Errors getting node running on TrueNAS Scale

Hi all,

New to Storj and trying to get it up running on TrueNas Scale. I followed the directions found here:
Setting Up a Storj Node | and their youtube video

Initially, they seem a bit incomplete. For example it didn’t mention I needed to allow port 7777 outbound. But after a bit of working around I was able to get most communication working.

In the instructions it said to forward 20988 which didn’t result in a working node so I changed the configuration both on TrueNAS and on the firewall to what you have on the website here “28967” and I was able to validate that connectivity can be established via Open Port Check Tool - Test Port Forwarding on Your Router.

What I am left with is the following error message in logs:
RROR contact:service ping satellite failed {“Process”: “storagenode”, “Satellite ID”: “12rfG3sh9NCWiX3ivPjq2HtdLmbqCrvHVEzJubnzFzosMuawymB”, “attempts”: 11, “error”: “ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: tls peer certificate verification: not signed by any CA in the whitelist: CA cert”, “errorVerbose”: “ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: tls peer certificate verification: not signed by any CA in the whitelist: CA cert\n\*Service).pingSatelliteOnce:149\n\*Service).pingSatellite:102\n\*Chore).updateCycles.func1:87\n\*Cycle).Run:160\n\*Cycle).Start.func1:77\n\*Group).Go.func1:75”}

and in the web interface I am shown that the node is offline and that QUIC is misconfigured. Not sure how this can be since I am able to validate the port connectivity. I’ve seen a couple of posts about the identity being wrong but I’m not sure what else I can do to correct it?

Any suggestions would be appreciated :slight_smile:

Did you use a public IP when you setup your node?
If you used something like 192.168.x.x then you need a DDNS to provide your public IP.

I used DDNS - i can confirm this is working as well as my personal VPN works through the same mechanism.

Is this a new TrueNAS Scale setup or have you had it for a while? I had some certificate errors when I first installed Scale because it was hosted in a VM and was on a 172 subnet.

You might try switching ports as well. There may be some reason they suggested using the +1 port number in the instructions. Possibly the other port is occupied.

Correct - this is a brand new TrueNAS scale setup. Everything else is running. I’ve tried using their suggested port as well as the standard QUIC port 28967 but neither is working. This is hosted on a bare-metal box in a 192.168.x.x subnet.

You might want to try the TrueNAS forum for additional help here as I am not certain if there are any internal routing or firewall configurations with TrueNAS that you would have to adjust.

Will give a shout out over there also - thanks for the suggestion!

This error usually means your identity isn’t signed. Can you check the identity location? There should be 6 files. If only 4 files then you need to go through the steps again to sign the identity.


I’ve only ever had 4 files in there. I’ve actually blown the entire thing away several times now and started over for your exact reasoning :slight_smile: its always the same result.

Clicking the link you posted for the TrueNAS instructions… they seem poor. Did you ever do step 3 on this page - Step 5. Create an Identity - Storj Node Operator Docs?

Edit - Apparently the app generates an authenticated identity (Storj For TrueNAS - FAQ | Page 2 | TrueNAS Community)

1 Like

Yup! I had found that same article! I wish the poster stated what “tinkering” he did. It would probably have helped a ton. I’m trying a totally fresh deploy (again) to triple-check I didn’t screw something, and crossing my fingers that I get lucky and it works.

Your deploy is fine. The only thing you should do is authenticate the identity on your computer and copy the 6 files to the identity dataset. This guy posted a list of tasks - Need help setting up multiple nodes | TrueNAS Community - it’s the top 3 where your problem lies.

If I were you I’d do the identity steps as in the Storj instructions - Step 5. Create an Identity - Storj Node Operator Docs - then copy the files to the identity dataset.


Hello @t0x ,
Welcome to the forum!

By the way, when you setup a node (and generate an identity), you need to obtain a new authorization token every attempt, because the old one become used and it’s a one-time usage token.

Hey Alexey! Thanks for the welcome and the information. How do you create a new authorization token? Whenever I go Sign up and host a Node on Storj it gives me the same token.

I think it gives you the one until you use it, and then it would give you a new one. Since your identity hasn’t been signed, it hasn’t been registered as used. I am surprised the tool didn’t do the identity part for you in the setup. I wonder if there was an error in TrueNAS Scale that prevented it from working.

1 Like

Hey all!! Solved and Update time! The solution was a combination of things missing from the docs and steps that need to be taken.

  1. @Stob you’re advice should be followed prior to trying to even install the app. Create the identity on the outside of truenas and move it there via NFS or some other mechanism of your choosing. If you try and “correct” the issue by doing it after deploying the “config” folder causes more issues/headache with mismatching node ID’s and things.

  2. Ports that need to be open in addition to what TN says: 8888 and 7777. 8888 is used in the identity signing portion. Im thinking this can be ignored/blocked if you do the signing outside of truenas. 7777 looks to be necessary for communication between satellites.

For some reason TrueNAS signing of the identity I never got to work but the app always started like it was normal. Im thinking there is additional filesystem-level permissions errors that prevented the writing of the signed certificates. Might do some more testing and propose addendums to the TrueNAS docs later. Thank you all for the prompt responses and troubleshooting!


Unlikely. The customers contact your node directly, not via the satellite.
The satellite is only address book, audit, repair and payment processor. All data is transferred directly between your node and the customer.