From c70d9922214d897ce3ada6c84c6b1ac315a765b0 Mon Sep 17 00:00:00 2001
From: ducoterra <git@ducoterra.net>
Date: Thu, 6 Mar 2025 17:38:56 -0500
Subject: [PATCH] update Truenas zfs docs

---
 infrastructure/graduated/truenas/truenas.md | 81 +++++++++++++++++++--
 1 file changed, 73 insertions(+), 8 deletions(-)

diff --git a/infrastructure/graduated/truenas/truenas.md b/infrastructure/graduated/truenas/truenas.md
index 524e844..678f3b9 100644
--- a/infrastructure/graduated/truenas/truenas.md
+++ b/infrastructure/graduated/truenas/truenas.md
@@ -14,6 +14,7 @@
     - [Create and send snapshots](#create-and-send-snapshots)
     - [Cleaning up old snapshots](#cleaning-up-old-snapshots)
     - [Creating and restoring snapshots](#creating-and-restoring-snapshots)
+    - [Filesystem ACLs](#filesystem-acls)
   - [VMs](#vms)
     - [Converting zvol to qcow2](#converting-zvol-to-qcow2)
     - [Converting qcow2 to zvol](#converting-qcow2-to-zvol)
@@ -161,14 +162,28 @@ Since you can't use `-R` to send encrypted datasets recursively you'll need to u
 1. Save the datasets from a pool to a text file:
 
     ```bash
-    zfs list -r -o name <pool> > pool_datasets.txt
+    export SNAPSHOT='@enc1-hourly-2025-03-05_09-00'
+    export SEND_POOL=enc1
+    export RECV_POOL=enc0
+    export DATASETS_FILE=pool_datasets.txt
+
+    zfs list -r -H -o name <pool> > pool_datasets.txt
     ```
 
-2. Next, remove the prefix of the source pool from the list of datasets. Also remove the source pool itself as well as any duplicate pools in the receiving dataset.
-3. Now, run a command like the following:
+2. Remove the source pool from the front of all the listed datasets. In vim, for example:
 
     ```bash
-    for i in $(cat nvme_pools.txt); do zfs send -v nvme/$i@manual-2021-10-03_22-34 | zfs recv -x encryption enc0/$i; done
+    :%s/enc0\//g
+    ```
+
+3. Now you can run the following
+
+    ```bash
+    # Dry run
+    for DATASET in $(cat $DATASETS_FILE); do echo "zfs send -v $POOL/$DATASET$SNAPSHOT | zfs recv $RECV_POOL/$DATASET"; done
+
+    # Real thing
+    for DATASET in $(cat $DATASETS_FILE); do zfs send -v $POOL/$DATASET$SNAPSHOT | zfs recv $RECV_POOL/$DATASET; done
     ```
 
 ### Migrating Properties
@@ -214,20 +229,46 @@ zfs destroy rpool/d1
 ### Create and send snapshots
 
 ```bash
+export SEND_DATASET=enc0/vms/gitea-docker-runner-data
+export RECV_DATASET=enc0/vms/gitea-docker-runner-data-sparse
+
 # snapshot pool and all children
-zfs snapshot -r dataset@now
+zfs snapshot -r $SEND_DATASET@now
 
 # send all child snapshots
-zfs send -R dataset@snapshot | zfs recv dataset
+zfs send -R $SEND_DATASET@now | pv | zfs recv $RECV_DATASET
 
 # use the -w raw flag to send encrypted snapshots
-zfs send -R -w dataset@snapshot | zfs recv dataset
+zfs send -R -w $SEND_DATASET@snapshot | pv | zfs recv $RECV_DATASET
 ```
 
 ### Cleaning up old snapshots
 
+If you want to delete every snapshot:
+
 ```bash
-wget https://raw.githubusercontent.com/bahamas10/zfs-prune-snapshots/master/zfs-prune-snapshots
+# Just in case, use tmux. This can take a while
+tmux
+
+# This pool you want to clean up
+export POOL=enc0
+# This can be anything, set it to something memorable
+export SNAPSHOTS_FILE=enc0_mar2025_snapshots.txt
+
+# Check the number of snapshots in the dataset
+zfs list -t snap -r $POOL | wc -l
+
+# Save the list of snapshots to the snapshots file
+zfs list -t snap -r -H -o name $POOL > $SNAPSHOTS_FILE
+
+# Check the file 
+cat $SNAPSHOTS_FILE  | less
+
+# Dry run
+for SNAPSHOT in $(cat $SNAPSHOTS_FILE); do echo "zfs destroy -v $SNAPSHOT"; done | less
+
+# Real thing
+for SNAPSHOT in $(cat $SNAPSHOTS_FILE); do zfs destroy -v $SNAPSHOT; done
 ```
 
 ### Creating and restoring snapshots
@@ -244,6 +285,17 @@ export ZFS_SNAPSHOT='enc1/vms/Gambox1-z4e0t@init-no-drivers-2025-03-03_05-35'
 zfs rollback $ZFS_SNAPSHOT
 ```
 
+### Filesystem ACLs
+
+If you see something like "nfs4xdr_winacl: Failed to set default ACL on...":
+
+Dataset -> Dataset details (edit) -> Advanced Options -> ACL Type (inherit)
+
+```bash
+# Remove all ACLs
+setfacl -b -R /mnt/enc0/smb/media
+```
+
 ## VMs
 
 1. Force UEFI installation
@@ -410,6 +462,19 @@ virsh -c "qemu+unix:///system?socket=/run/truenas_libvirt/libvirt-sock" start $V
 
 Sometimes you need to mount zvols onto the truenas host. You can do this with the block device in /dev.
 
+For simple operations:
+
+```bash
+export ZVOL_PATH=enc0/vms/gitea-docker-runner-data-sparse
+mount --mkdir /dev/zvol/$ZVOL_PATH /tmp/$ZVOL_PATH
+
+# If you need to create a filesystem
+fdisk /dev/zvol/$ZVOL_PATH
+mkfs.btrfs /dev/zvol/$ZVOL_PATH
+```
+
+For bulk operations:
+
 ```bash
 for path in $(ls /dev/zvol/enc0/dcsi/apps/); do mount --mkdir /dev/zvol/enc0/dcsi/apps/$path /tmp/pvcs/$path; done
 for path in $(ls /dev/zvol/enc1/dcsi/apps/); do mount --mkdir /dev/zvol/enc1/dcsi/apps/$path /tmp/pvcs/$path; done