|
Combat Pretzel posted:Hrm, the latest IX newsletter mentions that they’re going to move several core services from the main OS into apps with TrueNAS Scale Cobia. So you can’t even disable this Kubernetes poo poo without kneecapping the system. Can you post the newsletter? my google-fu is failing me withoutclass posted:What are the advantages people like going for Docker that made it worth it to switch to TrueNAS Scale? Seems like a big pain over just setting up jails. Scale is based on Linux, not BSD.
|
# ? Jun 29, 2023 13:03 |
|
|
# ? Jun 5, 2024 03:37 |
|
Wibla posted:
What is the advantage of Linux over BSD when it comes to running a NAS?
|
# ? Jun 29, 2023 13:34 |
Docker container setups are significantly better documented than any jail stuff.
|
|
# ? Jun 29, 2023 13:49 |
|
withoutclass posted:What is the advantage of Linux over BSD when it comes to running a NAS? I already know how to use Linux
|
# ? Jun 29, 2023 13:51 |
|
withoutclass posted:What is the advantage of Linux over BSD when it comes to running a NAS? I don't know. I always ran linux on my NAS servers, typically debian + mdadm raid6 + XFS and a pretty basic samba setup. They've generally just worked. Very rarely had any issues beyond a drive failing every once in a while. Now I'm running TrueNAS Scale with ZFS and a slightly more advanced filesystem setup (various datasets, encryption etc), and it works just the same, from a user perspective. But it was definitely more complex to setup than my old servers were, and I've had some issues with containers. I'm also a firm believer in KISS, so the news that the iX folks want to move more poo poo into containers is bad news (to me), because that's more poo poo that can (and will) break in fun ways.
|
# ? Jun 29, 2023 13:53 |
|
I will say the Truecharts folks Discord really were awesome in helping me get set up and my apps pointing to my storage since you can’t have an app mount point be a part of the main dataset or some nonsense. Really patient and once they explained it and showed me how to set it up I was off and running. I think the iXsystems versions of some apps can be a version or two behind and don’t always let you point the additional storage in different areas. It was weird.
|
# ? Jun 29, 2023 14:18 |
|
One round of breaking changes that required every app to be reinstalled because truecharts decided they had a better idea or whatever sucked rear end but was tolerable. The second time they did that, though... why even bother using their ecosystem for updates when I have to reinstall everything every six months anyway?
|
# ? Jun 29, 2023 14:49 |
|
power crystals posted:One round of breaking changes that required every app to be reinstalled because truecharts decided they had a better idea or whatever sucked rear end but was tolerable. Yeah, bullshit like this is why I'm seriously considering going back to my old setup with a pretty basic NAS/fileserver and a VM host accessing storage on it.
|
# ? Jun 29, 2023 15:10 |
My NAS is my NAS. It has no other job other than to serve files. I have a separate device to act as a server. Use an NFS share (limited to the IP of the server) if you need like-local storage without any potential permissions issues. Or a CIFS/SMB share if you need something more widely accessible but protected by a password.
|
|
# ? Jun 29, 2023 15:18 |
|
power crystals posted:One round of breaking changes that required every app to be reinstalled because truecharts decided they had a better idea or whatever sucked rear end but was tolerable. This pretty much describes my experience with TrueNAS Scale as well. I'm back on Core and hosting my containers on a generic Linux VM.
|
# ? Jun 29, 2023 17:56 |
|
power crystals posted:From what I've seen the kubernetes subsystem works fine, the issue is just that truecharts is run by absolute morons. Also the other reply in this thread, about Truecharts breaking apps more than once. Wibla posted:Yeah, bullshit like this is why I'm seriously considering going back to my old setup with a pretty basic NAS/fileserver and a VM host accessing storage on it.
