TrueNAS Scale with WiFi

Files that only exist on a single storage device might as well be considered temporary. The data will be lost when the storage device eventually fails, or when the computer is damaged, lost, or stolen. Ransomware or other malicious attacks can delete files or lock you out of accessing them until you pay a ransom fee. Silent data corruption (bit rot) can make important files partially or entirely unreadable and you won’t find out until you try to view the file later.

You need a backup of your data that will remain safe if something happens to your PC. Cloud storage is now the easiest method of data protection for most people. You pay a monthly or yearly fee to some cloud provider, download their file sync software, then select which folders on your PC will be regularly backed up. These services also keep previous versions so you can recover accidentally modified or deleted files. You can use the same service to synchronise your files between multiple computers, and to restore your files to a new computer if your old one is lost or broken.

You will lose access to your cloud files if your account becomes locked for some reason (account lock-out is a real risk with Google services), or if the cloud provider shuts down or experiences a catastrophic failure. If someone else discovers your password they can accesses your private files, or modify or delete them. Always use a strong randomly-generated password (stored in a password manager) and enable two-factor authentication on both your cloud storage and your password manager. If you’re concerned about anyone (cloud employees, hackers, governments) accessing your files without your knowledge, it is possible to encrypt them with a tool like Cryptomator before uploading them to the cloud.

The downsides of cloud storage are price and speed. Backing up one or two PCs is affordable. Trying to store terabytes of data could get expensive. And if you want to quickly access large files that only exist in cloud storage you could be waiting hours for the download and even longer to upload the changes back to the cloud.

That is why – for anyone who needs to backup large amounts of data safely and access it quickly – the best method is a private home file server, also called Network Attached Storage (NAS). For this I am using an operating system called TrueNAS Scale which uses the corruption-resistant ZFS filesystem. Basically you just need to build a desktop PC with at least 8GB RAM (more RAM is better for caching, and use ECC if possible), a small boot disk (the cheapest SSD you can buy will be perfect), two or more large mechanical hard disks to make a storage array, and an Uninterruptible Power Supply with surge protection.

Of course, storing all your data on just one NAS – no matter how good it is – still carries the unavoidable risk: what if that NAS explodes? Well that’s why you make two of them and use ZFS Replication to send snapshots of changed data from the primary to the secondary on a regular schedule. Keep the secondary NAS at a friend’s house and use WireGuard or SSH to send snapshots off-site. Send encrypted datasets so your friend can’t read your backups. The possibilities (and the cost) are endless.

There are many guides available to install and configure TrueNAS. If those guides mention WiFi at all, it will only be to say it’s not possible. This is false! TrueNAS Scale is built on top of Debian Linux, and it can do anything Debian can do.

WiFi Guide

First check whether the system is aware of your WiFi adapter by logging in to the TrueNAS web interface and opening the shell. Type this command to list PCI devices:

lspci

If you have a USB WiFi adapter try lsusb instead.

On my system I can see this line in the output:

Network controller: Intel Corporation Wireless-AC 9260

A quick search online tells me I need to install the Debian package firmware-iwlwifi. I also need wpasupplicant to connect to my WPA2 network.

But first I have to re-enable the Apt package manager to install Debian packages.

Edit the file /etc/apt/sources.list and add this line at the end:

deb http://deb.debian.org/debian bullseye main

Then run these commands:

chmod +x /bin/apt*
apt update
apt install firmware-iwlwifi wpasupplicant

Any packages installed this way will be kept after a reboot, but they are lost after a system upgrade. Upgrades are not installed automatically in TrueNAS, so you can plan ahead and connect it to Ethernet when an upgrade is available, then repeat this step to get WiFi working again.

Reboot, then type this in the shell to find the network interface name:

ip a

I can see in my list the WiFi interface is named wlp6s0. In your case it will likely be something different, so adjust these instructions accordingly.

wlp6s0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000

I have created a new unencrypted dataset conf on my storage pool pool1 to permanently store the configuration files and scripts needed here.

Create the configuration file for WPA Supplicant.

nano /mnt/pool1/conf/wpa_supplicant.conf

Add this content to the file then press ctrl+o to save then ctrl+x to exit nano.

country=AU		# ISO_3166 country code
update_config=1
ctrl_interface=/var/run/wpa_supplicant

network={
        scan_ssid=1
        ssid="Network SSID"     # WiFi SSID to connect to
        psk="password"      # Password
}

Instead of using the plain text password in your config file, you can use a password hash generated with this command:

wpa_passphrase WIFI_NAME

Next create a script to activate the WiFi connection.

nano /mnt/pool1/conf/wifi.sh

With this content:

#!/bin/bash
ip link set wlp6s0 up
wpa_supplicant -B -i wlp6s0 -c /mnt/pool1/conf/wpa_supplicant.conf
dhclient -v wlp6s0

Now tell TrueNAS to run that script on boot. In the web interface go to System Settings > Advanced > Init/Shutdown Scripts > Add.

Description: Wifi
Command: bash /mnt/pool1/conf/wifi.sh
When: Pre Init

On the next reboot it should connect to WiFi and get an IP address from the DHCP server.