I am trying to set NGINX app on a separate LAN IP so I can set it to 80 and 443. I don’t see any way to do that. I have already assigned Truenas multiple LAN IP address. How would I set this up?
1 Like
You don’t need a different IP to do this–just set the web UI to use different ports.
…which is because there isn’t currently any way to do that. You’ll be able to do it with 25.04 after June (possibly earlier, but June 2025 is the target date iX has set to have their apps deal with unique IPs).
Thankyou for the help.
I have updated to 25.04 and looking for how to do it now
Is it June yet?
2 Likes
Oh, I thought it was once we hit 25.04. I thought we just got it early.
Was there a reason you couldn’t change the TrueNAS WebUI to different ports?
If you can, Select “System >” from left navigation bar and choose “General Settings”. On the next screen, click on the “Settings” button in the GUI block and you can edit the ports (some people use 81 and 444). This will make 80 and 443 available for NGINX.
Of course, you will need to update any shortcuts or services that are already expecting to find the TrueNAS WebGUI at 80/443
I’ll never understand people who join the forum just to post the same thing that was posted over a month ago.
I was just curious why the OP breezed right past the first part of your advice.
1 Like
Custom with docker-compose or dockge (app)
As example
br0:
external: True
services:
npm:
container_name: npm
environment:
- TZ=Europe/Zurich
- DB_SQLITE_FILE=/data/database.sqlite
hostname: npm
image: docker.io/jc21/nginx-proxy-manager
networks:
br0:
ipv4_address: 192.168.0.14
restart: unless-stopped
volumes:
- /mnt/foobar/data:/data
Speaking for myself (not the OP), I don’t want to touch the default TN ports. I want them to be the normal 80/443.
Obviously, that creates a problem when I also want to use a reverse proxy for other services on the same server. But that would be solved if it could be assigned a different IP, something that used to be possible.
I can change the ports for a partial fix of the problem but long term, it will not work for me. There are some servers I am not deploying until after Truenas gains this capability. One of the security protocols I like to employ is to restrict the NGINX reverse proxy based on who should have access to it. Intranet users will use one NGINX reverse proxy. Remote users will use another NGINX reverse proxy. Services that only intranet users should be using will be on the intranet NGINX reverse proxy. Services that are internet facing will be on the internet NGINX reverse proxy. This is to prevent an internet user who was forwarded in to a NGINX reverse proxy from trying to find some exploit that allows them to gain access to the intranet site. The Internet NGINX reverse proxy will only know how to forward to sites an internet user is allowed to access.
The other aspect is much more of a minor thing. It is just easier to not have to write ip:portnumber every time I want to access the Truenas server.
Have you managed to get this working? I tried adding an alias to the bridge I have and forcing truenas to only use that for the webui but when I want to make the switch to the default ports it tells me that those are used by Nginx.
I got it working. I don’t have all the servers up and working yet but I have the basic traffic routing working.
Remember that the Truenas server itself needs its own LAN IP and port number for its GUI. The NGINX server needs its own LAN IP and port number. The app itself needs its own LAN IP and port number. NGINX does nothing more then routes from the the NGINX server to the app`s LAN IP and port number
@dan has discussed this before - see the search function. If you’re only using one NIC, you first have to set up a bridge on that interface. @stux has published a tutorial on YouTube how to do that, IIRC.
Once the bridge is set up, you can add more IP interfaces to that bridge via the network GUI pane. I added a bunch, expecting future growth.
Once the IP addresses are set up, you can then assign them to Apps. They will show up in the interface drop-down menu when you create a new app or edit an existing one.
When I set up my apps, I like to include the last digits associated with the IP address to their name - ie emby23 and pihole24, to remind me what IP address is reserved for what app at a glance.
1 Like
Here ya go
1 Like