|
# ? Jun 29, 2023 18:02 |
Didn't iX say from the beginning that TrueNAS Scale was going to have a lot of constant changes, or am I remembering that wrong? I was always under the impression that things were going to be in a constant state of flux while they tried out things to see what worked best - which is one of the reasons why I've never really recommended it. Most people don't buy fridges expecting them to be exciting, they buy them expecting them to do what they're supposed to do, and do it reliably - the same holds true for appliance OS'. Combat Pretzel posted:Considering the same. It is kinda nice to have some management solution for automatic snapshots and purging thereof, tho. In Solaris, it's even older and is accomplished via the auto-snapshot dataset property. BlankSystemDaemon fucked around with this message at 19:27 on Jun 29, 2023 |
|
# ? Jun 29, 2023 19:21 |
|
My 48 10tb drives and 2 24bay disk shelves arrived today. Now I need an HBA card and some cables and I am ready to rock. Any recommendations? And as far as daisy chaining these guys I just run one cable between them in one of the SAS ports, then run another outputting to the next box, yes?
|
# ? Jun 29, 2023 22:27 |
|
https://www.servethehome.com/buyers-guides/top-hardware-components-for-truenas-freenas-nas-servers/top-picks-truenas-freenas-hbas/
|
# ? Jun 29, 2023 22:33 |
|
BlankSystemDaemon posted:Didn't iX say from the beginning that TrueNAS Scale was going to have a lot of constant changes, or am I remembering that wrong? Truenas scale is managed competently, imo. It has had changes but each change has a migration path (if irritating and inconvenient) which is all I can ask for. Truecharts which for better or worse is affiliated only in name only as far as I can tell is run by a people who just scream "YOLO" and do whatever makes their lives easiest, gently caress you, there is zero path from version X to X+1. I have no issues with scale aside from the odd bug which have never meaningfully impacted me (I haven't witnessed the 100% cpu thing above) but truecharts is just terrible.
|
# ? Jun 29, 2023 22:42 |
|
BlankSystemDaemon posted:
NAS as discussed here are prosumer products though. I suspect at least 50% of the people do buy them to tinker. And I see you haven't seen LG/Samsung touch screen LCD refrigerators.
|
# ? Jun 29, 2023 23:14 |
|
I would actively avoid buying a kitchen appliance that advertised how much RAM it had or came with Android
|
# ? Jun 29, 2023 23:23 |
|
withoutclass posted:What are the advantages people like going for Docker that made it worth it to switch to TrueNAS Scale? Seems like a big pain over just setting up jails. All my stuff is in BSD jails, but I believe the idea is that you can download a Docker container and not have to configure much if anything for it, and only once if that, then Docker can automatically keep things updated with the latest images VS going in to each jail and updating them yourself every so often, having to manually account for dependencies etc. Basically instead of setting up and configuring a jail you just download one. Windows 98 posted:I already know how to use Linux I'm sure it depends on how complex your setup is, but I'm having a hard time thinking of any user-level differences I've seen between Linux and BSD (through TrueNAS at least). I uses pkg instead of apt to update stuff in my jails, but that's about it. Thanks Ants posted:I would actively avoid buying a kitchen appliance that advertised how much RAM it had or came with Android
|
# ? Jun 29, 2023 23:35 |
|
They got what they deserved. Who the hell connects this poo poo to a network?
|
# ? Jun 30, 2023 00:25 |
Docker doesn't auto update its containers. You can deploy a watchtower container, give it access to the docker.sock and set it up to update everything. Podman does have a built in --auto-update command. But it will only update containers deployed using systemd and then only ones with the label "io.containers.autoupdate" In either case, docker/podman what it's doing is downloading a new image and taking down the old container and re-running the run command associated with it. Containers are supposed to be ephemeral so only any volume claims will remain across container creations.
|
|
# ? Jun 30, 2023 00:26 |
|
If neither the image, nor the run command specifies a user, docker defaults to root, uid 0. Yikes
|
# ? Jun 30, 2023 00:34 |
|
the user inside the container isnt uid 0, and the container itself has limited access to stuff, so i dont think its any more vulnerable than just running a normal process as a normal user
|
# ? Jun 30, 2023 00:37 |
withoutclass posted:If neither the image, nor the run command specifies a user, docker defaults to root, uid 0. Another reason non-rootful Podman is superior! It will only ever have as many permissions as the user its running at most.
