Leaderboard

Just wanted to provide a quick update on this feature in particular. We are going to try to add this in for Q1 along with a few other big updates to be announced soon.

Video was great. In my town we have a store call Skycraft that sales stuff from all the Lockheed Martian and NASA, SpaceX just all kinds of stuff over the years I have gotten so much cool things from there. If I would have had that store back in the 70 and 80's I would have never had to go to Radio Shack. Just picked up a 4U computer case rack mount for 20 bucks going to rip everything out a turn it into a 36 bay JBOD for my r730xd. HexOS will rule them all HA!!!

Nice looking device....just hella expensive.

I'm also interested in experience utilizing Intel N100 based NAS. My use case is for backup purposes with a similar raidz2 configuration. Let us all know how it goes!

HexOS needs to establish a threat model with their curated applications and communicate that to the community. What kind of threats could we face based on how an application is being used and exposed to the network? Use Case 1: Exposing an Application to the WAN (Public Access) Threats: External Attackers: Malicious actors may exploit vulnerabilities in the application, potentially allowing unauthorized access. DDoS Attacks: Distributed Denial of Service attacks could overwhelm the application and its associated infrastructure. Man-in-the-Middle (MitM) Attacks: Attackers could intercept communications between users and the application. Misconfigured Security Measures: Vulnerabilities arising from misconfigured HexOS firewall rules or other security protocols could expose internal services. Use Case 2: Exposing Services Through LAN Only Threats: Internal Threats: Malicious users or compromised devices within the LAN pose risks to security. Exploitable Configurations: Poor application setups or vulnerabilities could be exploited by other trusted users or devices. Lateral Movement Risks: A compromised endpoint within the LAN could facilitate lateral movement to access other internal services. Challenges in Mitigation Some threats are difficult to mitigate effectively: DDoS Attacks: When executed well, these attacks are challenging to block and often require upstream infrastructure beyond HexOS to manage effectively. Firewall Configuration: While HexOS firewalls can be configured to improve security, managing upstream infrastructure, such as routers or dedicated firewalls, falls outside the scope of HexOS documentation. My Recommendations Users may need to expose certain applications only through the WAN (for external VPN access or public access) while limiting others to the LAN. It is crucial to recognize that the LAN should not be treated as a trusted network, as other services can be compromised, serving as a foothold for further intrusions. The following recommendations can help enhance security, depending on backend implementations designed to protect users: Application Isolation Deploy applications in separate virtual or physical environments (e.g., using containers or separate Virtual Private Clouds). Restrict outbound and inbound traffic to only the necessary connections for application functionality, applying the principle of least privilege. Access Control Implement strong authentication and authorization mechanisms (e.g., OAuth, API keys) to ensure that only legitimate users can access the system. Traffic Encryption Utilize HTTPS to encrypt data in transit, safeguarding against MitM attacks. Implement VPN gateways that can securely manage encrypted traffic for sensitive operations. Many of these thoughts mention here come from seeing some open source projects like casaos and cosmos-server that have mitigated some of these security threats. I'm sure Hex OS can provide even better experience if they lay the proper groundwork now. That ground work starts with the egress and structuring templates for applications.

Im actually jealous, Houston is the closest stores that have recyclers that sell similar. All I have is FB market where people think a gtx970 is worth $200. make sure you show off them new builds

Update: I got Intel iGPU HW decoding to work. I really do think this has to do with file/folder with permissions when installing from HexOS UI. I installed Plex (plex pass image) from the TrueNas Scale UI Setup the User ID and Group ID to 569 (becasue my original Plex install was using 568) Web Port 32401 (again becasue original Plex install was using 32400) Checked off "Host Network" Set up the Data, and Cofiguration Storage locations all as ixVolume (Dataset created automatically by the system) Setup Logs and Transcode Storage as Temporary (Temporary directory created on the disk) Add additional storage locations. In my case I only use Plex for Movies and TV shows so if you need Pictures, Videos, etc.. add those as well Type (Host path that already exists on the system) Mount Path /Movies Host Path /mnt/HDDs/Movies The make one for Shows Type (Host path that already exists on the system) Mount Path /Shows Host Path /mnt/HDDs/Shows select your options for CPU and Memody dont forget to check Passthrough available for (non Nvidia GPUs) Next we need to make a new User and Group in True NAS so navigate to Credentials then Users Name it whatever you want "Plex 2" in my case disable password UID 569 Uncheck Create New Primary Group Primary group select apps home directory /mnt/HDDs/Aplications I clicked ALL the permissions for Read Write and Execute Unclick SMB User Save Now we need to create a Group In TrueNAS navigate to Credentials then Groups GID 569 Add Local Administrator to the Privelages selection The Last thing we need to do is give our user and group 569 access to the SMB shares on TrueNAS Navigate to Datasets in TrueNAS then Movies click edit on the permissions button Now add Item Who is set to User User is set to whatever you named your User in the previous step. In my case it is "Plex2" it shoud be in the drop down list. under permissions select Full Control Click Apply permissions Recursively and confisr the selection then continue. Now add another item Who is set to Group Group is set to whatever you named your Group in the previous step. In my case it is "Plex2" it shoud be in the drop down list. under permissions select Full Control Click Apply permissions Recursively and confisr the selection then continue. Now click Save Access Control List. You should now be able to launch your Plex app and go toyour transcode settings, select your iGPU and transcode hapily ever after!! If this doesnt wor for you i would also try changing the permissions in the aplications forlder for your plex user. it is my understanding that inorder to transcode plex needs to be able to execute commands and unpack folders it downloads inorder to be able to HW transcode. but im not 100% sure.

Honestly wish I was more help, new to this whole hexos/truenas thing... it is 100% working, plex shows HW in the dashboard when transcoding and CPU usage doesn't jump with 6 transcoded 4k streams going. As to what I did... I tried installing plex through Hexos, which made the folders and stuff for me, but transcoding didn't work despite showing the GPU, ended up uninstalling plex, and reinstalling via truenas using the default save paths that Hexos did, that also didn't work. I then uninstalled again and installed using truenas default install paths, and just adding the paths for my movie storage. Then the transcoding started working fine. I'm sure it's some permission issue in the background somewhere, but I couldn't figure it out but this worked for me. Your mileage may very lol

no updates after 2 months! not looking great is it. a beta should be getting updates often what are we paying for again?