I have a odroid hc-1 and a virtual both running syncthing as my backup targets, and I access both of them using zerotier. The big benefit of this method is that if I wanted to deploy another node to a remote friend's house, the node would essentially be zero configuration for that friend, just plug in to power and data and it's done.
I kinda do this too, except my 2 firewalls connect with a Ipsec tunnel, I have 2 of those HP Micro G8 servers running Truenas, on on each end and they sync.
You're easily one of the most underrated tech TH-camrs. Your content is so useful and issued in a way that is easy to understand and isn't overwhelming. Your delivery is also entertaining and funny as hell. Out of every TH-camr, your vids have helped me the most in setting up my humble little server / babby homelab. Here's a thanks and a sub, keep doing what you're doing.
Help! I will preface by saying I am NOT an IT person. I was able to get an old pc up and running with Truenas Scale and two 6tb drives - love it. I am LOST on how to get remote access. I gave a Netgear router and followed instructions for OpenVpn and believe I have running, but not sure where to go next. A basic video on being able to access TrueNas server remotely would be awesome!!!
I use Scale's built in cloud backup to Google Drive, with the data encrypted - works brilliantly, and Google can't do anything with the data. I like the idea of a remote server though, say at a friends house.
Thank you, I was sitting here trying to understand what I was doing to set up tailscale on truenas. This is not the first time one of your videos have helped me through an issue. Thanks again.
I think smarter than me people would say, this is not the way. Probably the biggest issue being adding any changes to Truenas host system may break something and/or will not persist after upgrades. I think using tailscale is a good idea, but the better would be to have an other proxmox or Truenas on the other end. So you can have proper dataset replication with TrueNAS and Proxmox Backup System. I think syncthing is also a good way to go. But you mentioned that you have that running somewhere too.
I agree. I assumed this would be very simple but the video shows that wasn’t the case lol. It definitely has me thinking about my Remote Backup Process 2.0
@@RaidOwl There could be also some peculiarities with TrueNAS Scale itself. Wendell from Level1Techs had issues with a VM on Scale back in July. He straight up skipped the applications because he called it wonky. 😂
@@bluesquadron593 Honestly, Wendel is an idiot in this case. He skipped the system, but has super many opinions about it. While it is basically just plain helm under-the-hood.
I have a server trio at my house, HA Config with Proxmox. They replicated between each other and to my NAS, i also have a offsite backup to a datacenter. The latter is been utilized by a backup-container running inside proxmox, a CT Container, not a Docker Container. The NAS itself is sadly very underpowered by CPU and RAM to make more than being a local NAS. My Servers on the other side have plenty of cpu and ram to make their own backups as a background noise. I‘m revamping my offsite backup soon to borg with encryption, just for worst case scenarios that something odd happens on the datacenter site.
my guy, rsync is great, but you have zfs pools in truenas, yes? use zfs send and receive. rsync has to do a lot of work, work your zfs pool already precomputed just from existing. zfs is faster and better. i know, rsync is how i did it for sooo long too, but trust me check this out.
ZFS send / receive would be (performance-wise) similar to Backup>Replication (from GUI) right? But both ways better then rsync if both systems are TrueNAS systems ... ?
@18:02 so brett, wouldn't this be fixed if you tell the tailscale kubernetes container to advertise as an exit node?? That way when your "remote" truenas server tries to "phone home", it'll go out using the tailscale container network? (that's being advertised)? I have the exact same setup, (only using the truenas container, not the truecharts) and i have published the server ip, but i can't "phone home" either so i would very much prefer NOT to do everything all over again in the host system like you did, isntead I would prefer to just complete the kubernetes setup.
Thanks for sharing your solution. Keep in mind that TrueNAS SCALE does not support installing other Debian packages. It is likely to break when you next upgrade the TrueNAS OS. There are ways around it, I know, but this is not a generally recommended configuration.
That is also my biggest issue! I did the direct docker/shell install as well in the past but it is not really sustainable when you plan to update Scale without stuff breaking. When starting the video I thought finally a supported tailscale solution ... :(
Does any one get the following error when deploying stack in Docker Compose installation: "Deployment error failed to deploy a stack: service "tailscaled" refers to undefined volume var/lib: invalid compose project"?
Unfortunately this approach is EXTREMELY complicated. Is this really necessary? If you're going from TrueNAS Scale to Synology for backup, why not use one of the many backup programs available on the Synology? I configured active backup to run, unattended, every day, in 15 minutes. Isn't your time worth it? However, let me still thank Raid Owl for a very informative, and detailed backup approach.