|
|
# ? Jun 30, 2023 00:46 |
|
VostokProgram posted:the user inside the container isnt uid 0, and the container itself has limited access to stuff, so i dont think its any more vulnerable than just running a normal process as a normal user It's a lot less safe actually, as you're a single container escape exploit away from having your system rooted. Docker doesn't use user namespaces in its default configuration.
|
# ? Jun 30, 2023 00:51 |
|
Anyone know of any performance comparisons done between ZFS implementations in unraid vs truenas? Now that unraid supports ZFS I’m seriously considering leaving truenas for it, because I like using unraid much better.
|
# ? Jun 30, 2023 02:44 |
Volguus posted:They got what they deserved. Who the hell connects this poo poo to a network? VostokProgram posted:the user inside the container isnt uid 0, and the container itself has limited access to stuff, so i dont think its any more vulnerable than just running a normal process as a normal user Beve Stuscemi posted:Anyone know of any performance comparisons done between ZFS implementations in unraid vs truenas? Off-hand, the two biggest things are going to be the VM implementation (where I believe FreeBSD has slight advantage due to being it being an unified buffer cache+ARC, whereas Linux has to balance all the individual caches as well as ARC), and things like FreeBSD being dynamically tickless (by default it runs at hz=1000, whereas Linux runs at hz=100 - which tends to manifest in scrubs and repairs being quicker on FreeBSD).
|
|
# ? Jun 30, 2023 09:58 |
|
BlankSystemDaemon posted:A lot of IoT nonsense will connect to any available hotspot to try and gain internet access, if not provided with any way of doing it. Obviously it would be trivial to do from a technical standpoint, but it seems like these days it would cause more support requests than it would prevent considering most open networks now are public hotspots with captive portals. Non-technical users would see their device claiming it was connected to a network but it wouldn't work. And of course once this behavior was discovered the infosec social media universe would have a field day with it (which is the main reason I'm reasonably confident this is more of an urban legend).
|
# ? Jun 30, 2023 17:55 |
wolrah posted:That claim has gone around about a few kinds of devices (most notably Samsung TVs) but I have yet to see any evidence of it actually happening. Got anything to support it? Despite this, if I press the home button, it'll show me ads for various movies that I can rent, and the movies on offer will occasionally update.
|
|
# ? Jun 30, 2023 18:37 |
|
wolrah posted:That claim has gone around about a few kinds of devices (most notably Samsung TVs) but I have yet to see any evidence of it actually happening. Got anything to support it?
|
# ? Jun 30, 2023 18:48 |
|
BlankSystemDaemon posted:My TV at home is a Philips 48PFT5500/12 running Android 5.x, and it's never been connected via 802.11 or RJ45 - because I use a NUC running FreeBSD as a HTPC. Do you have it connected to an antenna? There's a data stream in DVB.
|
# ? Jun 30, 2023 20:01 |
|
Unraid doesn't even support iSCSI out of the box, needs a goddamn plugin for it, that doesn't seem that maintained. gently caress me, I think I'll really go commando on this come this fall.
|
# ? Jun 30, 2023 21:23 |
|
BlankSystemDaemon posted:My TV at home is a Philips 48PFT5500/12 running Android 5.x, and it's never been connected via 802.11 or RJ45 - because I use a NUC running FreeBSD as a HTPC. I have a hypothesis about why smart TVs are such a common element in these tales. Smart TVs are usually designed to be very easy to connect to the internet and very easy to launch streaming apps. If the remote gets wedged in a couch, played with by kids/pets, etc. its plausible with some TV UIs that a streaming app gets launched, it fails to connect, a wifi troubleshooter launches, and at that point Next > Next > Next results in connecting to a network. Or of course the even simpler explanation that if anyone else was using your TV they might have connected it to a network. ilkhan posted:Captive portals are IME usually DNS based, and they can usually be bypassed by connecting to an IP.
