.
Ps. I've been told that you can run a KVM instance in an LXD container to run Windows VM's. I haven't tried it in my test environment yet, but it could be done.
Agreed. I am using ZFS on Ubuntu server with Docker and it rocks, I tried out freenas but found it more time consuming to setup in regarding jails and plugins compared to Ubuntu and Docker
I am stuck with this error ""Can't create or write into the data directory /usr/local/www/nextcloud/data3"
Hey Tom, can you elaborate on why you don't recommend jails in a commercial environment? Is it to do with security/stability/performance/portability? Is it just that you wouldn't recommend opening them up to the outside? Or what makes you say that? I'm currently in the works of creating a couple of jails on our FreeNAS box, to host some internal DB's and wikis. I thought that it would be better to go to jails instead of VMs, because of the smaller memory footprint, since ZFS ARC will benefit from more memory :).
Jails are very useful in terms of efficiency and can be setup securely they offer more of a technical challenge to maintain as updates to the underlying operating system can cause the need to be changes in the jail. As long as you understand that and have technical know how for solving those issues, they are fine.
Ah yea, so basically the portability if you could say it that way. Thanks for your answer, I'm fine with the jails needing some change management. The FreeNAS box will be updated only when we're sure we can update without the jails being affected. So I'll be test running the jails with a testbox before upgrading the main box. Thanks again for your response, you've got a great thing going on with this channel!
very helpful, thanks!
Tom, My plugin's work great. When I install VM's and point it to the Volume I made for it, they initially boot, but upon reboot, go to a SHELL> environment that I have to manually select the grub file to boot, then work find It is like they all overwrite each others root. Am I failing to create individual folders for each VM's root filesystem? Guess it wont do it itself? Any videos addressing this?
Thanks a lot for the video! Helped a lot! BTW, Have you guys test how FreeNAS runs on amd platforms? FreeNAS strongly recommend using Intel platforms but I already have an AM4 mb (no cpu though), should I switch to Intel or AMD is fine? Thanks!
I have not done extensive testing, but it seems to run fine on AMD
Great stuff Sir.
Thank you!
Does it actually create (knowable) users or user groups for the jails? If so I would only give permission to those users/groups.
Because it really sounds like the whole thing probably just runs on different users in FreeBsd. Those user names must be available somewhere.
Possible to install Plex without going through jails? Maybe in the root of the system?
That would be a terrible idea
@@LAWRENCESYSTEMS the reason I am asking is that I tried to setup Plex and the box I need to choose while setting up is gray out so I can't choose it. I doubled check mount points made sure permission it's open to all.
@@LAWRENCESYSTEMS knowing that it is a terrible idea, is it possible and how would I do that?
What is the reason for setting the ip outside of the DHCP range?
So that it's a static assignment and won't get changed. Servers are generally preferred with static addresses.
Is there away to assign a second nic card to the jail
yes, it's in the settings
It's great people are trying to help and I really don't like the new UI, but the new UI will become default, very, very soon. You may as well have embraced the inevitable and done it in that environment.
Spot on at the end that youtube does not 100% notify you even if you smash the bell because thats how SHITHOUSE and SCUMMY the company is and they even ADMITTED it recently on one of the staff vlogs
Do you know that none of your explanations has any value to FreeNAS 11.2 users like me i am pinging plex server but does not want to show in browser
Can you run UniFi in a jail?
I've seen some work instructions to get it to work but I really wouldn't recommend it as an update to freenas could possibly break things.
I just wanna run plugins on top of FreeNAS without the need to have another IP for each plugin.
Wow, the UI used to look so much better. Why did they change it to the ugly one they have now?
You do not have to open up full permissons on a volume to have a jail able to write.
I recommend reading
forums.freenas.org/index.php?threads/how-to-giving-plugins-write-permissions-to-your-data.27273/
I prefer solution 3, which is to add the jails service user to the group which has permissons to write to the share.
1. Login to the jail by using command "jls" to list all jails and then "jexec tcsh"
2. Run "ps aux" inside the jail to figure out the user the service is running as
2. Then add a group inside the jail with the same guid as the group in the freenas system which has permissons on the volume
3. Add the jail user to that group inside the jail.
This is the terminal output of me finding the user name of the resilio service in my freenas.
root@freenas:~ # jls
JID IP Address Hostname Path
1 mqttclient /mnt/Vol1/jails/mqttclient
2 myplex /mnt/Vol1/jails/myplex
3 192.168.10.15 nextcloud /mnt/Vol1/jails/nextcloud
5 resilio_1 /mnt/Vol1/jails/resilio_1
6 troll /mnt/Vol1/jails/troll
7 vpn /mnt/Vol1/jails/vpn
11 zoneminder /mnt/Vol1/jails/zoneminder
12 owncloud_1 /mnt/Vol1/jails/owncloud_1
root@freenas:~ # jexec 5 tcsh
root@resilio_1:/ # uid
uid: Command not found.
root@resilio_1:/ # ps ax
PID TT STAT TIME COMMAND
11054 - SJ 3:30.57 /usr/pbi/resilio-amd64/bin/python2.7 /usr/pbi/resilio-amd64/control.py start 192.168.10.14 12346
11461 - SsJ 1:43.49 /usr/sbin/syslogd -s
11563 - SsJ 624:57.84 /usr/pbi/resilio-amd64/bin/rslsync --config /usr/pbi/resilio-amd64/etc/resilio.conf
11580 - IsJ 0:05.64 /usr/sbin/cron -s
3388 0 SJ 0:00.03 tcsh
3398 0 R+J 0:00.00 ps ax
root@resilio_1:/ # ps aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 11054 0.0 0.1 157272 46548 - SJ 22May18 3:30.58 /usr/pbi/resilio-amd64/bin/python2.7 /usr/pbi/resilio-amd64/control.py start 192.168.10.14 12346
root 11461 0.0 0.0 14520 1188 - IsJ 22May18 1:43.49 /usr/sbin/syslogd -s
resilio 11563 0.0 0.2 120048 51356 - SsJ 22May18 624:57.85 /usr/pbi/resilio-amd64/bin/rslsync --config /usr/pbi/resilio-amd64/etc/resilio.conf
root 11580 0.0 0.0 16624 1412 - IsJ 22May18 0:05.64 /usr/sbin/cron -s
root 3388 0.0 0.0 23596 3348 0 SJ 9:46PM 0:00.03 tcsh
root 3405 0.0 0.0 18768 1996 0 R+J 9:46PM 0:00.00 ps aux
Ive lost my raid z2 pool trying to set up jails ;(
Жалко я не знаю английского :(