Hey Raid Owl, This solution helped me greatly in connecting two remote TrueNAS Scale instances and running Replication Tasks. With Bluefin however, I am unable to run a tailscale instance right from the OS level (at least I haven't figured out how yet). Do you know how to do this?
@@jerryb9265 There is a solution for this, but it comes with warnings: I can't find the exact link I used, but essentially you need to chmod the /var/lib folder to allow access. It'll reset after every update since TrueNAS doesn't like you playing with cmd line
Great guide, however I cannot seem to get a way to turn ip subnet routes on Tailscale to enable. I only get a message "This machine does not expose any routes." Any thoughts?
For anyone else with this question, it's CIDR notation. IP addresses are best understood when shown in binary, as IP address are divided into network/client. Think of "client" as a house number, while "network" is the street, city, etc. Most home networks use a CIDR of /24 which would be the "192.168.1" part of the address for the network part, and then what ever number is tacked on at the end as the client part. By using /32 (the max for IP v4) you're saying that it can only go to the one IP address. The bigger the /number, the smaller the scope. Google "Understanding CIDR notation" for much better explanations.
FIRST edit: Now that I've watched. I'm doing something similar with unraid and wireguard. Works great! just limited by the network speeds are both ends... :(
Great video. In case it helps others I got this working using the GUI only. You will have to ensure that Host Networking is enabled and Userspace is disabled. You also need to set two sysctl values: net.ipv4.ip_forward net.ipv4.conf.all.src_valid_mark There is more documentation on the truecharts website.
@@RaidOwl Testing that out myself. But I've been using OpenVPN, because it is built in in TrueNAS. Mostly just worried that an update will destroy tailscale or, the one I've tested, wg-easy. But thank you for the video. I really like your contribution. It really helps a lot of people. Keep it up!
True, Syncthing is great, but has way worse performance in my experience. Also, if you want to do zfs replication, which can be much faster if you have lots of files, you need to have some way of the two servers actually talking to each other. And of course Tailscale is also useful for a bunch of other services like Jellyfin access!
Pi-Hole question: I had been using Pi-Hole on Truenas Scale for several months until upgrading from Bluefin to Cobia (Version:23.10.2) in February. I struggled some with Nextcloud and Syncthing after the upgrade but got both of them running without reinstalling them. Pi-Hole (TrueCharts version) on the other hand did not survive. Other apps will install OK, but since the upgrade TrueCharts and TrueNas versions of Pi-Hole will not install they both fail with the following cryptic error message. [EFAULT] Failed to install App: Error: INSTALLATION FAILED: create: failed to create: secrets "sh.helm.release.v1.pihole.v1" is forbidden: unable to create new content in namespace ix-pihole because it is being terminated Anyone have any ideas how to FIX this error???
Great video as usual! Love the ever evolving video quality! Keep it up!
... but the proposed solution in the end is not "officially" supported ...
This is exactly what I've been working on lately! Bookmarking this for when I'm home.
I have a odroid hc-1 and a virtual both running syncthing as my backup targets, and I access both of them using zerotier. The big benefit of this method is that if I wanted to deploy another node to a remote friend's house, the node would essentially be zero configuration for that friend, just plug in to power and data and it's done.
I kinda do this too, except my 2 firewalls connect with a Ipsec tunnel, I have 2 of those HP Micro G8 servers running Truenas, on on each end and they sync.
I have a HP Micro G8 running TrueNAS Core to host the files and VMs for ProxMox.
@@Darkk6969 They are sweet boxes !
Thank you, you make us nerds seem cool! Love the humour and info on equal measure 🙂
Can you make a video explaining steps how to recover all of the data and TrueNAS configurations to the main server from that remote location?
You're easily one of the most underrated tech TH-camrs. Your content is so useful and issued in a way that is easy to understand and isn't overwhelming. Your delivery is also entertaining and funny as hell. Out of every TH-camr, your vids have helped me the most in setting up my humble little server / babby homelab. Here's a thanks and a sub, keep doing what you're doing.
Help! I will preface by saying I am NOT an IT person. I was able to get an old pc up and running with Truenas Scale and two 6tb drives - love it. I am LOST on how to get remote access. I gave a Netgear router and followed instructions for OpenVpn and believe I have running, but not sure where to go next. A basic video on being able to access TrueNas server remotely would be awesome!!!
great idea but a bit convoluted explanation ;-) why would you go through 3rd party rather than by installing i.e. wireguard locally?
