TrueNAS SCALETrueNAS Nightly Development Documentation
This content follows experimental nightly development software. Pre-release software is intended for testing purposes only.
Use the Product and Version selectors above to view content specific to a stable software release.

Cloud Credentials Screens

These providers are supported for Cloud Sync tasks in TrueNAS SCALE:

*TrueCloud backup tasks streamline functionality for Storj iX cloud backups and restoration.

Cloud Credentials Widget

The Cloud Credentials widget displays a list of cloud storage credentials configured on the system.

Cloud Credentials Widget
Figure 1: Cloud Credentials Widget

Before adding cloud credentials for a cloud storage provider, the Cloud Credentials widget displays No Cloud Credentials configured.

Cloud Credentials Widget No Credentials
Figure 2: Cloud Credentials Widget No Credentials

Add opens the Cloud Credentials configuration screen.

Cloud Credentials Screen

The Cloud Credentials configuration screen opens prepopulated with Storj-iX as the provider. It shows settings to add or edit cloud credentials TrueNAS uses to integrate with cloud storage providers.

Cloud Credentials Configuration Screen
Figure 3: Cloud Credentials Configuration Screen

Provider shows a list of available providers. Select the name of a cloud provider to populate the configuration screen with credential settings for that provider.

Verify Credentials uses the credentials entered to verify access the cloud storage provider account.

Name and Provider Settings

The selection in Provider changes the Authentication settings.

SettingDescription
Provider(Required) Default is set to Storj. Select the cloud storage provider from the options on the dropdown list.
NameEnter a name for this cloud credential. For example, cloud1 or amazon1.

Storj iX Credential

Storj authentication includes going to the Storj iX sign-in screen to either create a new Storj iX account or log into an existing Storj iX account. After configuring the Storj account in the Storj-iX portal return to SCALE to enter the S3 credentials provided by Storj.

Cloud Credentials Storj iX
Figure 4: Cloud Credentials Storj iX
Storj iX Authentication Settings
SettingDescription
Signup for accountLink to the Storj iX account sign-up page where you either create a new account or sign into your Storj iX account.
Access Key IDEnter the alphanumeric key provided by Storj when you create the S3 account access associated with the storage buckets added in Storj.
Secret Access KeyEnter the alphanumeric key provided by Storj when you create the S3 account access associated with the storage buckets added in Storj.

Amazon S3 Credential

Amazon S3 has basic authentication and advanced authentication settings. This section provides information on the basic authentication settings.

Amazon S3 Authentication Settings
Figure 5: Amazon S3 Authentication Settings
Amazon S3 Authentication Settings
SettingDescription
Access Key IDEnter the alphanumeric key that is between 5 and 20 characters for the Amazon Web Services Key ID. Find this on Amazon AWS by going through My account > Security Credentials > Access Keys (Access Key ID and Secret Access Key).
Secret Access KeyEnter the alphanumeric key that is between 8 and 40 characters for the Amazon Web Services password. If you cannot find the Secret Access Key, go to My Account > Security Credentials > Access Keys and create a new key pair.

Amazon S3 Advanced Authentication Options

This section provides information on Amazon S3 advanced authentication settings for endpoints. The basic authentication settings are required when using the advanced settings.

Amazon S3 Advanced Authentication Settings
Figure 6: Amazon S3 Advanced Authentication Settings
Amazon S3 Advanced Authentication Settings
SettingDescription
Maximum Upload PortsEnter a value to define the maximum number of chunks for a multipart upload. Setting a maximum is necessary if a service does not support the 10,000 chunk AWS S3 specification.
Endpoint URL(Optional) When using AWS, you can leave the endpoint field empty to use the default endpoint for the region and automatically fetch available buckets, or enter an S3 API endpoint URL. Refer to the AWS Documentation for a list of Simple Storage Service Website Endpoints.
Region(Optional) Enter an AWS resources in a geographic area. Leave empty to detect the correct public region for the bucket. Entering a private region name allows interacting with Amazon buckets created in that region. For example, enter us-gov-east-1 to discover buckets created in the eastern AWS GovCloud region.
Disable Endpoint RegionSelect to prevent automatic detection of the bucket region. Select only if your AWS provider does not support regions.
Use Signature Version 2Select to force using Signature Version 2 to sign API requests. Select only if your AWS provider does not support default version 4 signatures.