|
# ? Jun 30, 2023 22:11 |
Thanks Ants posted:Do you have it connected to an antenna? There's a data stream in DVB. HDMI-CEC in theory provides Ethernet, but in practice this doesn't work since FreeBSD doesn't currently support the HDMI interface (and I'm pretty sure neither Windows, Linux, or macOS does either). Combat Pretzel posted:Unraid doesn't even support iSCSI out of the box, needs a goddamn plugin for it, that doesn't seem that maintained. Block and network sharing (SMB && NFS) is the two very basic things all NAS' need to do well, everything else is various degrees of optional. wolrah posted:I hope you can understand why "trust me, my TV did a thing I can't explain that must have been this" isn't very convincing when we're talking about the infosec equivalent of Bigfoot. As easy as it would be to produce evidence clearly showing a TV or other IoT device connecting to an open network entirely on its own, no one seems to have ever been able to actually document it beyond anecdotes. A blog post or social media thread proving any major vendor was doing something like this would be an easy way to get ones name out there in the privacy/security world so the fact that there's still nothing after all this time makes me pretty confident it's not really a thing. I don't have the option of moving several hundred meters away from everyone, in order to test it conclusively. If I find the energy and time, I can set up an open guest network on its own VLAN, which'll only permit the TVs MAC address, then use the tee functionality in ipfw to create a divert(4) socket that tcpdump can listen on - would that satisfy? I don't regard it as an InfoSec BigFoot, because there's nothing that says that devices shouldn't attempt to connect to open networks on their own. BlankSystemDaemon fucked around with this message at 22:34 on Jun 30, 2023 |
|
# ? Jun 30, 2023 22:26 |
|
I would not use iscsi on UnRAID with a fuse based pool backing it. y'all are trying to shoehorn every little thing into it. If you need block based storage UnRAID ain't for you.
|
# ? Jun 30, 2023 22:39 |
|
The Unraid versions that come with ZFS support allow setting up pools bypassing the file system merger stuff (whatever it is called, Google is unclear about that) they use. --edit: shfs, I think.
|
# ? Jun 30, 2023 22:47 |
|
Matt Zerella posted:y'all are trying to shoehorn every little thing into it. If you need block based storage UnRAID ain't for you.
|
# ? Jul 1, 2023 00:12 |
|
When it comes to tv ads, I found on my TCL that unless you turn off a setting, it will literally monitor your HDMI connection and use that to serve you ads
|
# ? Jul 1, 2023 00:51 |
|
If I only have a laptop and I just want to back up maybe 100tb of data and forget about it for a few years, do I really need to build a new PC with a complicated raid array? Can I just get ten 10tb SSDs, connect them with a USB C adaptor to back stuff up, and then throw them in an old backpack in my closet? Is there anything obviously wrong with that? The main issues I can think of are that USB C might not let me download 100tb fast enough to be feasible, I don't know how long SSDs survive without being used, and I don't know how to store them without damaging them.
|
# ? Jul 1, 2023 19:03 |
|
Are you posting from the future? I don't think there's a laptop that can fit 100TB, and 10TB SSDs aren't really available as consumer products yet, the biggest external SSDs you can get are 8 TB (and horribly expensive). e: oh, I see, the data is not on the laptop, you're just using it to back the data up from somewhere else. Still, you can probably build five 100 TB servers for the price of 100 TB of SSD storage. e2: For this use case, the real answer is tape drives. Tamba fucked around with this message at 20:19 on Jul 1, 2023 |
# ? Jul 1, 2023 19:50 |
|
|
# ? Jun 5, 2024 03:37 |
|
oliveoil posted:If I only have a laptop and I just want to back up maybe 100tb of data and forget about it for a few years, do I really need to build a new PC with a complicated raid array? Can I just get ten 10tb SSDs, connect them with a USB C adaptor to back stuff up, and then throw them in an old backpack in my closet?
|
# ? Jul 1, 2023 20:12 |