I use Scale's built in cloud backup to Google Drive, with the data encrypted - works brilliantly, and Google can't do anything with the data. I like the idea of a remote server though, say at a friends house.
Thank you, I was sitting here trying to understand what I was doing to set up tailscale on truenas. This is not the first time one of your videos have helped me through an issue. Thanks again.
this video was a huge help in setting up tailscale w truenas scale! thanks!
ANDDDD now after upgrading my router and modem, tailscale is stuck on deploying. have you ever had this happen? i can't get it back up and running
@@snakesandtrails9290 I have the same issue, stuck on deploying. Please share if you've found a solution.
I think smarter than me people would say, this is not the way. Probably the biggest issue being adding any changes to Truenas host system may break something and/or will not persist after upgrades. I think using tailscale is a good idea, but the better would be to have an other proxmox or Truenas on the other end. So you can have proper dataset replication with TrueNAS and Proxmox Backup System. I think syncthing is also a good way to go. But you mentioned that you have that running somewhere too.
I agree. I assumed this would be very simple but the video shows that wasn’t the case lol. It definitely has me thinking about my Remote Backup Process 2.0
@@RaidOwl There could be also some peculiarities with TrueNAS Scale itself. Wendell from Level1Techs had issues with a VM on Scale back in July. He straight up skipped the applications because he called it wonky. 😂
I feel that lol. Halfway through making the vid I almost scrapped it but figured “maybe there someone out there with this setup”.
@@RaidOwl For sure, I am very interested in a situation when there are challenges and not pitch perfect outcome. Keep up the good work!
@@bluesquadron593 Honestly, Wendel is an idiot in this case.
He skipped the system, but has super many opinions about it. While it is basically just plain helm under-the-hood.
I have a server trio at my house, HA Config with Proxmox. They replicated between each other and to my NAS, i also have a offsite backup to a datacenter. The latter is been utilized by a backup-container running inside proxmox, a CT Container, not a Docker Container. The NAS itself is sadly very underpowered by CPU and RAM to make more than being a local NAS. My Servers on the other side have plenty of cpu and ram to make their own backups as a background noise.
I‘m revamping my offsite backup soon to borg with encryption, just for worst case scenarios that something odd happens on the datacenter site.
Hmmm... I'm thinking a "Replication Task" is a better way for backing up TrueNAS to TrueNAS ZFS Volumes...
my guy, rsync is great, but you have zfs pools in truenas, yes? use zfs send and receive. rsync has to do a lot of work, work your zfs pool already precomputed just from existing. zfs is faster and better. i know, rsync is how i did it for sooo long too, but trust me check this out.
ZFS send / receive would be (performance-wise) similar to Backup>Replication (from GUI) right? But both ways better then rsync if both systems are TrueNAS systems ... ?
@@pWAVE86 sounds right to me! But I'm not sure
@18:02 so brett,
wouldn't this be fixed if you tell the tailscale kubernetes container to advertise as an exit node??
That way when your "remote" truenas server tries to "phone home", it'll go out using the tailscale container network? (that's being advertised)?
I have the exact same setup, (only using the truenas container, not the truecharts) and i have published the server ip, but i can't "phone home" either so i would very much prefer NOT to do everything all over again in the host system like you did, isntead I would prefer to just complete the kubernetes setup.
Thanks for sharing your solution. Keep in mind that TrueNAS SCALE does not support installing other Debian packages. It is likely to break when you next upgrade the TrueNAS OS. There are ways around it, I know, but this is not a generally recommended configuration.
That is also my biggest issue! I did the direct docker/shell install as well in the past but it is not really sustainable when you plan to update Scale without stuff breaking. When starting the video I thought finally a supported tailscale solution ... :(
I did exactly this and it works. I can access the GUI anywhere practically. But I am having an issue, accessing the data. Is there a way to access it?
Does any one get the following error when deploying stack in Docker Compose installation: "Deployment error failed to deploy a stack: service "tailscaled" refers to undefined volume var/lib: invalid compose project"?
Unfortunately this approach is EXTREMELY complicated.
Is this really necessary?
If you're going from TrueNAS Scale to Synology for backup, why not use one of the many backup programs available on the Synology?
I configured active backup to run, unattended, every day, in 15 minutes.
Isn't your time worth it?
However, let me still thank Raid Owl for a very informative, and detailed backup approach.
In theory this will work with NordVPN meshnet almost identically no?