BackBlaze B2 Credential

This section provides information on the BackBlaze B2 authentication settings.

BackBlaze B2 Authentication Settings
Figure 7: BackBlaze B2 Authentication Settings
Backblaze B2 Authentication Settings
SettingDescription
Key IDEnter or copy and paste the alphanumeric Backblaze B2 Application Key ID string into this field. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key.
Application KeyEnter or copy and paste the alphanumeric Backblaze B2 Application Key string into this field. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key.

OAuth and Access Token Authentication Credentials

Several cloud storage providers use OAuth authentication and a required access token to authenticate the cloud storage account. Providers using these methods are Box, Dropbox, Google Photo, pCloud, and Yandex.

OAuth and Access Token Authentications
Figure 8: OAuth and Access Token Authentication
OAuth and Access Token Authentication Settings

Use Login to Provider to enter the account username and password.

SettingDescription
OAuth Client IDEnter the public identifier for the cloud application.
OAuth Client SecretEnter the secret phrase known only to the cloud application and the authorization server.
TokenEnter a User Access Token for Box. An access token enables Box to verify a request belongs to an authorized session. Example token: T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl.
Hostname(Optional) pCloud only. Enter the host name to connect to.

FTP and SFTP Credentials

FTP and SFTP cloud storage providers use host name, port, and user credentials to authenticate accounts. SMTP uses SSH hosts, port, and user credentials and also uses a private key.

Host, Port User Credentials Authentication
Figure 9: Host, Port User Credentials Authentication
FTP and SFTP Authentication Settings
SettingDescription
HostEnter the FTP host name or for SFTP the SSH host name to connect. For example, ftp.example.com.
PortEnter the FTP or for SFTPP, the SSH port number. Leave blank to use the default port 21 for FTP or 22 for SFTP.
UsernameEnter a username on the FTP or for the SFTP host system the SSJ user name. This user must already exist on the host.
PasswordEnter the password for the user account.
Private Key ID(SFTP only) Import the private key from an existing SSH keypair or, if no keypairs exist on the system, select Add on the SSH Keypairs widget to open the SSH Keypairs screen. Enter a name, and then click Generate New to create a new SSH key for this credential.

Google Cloud Storage Credential

Google Cloud Storage authentication uses a Google service account json key credential file to authenticate the account.

Google Cloud Storage Authentication
Figure 10: Google Cloud Storage Authentication
Google Cloud Storage Authentication Settings
SettingDescription
Service Account KeyUse Choose File to browse to the file location on the server. Opens a file browser to select the Google service account key credential file generated by by the Google Cloud Platform Console to authenticate the account.
Preview JSON Service Account KeyShows the json file downloaded to the system server from Google Cloud Storage and uploaded with Choose File.

Google Drive Credential

Google Drive also uses OAuth authentication, a required access token, and a team drive ID to authenticate accounts. Google Drive adds one additional authentication setting to the general OAuth settings.

Google Drive Authentication
Figure 11: Google Drive Authentication
Google Drive Authentication Settings

Use Login to Provider to enter the account username and password.

SettingDescription
OAuth Client IDEnter the public identifier for the cloud application.
OAuth Client SecretEnter the secret phrase known only to the cloud application and the authorization server.
Access Token(Required) Token created with Google Drive. Access Tokens expire periodically, so you must refresh them.
Team Drive ID(Optional) Google Drive only when connecting to a team drive, and is the top-level folder ID for the team drive.

HTTP Credential

HTTP uses an HTTP host URL to authenticate account credentials.

Hubic Credential

Hubic uses an access token to authenticate the account. Enter the token generated by a Hubic account into the Access Token field.

