TrueNAS just moved its build system to closed source citing 'security'. The self-hosted Reddit community is grabbing their pitchforks.
Grab your coffee, folks. I was casually scrolling through Reddit this morning when I stumbled upon a massive dumpster fire in the self-hosted community. TrueNAS just pulled a classic bait-and-switch, and the internet is currently grabbing its collective pitchforks.
Here's the TL;DR: The scale-build repository by TrueNAS on GitHub just got a shiny new "No longer maintained" badge. The company announced that the build system has been moved to an internal infrastructure.
The official excuse? "Security requirements." They claim this transition is necessary to support Secure Boot and platform integrity features that require tighter control over the pipeline. They made it explicitly clear: no more updates, no PRs, no issues. The old code is just there as a museum exhibit now.
Wait, what? Going from open-source to closed-door just like that? The original poster on Reddit hit the nail on the head: "Wondering if this is just the first step towards doing a MinIO in the future."
You don't mess with an IT guy's homelab without expecting a massive blowback. Looking at the comments, the community has split into three main camps of rage:
Camp 1: Time to Fork It!
One dev simply asked: "Time to fork?". The replies were pure gold, suggesting names like FalseNAS or hilariously, FreeNAS (which is ironic because that's literally what it used to be called before the rebrand).
Camp 2: Follow the Money Some veterans who listen to the TrueNAS podcasts noted that things have been smelling funny lately. TrueNAS is updating to newer versions of OpenZFS, but surprise, surprise—all the shiny new features are going to be locked behind a subscription. As one user pointed out, "It's the Plex story all over again."
Camp 3: Calling BS on 'Security'
This is my favorite take. Using "Secure Boot" as a scapegoat to close your source code is a massive stretch. User sean_hash broke it down perfectly: Secure boot keys are just an excuse; this is really about killing build reproducibility. You can no longer rebuild the ISO yourself. You are now forced to blindly trust their supply chain.
Another user delivered the final blow: "I don't get the argument: Debian, Fedora, openSUSE and more all have Microsoft-signed ISOs and fully open-source build systems." Checkmate, TrueNAS.
Let's be real here. The "we're closing it for security" PR spin is older than dirt. The classic tech business model is undefeated: Release an open-source tool -> Build a massive community -> Get free QA and beta testing from users -> Gain market share -> Close the ecosystem -> Monetize the hell out of it.
From a business standpoint, developers need to eat, and companies need to make money. But wrapping a commercial decision in "security" buzzwords is insulting to a community of literal system administrators and engineers.
The Takeaway: For the self-hosted and homelab crowd, never put 100% of your trust in a "free forever" corporate-backed product. Own your data, know your exit strategy, and get comfortable deploying your own VPS or Cloud instances from scratch. Today's beloved open-source darling is tomorrow's paywalled nightmare.
