TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
TrueCommand
Compare Editions
Software Status
FreeNAS
Systems Overview
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS EnterprisePlugins Screens
12 minute read.
Last Modified 2022-09-29 14:13 -0400Use the Plugins screen to install and maintain 3rd party applications on your TrueNAS storage systems.
Use the blue Columns dropdown list to display options to change the information displayed in the lis to of tables. Options are Select All, Status, Admin Portals, IPv4 Address, IPv6 Address, Version, Plugin, Release, Boot, Collection or Reset to Defaults.
Use the icon to set the pool to use for Plugin and Jail Manager storage.
Use Browse a Collection to select 3rd party applications from either the iXsystems or Community libraries.
Use REFRESH INDEX to update the index of applications.
Use INSTALL to display the Plugins Add configuration screen and to access the ADVANCED PLUGIN INSTALLATION button to display advanced Plugin and jail configuration screens.
Click the icon to display the individual plugin screen with its IP address, plugin name, release and version and the Github location for the collection. It includes additional action options for that plugin.
Click the icon to collaspe the individual plugin screen.
| Name | Description |
|---|---|
| Manage | Displays the System Overview screen for that application. For example, the netdatajail system overview with CPU and load graphics and options to view other information about this application. |
| MOUNT POINTS | Displays the Jails Mount Points of nameofpluginjail screen. Click ACTIONS and select either Add to create a mount point for the jail used by the plugin, or Go Back to Jails to open the Jails screen. A mount point gives a jail access to storage located elsewhere on the system. You must stop a jail before adding, editing, or deleting a mount point. See Additional Storage for more details. |
| RESTART | Starts a stopped plugin. |
| STOP | Stops a plugin and the associated jail. |
| UPDATE | Displays the Update plugin dialog where you can select the option to Update jail as well. Select Confirm to activate the UPDATE button. |
| Uninstall | Displays a verification dialog for the plugin and related jail. Type the name displayed in the dialog and select Confirm to activate the DELETE button. |
Use the Add screen to install the plugin highlighted on the Plugins screen for a simple basic install of a third party application. Use the ADVANCED PLUGIN INSTALLATION button to open the advanced configuration screens with all possible configuration settings for the plugin and related jail. This form is recommended only for advanced users with ver specific requirements for a jail.
| Setting | Description |
|---|---|
| Plugin Name | Displays the name of the plugin highliged on the Plugin screen. |
| Jail Name | Required field. Enter a name that can include letters, numbers, periods (.), dashes (-), and underscores (_). |
| DHCP | Select to allow DHCP to configure networking for the Jail**. |
| NAT | Network Address Translation (NAT) to transform local network IP addresses into a single IP address. Select when the jail shares a single connection to the Internet with other systems on the network. |
| IPv4 Interface | Select the IPv4 interface for the jail from the dropdown list. |
| IPv4 Address | Enter the IPv4 address for VNET(9) and shared IP jails. |
| IPv4 Netmask | Select the IPv4 netmask for the jail from the dropdown list. |
| IPv6 Interface | Select the IPv6 interface for the jail from the dropdown list. |
| IPv6 Address | Enter the IPv6 address for VNET(9) and shared IP jails. |
| IPv6 Prefix | Select the IPv6 prefix for the jail from the drowdown list. |
| Advanced Plugin Installation | Opens the advanced configuration screens. This form is recommended only for advanced users with ver specific requirements for a jail |
The Advanced Plugin Installation screens include four expandable configuration areas:
- Basic Properties
- Jail Properties
- Network Properties
- Custom Properties
Click the icon to collaspe any area of configuration settings.
Use Next to advance to the next configuration settings section, or click the icon to expand the configuration settings area.