Mega Credential

Mega uses the username and password for the MEGA user account to authenticate the account credentials.

Microsoft Azure Blob Storage Credential

Microsoft Azure Blob Storage uses the Microsoft Azure account name and account key to authenticate the account credentials.

CloudCredentialsMSAzureBlogStorageAuth

Cloud Credentials Widget No Credentials
Figure 12: Cloud Credentials Widget No Credentials

Microsoft Azure Blob Storage Authentication Settings
SettingDescription
Account NameEnter the Microsoft Azure account name.
Account KeyEnter the base64 encoded key for Azure account.
EndpointEnter an endpoint. For example, blob.core.usgovcloudapi.net.

OpenStack Swift Credential

OpenStack Swift uses several required settings to authenticate credential accounts. The AuthVersion setting selection changes setting options displayed in Advanced Options.

OpenStack Swift Authentication
Figure 13: OpenStack Swift Authentications
OpenStack Swift Authentication Settings
SettingDescription
User Name(Required) Enter the OpenStack user name (OS_USERNAME) from an OpenStack credentials file.
API Key or Password(Required) Enter the Openstack API key or password. This is the OS_PASSWORD from an OpenStack credentials file.
Authentication URL(Required) Enter the authentication URL for the server. This is the OS_AUTH_URL from an OpenStack credentials file.
AuthVersionSelect the authentication version from the dropdown list if your auth URL has no version (rclone documentation).

OpenStack Authentication Advanced Options

The Authentication Advanced Options screen shows different options based on the AuthVersion setting. Auto(vX), v1, and v2 use the same advanced authentication settings.

OpenStack Swift Authentication Advanced
Figure 14: OpenStack Swift Authentication Advanced
Auto(vx), V1 and V2 Authentication Settings
SettingDescription
Tenant NameEnter the OS_TENANT_NAME from an OpenStack credentials file.
Tenant ID(Optional for v1 auth) Enter the tenant ID Enter the tenant ID. For more information see rclone documentation.
Auth Token(Optional) Enter the auth token from alternate authentication. For more information see rclone documentation.
Region Name(Optional) Enter the region name. For more information see rclone documentation.
Storage URL(Optional) Enter the storage URL. For more information see rclone documentation.
Endpoint TypeSelect service catalog option from the Endpoint Type dropdown. Options are Public, Internal and Admin. Public is recommended. For more information see rclone documentation.
V3 Authentication Settings

Setting AuthVersion to v3 shows additional authentication settings.

SettingDescription
User ID(Optional) Enter the user ID to log in. To log into most swift systems leave this blank. For more information see rclone documentation.
User Domain(Optional) Enter the user domain. For more information see rclone documentation.
Tenant Name(Required) Enter the OS_TENANT_NAME from an OpenStack credentials file.
Tenant IDRequired for v2 and v3. Enter the tenant ID. For more information see rclone documentation.
Tenant Domain(Optional) Enter the tenant domain. For more information see rclone documentation.
Auth Token(Optional) Enter the auth token from alternate authentication. For more information see rclone documentation.
Region Name(Optional) Enter the region name. For more information see rclone documentation.
Storage URL(Optional) Enter the storage URL. For more information see rclone documentation.
Endpoint TypeSelect service catalog option from the Endpoint Type dropdown. Options are Public, Internal and Admin. Public is recommended. For more information see rclone documentation.

WebDAV Credential

WebDAV uses a URL, service type and user credentials to authenticate account cloud account credentials.

WebDAV Authentication Settings
Figure 16: WebDAV Authentication Settings
WebDAV Authentication Settings
SettingDescription
URL(Required) Enter the URL of the HTTP host to connect to.
WebDAV Service(Required) Select the name of the WebDAV site, service, or software used from the dropdown list. Options are NEXTCLOUD, OWNCLOUD, SHAREPOINT, or OTHER.
Username(Required) Enter the WebDAV account user name.
Password(Required) Enter the WebDAV account password.