Hey Raid Owl, This solution helped me greatly in connecting two remote TrueNAS Scale instances and running Replication Tasks. With Bluefin however, I am unable to run a tailscale instance right from the OS level (at least I haven't figured out how yet). Do you know how to do this?
I get this error when I run the command from Raid Owl's guide:
"'/var/lib' 'path' not allowed to be mounted"
@@jerryb9265 There is a solution for this, but it comes with warnings: I can't find the exact link I used, but essentially you need to chmod the /var/lib folder to allow access. It'll reset after every update since TrueNAS doesn't like you playing with cmd line
Can you show us how to set up on Truenas core?
What if you have no friends? ☹️☹️☹️...
Can I break into a random house and set up a back system in that house. 😂😂😂
Great guide, however I cannot seem to get a way to turn ip subnet routes on Tailscale to enable. I only get a message "This machine does not expose any routes."
Any thoughts?
i have this problem
Do you have similar guide for zerotier pls?
For the advertised route, how did you know what num to put after the / ?
I tried the ipv4 shown in Network Interfaces and it didn't work
Hi, same question. did you find to resolve this?
@@Ripitgood0007 advertising 198.168.0.0/24 & 10.0.0.0/24 ended up working for me
For anyone else with this question, it's CIDR notation. IP addresses are best understood when shown in binary, as IP address are divided into network/client. Think of "client" as a house number, while "network" is the street, city, etc. Most home networks use a CIDR of /24 which would be the "192.168.1" part of the address for the network part, and then what ever number is tacked on at the end as the client part. By using /32 (the max for IP v4) you're saying that it can only go to the one IP address. The bigger the /number, the smaller the scope. Google "Understanding CIDR notation" for much better explanations.
How the heck did you get Tailscale showing up in the Applications view? It's not in the list at all. I only see 13 in there.
Need to add the truecharts catalog
Another great video thanks I hope to see more, can we make a request?
FIRST
edit: Now that I've watched. I'm doing something similar with unraid and wireguard. Works great! just limited by the network speeds are both ends... :(
teehee couldn't resist the urge, looking forward to watching
Iirc tailscale is using wg but is designed to make it easy
Great video. In case it helps others I got this working using the GUI only. You will have to ensure that Host Networking is enabled and Userspace is disabled.
You also need to set two sysctl values:
net.ipv4.ip_forward
net.ipv4.conf.all.src_valid_mark
There is more documentation on the truecharts website.
Hey excellent video, I'm unable to do the same with nextcloud+tailscale, have you tried it?
Thanks
Did you also consider using ZFS replication?
Yep that’s prob my next attempt. I’ve been wanting an excuse to try Tailscale tho
@@RaidOwl Testing that out myself. But I've been using OpenVPN, because it is built in in TrueNAS. Mostly just worried that an update will destroy tailscale or, the one I've tested, wg-easy. But thank you for the video. I really like your contribution. It really helps a lot of people. Keep it up!
yayy. truenas scale.
Can you make a video on FakeNAS? I feel like TrueNAS gets alot of attention, but it's debatable if it's any better than FakeNAS
Uhhh syncthing would of been 18x's easier to setup. Just saying. And yes it's even encrypted.
Lol probably
True, Syncthing is great, but has way worse performance in my experience. Also, if you want to do zfs replication, which can be much faster if you have lots of files, you need to have some way of the two servers actually talking to each other. And of course Tailscale is also useful for a bunch of other services like Jellyfin access!
Braun Roads
👍🏻👍🏻👍🏻👍🏻👍🏻
3:53 from where did you that subnet 32? how to find mine please help!!
YOU ARE MY FATHER I CAN FINALLY DO WHAT I HAVE BEEN WANTING TO DO FOR A LONG TIME. THANK YOU SO MUCH
Beans
Pi-Hole question: I had been using Pi-Hole on Truenas Scale for several months until upgrading from Bluefin to Cobia (Version:23.10.2) in February. I struggled some with Nextcloud and Syncthing after the upgrade but got both of them running without reinstalling them. Pi-Hole (TrueCharts version) on the other hand did not survive. Other apps will install OK, but since the upgrade TrueCharts and TrueNas versions of Pi-Hole will not install they both fail with the following cryptic error message.
[EFAULT] Failed to install App: Error: INSTALLATION FAILED: create: failed to create: secrets "sh.helm.release.v1.pihole.v1" is forbidden: unable to create new content in namespace ix-pihole because it is being terminated
Anyone have any ideas how to FIX this error???