| Name | Description |
|---|---|
| Plugins Name | Displays the name of the Plugin highlighed on the Plugins screen. This field is not editable. |
| Name | Required field. Enter a name that can include letters, numbers, periods (.), dashes (-), and underscores (_). |
| DHCP Autoconfigure IPv4 | Select to auto-configure jail networking with the Dynamic Host Configuration Protocol (DHCP). Also select VNET and Berkeley Packet Filter with this selected option. |
| NAT | Network Address Translation (NAT) to transform local network IP addresses into a single IP address. Select when the jail shares a single connection to the Internet with other systems on the network. |
| VNET | Select to use VNET(9) to emulate network devices for the jail. A fully virtualized per-jail network stack is installed. |
| Berkeley Packet Filter | Select to use the Berkeley Packet Filter (BPF(4)) to data-link layers in a protocol independent fashion. |
| vnet_default_interface | Select the default VNET interface from options on the dropdown list. Options are none, auto, or specific interfaces on your system. Only takes effect when VNET is selected. Choose a specific interface or set to auto to use the interface that has the default route. Choose none to not set a default VNET interface. |
| IPv4 Interface | Select the IPv4 interface for the jail from the dropdown list. |
| IPv4 Address | Enter the IPv4 address for VNET(9) and shared IP jails. |
| IPv4 Netmask | Select the IPv4 netmask for the jail from the dropdown list. |
| IPv4 Default Router | Enter a valid IPv4 address to use as the default route. Enter none to configure the jail with no IPv4 default route. A jail without a default route is not be able to access any networks. |
| AutoConfigure IPv6 | Select to use Stateless Address Auto Configuration (SLAAC) to autoconfigure IPv6 in the jail. |
| IPv6 Interface | Select the IPv6 interface for the jail from the dropdown list. |
| IPv6 Address | Enter the IPv6 address for VNET(9) and shared IP jails. |
| IPv6 Netmask | Select the IPv6 prefix for the jail from the drowdown list. |
| IPv6 Default Router | Enter a valid IPv6 address to use as the default route. Enter none to configure the jail without an IPv6 default route. A jail without a default route is not be able to access any networks. |
| Auto Start | Select to auto-start the jail at system boot time. Jails are started and stopped based on iocage priority. Set in the Custom Properties priority field. |
| Name | Description |
|---|---|
| devfs_ruleset | The devfs(8) ruleset number to enforce when mounting devfs in the jail. The default 0 means no ruleset is enforced. Mounting devfs inside a jail is only possible when the allow_mount and allow_mount_devfs permissions are enabled and enforce_statfs is set to a value lower than 2. |
| exec_start | Commands to run in the jail environment after the jail is created. Example: sh /etc/rc. The pseudo-parameters section of JAIL(8) describes exec.start usage. |
| exec_stop | Commands to run in the jail environment before the jail is removed and after exec.prestop commands complete. Example: sh /etc/rc.shutdown. |
| exec_prestart | Commands to run in the system environment before a jail is started. |
| exec_poststart | Commands to run in the system environment after a jail is started and after any exec_start commands are finished. |
| exec_prestop | Commands to run in the system environment before a jail is stopped. |
| exec_poststop | Commands to run in the system environment after a jail is stopped. |
| exec_jail_user | Enter either root or another valid username. Inside the jail, this user runs the commands. |
| exec_system_user | Run commands in the jail as this user. By default, the current user runs these commands. |
| securelevel | The value of the jail securelevel sysctl. A jail never has a lower securelevel setting than the host system. Setting this parameter allows a higher securelevel setting. If the host system securelevel* setting is changed, the jail secure level is at least as secure. |
| sysvmsg | Allows or deniew access to SYSV IPC message primitives. Use the dropdown list to select from Inherit, New or Disable. Select Inherit to make all IPC objects on the system visible to the jail. Select *New to make only objects the jail creates using the private key namespace visible. The system and parent jails have access to the jail objects but not private keys. Select Disable when the jail cannot perform any sysvmsg related system calls. |
| sysvsem | Allows or denies access to SYSV IPC semaphore primitives. Use dropdow list to select from Inherit, New or Disable. Use Inherit to make all IPC objects on the system visible to the jail. Select New to make only objects the jail creates using the private key namespace visible. The system and parent jails have access to the jail objects but not private keys. Select Disable when the jail cannot perform any sysvmem related system calls. |
| sysvshm | Allows or denies access to SYSV IPC shared memory primitives. Use dropdown list to select from Inherit, New or Disable. Select Inherit to make all IPC objects on the system visible to the jail. Select New to make only objects the jail creates using the private key namespace visible. The system and parent jails have access to the jail objects but not private keys. Select Disable when the jail cannot perform any sysvshm related system calls. |
| vnet_interfaces | A space-delimited list of network interfaces attached to a VNET enabled jail after it is created. Interfaces are released when the jail is removed. |
