Working through setting up firewall rules to only allow what’s needed on the external side and was wondering if TrueNAS posts a list of what IPs are needed to allow basic functionality? At the moment, this is a basic install. No plugins.
Been working through them and stuck on what the following actually do:
104.131.139.195 (Leads to BitSrc…maybe plugin repo?)
198.30.92.2 (OARnet)
140.82.113.4 (GitHub…imagine this is for a plugin repo)
A publish list would be really cool
By whitelisting specific IP:s I suspect you are creating a lot of future maintenance work…
Yeah - let firewalls do firewall work. Let the NAS do NAS work
I think OP is doing that. The question is, “what external IP addresses does TrueNAS need to be able to reach in order to function properly?” And the answer, AFAIK, is none, other than whatever NTP server you’re using. That means, of course, that there are some things that won’t work:
Don’t forget:
If we’re blocking all outgoing connections, that is.
Good point–assuming the mail server isn’t on the LAN, that is.
Is CORE EOL?
Telemetry is definitely unwanted. I have no plans to install plugins but it’s nice to know what the source IP is for that repo so I can tag it properly and not have a bunch of deny logs and question “where’s that device trying to reach”
Essentially. There’s a chance of patch updates going forward, but there will never be a CORE 14 release.
So scale is the way forward?
Is there an upgrade path from core to scale? Is this stated somewhere on the site; like when you go to download the core iso and a warning that 13 is last major release? This is a fresh deployment so such warning would be nice
Yes, and in this thread, iX has finally confirmed they’re killing off CORE. And also addressing the upgrade path.
Well that’s unfortunate. This really needs to be marked on their downloads page and software comparison page. Chart still shows CORE being a viable option.
This install is new and just finished pulling 13TB down to get rid of my cloud storage. Guess I’ll take a look at the migration steps in the docs before configuring this for use.
Appreciate pointing this out
Well, actually there has been one or the other lively discussion in the past about the way iX communicates things. 
To say that iX isn’t the best at consistent communications would be a gross understatement.
But the migration path is pretty simple: Download a copy of your current config file, install current SCALE, upload the config file. You’ll need, or at least want, to set up a non-root admin user at that point. Other than that, you shouldn’t see a whole lot of change unless you start messing with the apps system.
You have to dig around to get to the CORE download page. The easiest way is likely using the Download button on the product comparison page, the one you get to if you specifically use the less visible “Explore TrueNAS Options” link on the main download page.
On that page TrueNAS CORE 13.3-U1 has a warning that explains it’s provided for community members who already use CORE and need newer drivers and extended jails support. It’s stated that all others should use SCALE.
The TrueNAS CORE 13.0-U6.6 version lacks that warning. Reading the release notes you can glean information about it’s deprecated jails, plugins and VMs, but that info is not readily visible unless you take care to look for it.
I’ve been procrastinating the move from CORE to SCALE, cause right now everything is working fine and has for some time. Also, I still use iocage/jail to host my PLEX Media Server media files, and I’m a little nervous what happens after the migration - where do the iocage/xxx folder and files end up after I reload the saved configuration files?
After migration and reloading the config files, do I re-install PLEX from the TrueNAS apps selection menu (as opposed to an iocage/ jail), then drop my media files in (perhaps) my home folder?
I appreciate SCALE is an enterprise package (if I understood what I read), and I’m just me, in my home watching TV shows and movies. But I depend on my PLEX server and have for 10 years. So, if CORE is eventually winding down, I guess its time to plan my move.
This probably really belongs in its own thread. But with that said…
If your media files are actually in the Plex jail, you’ve set things up very poorly. Every guide I’ve seen (and edited, and even written) calls for the media to be in some external directory or dataset that’s mounted to the Plex jail. And if yours is set up that way, the migration is really pretty straightforward:
OK, the last two are being facetious. But if your data is stored outside of the jail, it’s fairly straightforward.
Sorry, I mispoke - yes, my media files are mounted separately in
</mnt/TANK/PlexMedia >
and mounted to PLEX in the jail.
This is encouraging. So, really, the migration is far less painful than I worried it might be. Thanks - and my apologies for not starting a separate thread, my bad, and I know better.
Is it possible the media files will survive the migration, which I assume takes place on the boot disk, and I’ll just have to re-mount them to the newly installed PLEX app?
Are there any gotcha’s I should be thinking about ahead of time - everything I’ve read makes the process sound straight forward.
There’s profit? Tell me more 
Rod
That’s how it ought to work.