| allow_set_hostname | Select to allow changing the jail host name with hostname(1) or sethostname(3). |
| allow_sysvipc | Select to choose whether a process in the jail has access to System V IPC primitives. Equivalent to setting sysvmsg, sysvsem, and sysvshm to Inherit. Deprecated in FreeBSD 11.0 and newer! Use sysvmsg, sysvsem, and sysvshm instead. |
| allow_raw_sockets | Select to allow raw sockets. Utilities like ping(8) and traceroute(8) require raw sockets. When selected, source IP addresses are enforced to comply with the IP addresses bound to the jail, ignoring the IP_HDRINCL flag on the socket. |
| allow_chflags | Select to treat jail users as privileged and allow the manipulation of system file flags. Secure level constraints are still enforced. |
| allow_mlock | Enables running services that require mlock(2) in a jail. |
| allow_vmm | Allows the jail to access the bhyve virtual machine monitor (VMM). The jail must have FreeBSD 12.0 or newer installed with the vmm(4) kernel module loaded. |
| allow_quotas | Select to allow the jail root to administer quotas on jail file systems. This includes file systems the jail shares with other jails or with non-jailed parts of the system. |
| allow_socket_af | Select to allow access to other protocol stacks beyond IPv4, IPv6, local (UNIX), and route. Warning, jail functionality does not exist for all protocol stacks. |
| allow_mount | Select to allow privileged users inside the jail to mount and unmount file system types marked as jail-friendly. Also use dropdown list to select from list of options allow_mount_devfs, allow_mount_fusefs, alow_mount_nullfs, allow_mount_procfs, allow_mount_tmpfs or alow_mount_zfs. |
| Name | Description |
|---|---|
| Interfaces | Use to enter up to four interface configurations in the format interface:bridge, separated by a comma (,), where the left value is the virtual VNET interface name and the right value is the bridge name where to attach the virtual interface. |
| host_domainname | Use to enter a NIS domain name for the jail. |
| host_hostname | Use to set the jail host name. Defaults to the jail UUID. |
| resolver | Use to add lines to the jail resolv.conf. For example, nameserver IP;search domain.local. Delimit fields with a semicolon (;), this translates as new lines in resolv.conf. Enter none to inherit resolv.conf from the host. |
| exec_fib | Enter the routing table (FIB) to use when running commands inside the jail. |
| ip4.saddrsel | Select to disable IPv4 source address selection for the jail in favor of the primary IPv4 address of the jail. Only available when the jail is not configured to use VNET. |
| ip6.saddrsel | Select to disable IPv6 source address selection for the jail in favor of the primary IPv6 address of the jail. Only available when the jail is not configured to use VNET. |
| ip4 | Controls the availability of IPv4 addresses. Use the dropdown list to select from options inherit, New or Disable. Select Inherit to allow unrestricted access to all system addresses. Select New to restrict addresses with ip4_addr. Delect Disable to stop the jail from using IPv4 entirely. |
| ip6 | Controls the availability of IPv6 addresses. Use the dropdown list to select from options inherit, New or Disable. Select Inherit to allow unrestricted access to all system addresses. Select New to restrict addresses with ip6_addr. Delect Disable to stop the jail from using IPv6 entirely. |
| mac_prefix | Enter a valid MAC address vendor prefix. For example, E4F4C6. |
| vnet0_mac | Use to assign a fixed MAC address. Leave this field empty to generate random MAC addresses for the host and jail. To assign fixed MAC addresses, enter the MAC address to assign to the host, a space, then the MAC address to assign to the jail. |
| Name | Description |
|---|---|
| priority | Enter a numeric start priority for the jail at boot time. Valid priorities are between 1 and 99. Smaller values are higher priority. At system shutdown the priority is reversed. For example, 99. |
| hostid | Enter a new jail host id, if desired. For example, the hostid: 1a2bc345-678d-90e1-23fa-4b56c78901de. |
| comment | Enter comments about the jail. |
| template | Select to set this jail as a template. |
| host_time | Select to set system host time to synchronize the time between jail and host. |
| jail_zfs | Select to enable automatic ZFS jailing inside the jail. The jaile fully controls the assigned ZFS dataset. |
| jail_zfs_dataset | Enter a ZFS file system name without a pool name to define the jailed dataset and fully hand over to a jail. You must set jail_zfs for this option to work. |
| jail_zfs_mountpoint | Enter the mount point for the jail_zfs_dataset. For example, /data example-dataset-name. |
| allow_tun | Select to reveal tun devices for the jail with an individual devfs ruleset. Allows the creation of tun devices in the jail. |
| Autoconfigure IPv6 with rtsold | Select to use rtsold(8) as part of IPv6 auto-configuration. Send ICMPv6 router solicitation messages to interfaces to discover new routers. |
| ip_hostname | Select to use DNS records during jail IP configuration to search the resolver and apply the first open IPv4 and IPv6 addresses. See jail(8). |
| assign_localhost | Select to add network interface lo0 to the jail and assign it the first available localhost address, starting with 127.0.0.2. The Basic Properities VNET checkbox must be cleared. Jails using VNET configure a localhost as part of their virtualized network stack. |