Assign a Seperate local IP Address to Truenas Scale Apps

Ryu · April 2, 2025, 8:47pm

I am trying to set NGINX app on a separate LAN IP so I can set it to 80 and 443. I don’t see any way to do that. I have already assigned Truenas multiple LAN IP address. How would I set this up?

dan · April 2, 2025, 10:54pm

You don’t need a different IP to do this–just set the web UI to use different ports.

…which is because there isn’t currently any way to do that. You’ll be able to do it with 25.04 after June (possibly earlier, but June 2025 is the target date iX has set to have their apps deal with unique IPs).

Ryu · April 3, 2025, 2:33pm

Thankyou for the help.

Ryu · May 7, 2025, 9:32pm

I have updated to 25.04 and looking for how to do it now

dan · May 7, 2025, 9:36pm

Is it June yet?

Ryu · May 7, 2025, 9:37pm

Oh, I thought it was once we hit 25.04. I thought we just got it early.

done · May 10, 2025, 10:14pm

Was there a reason you couldn’t change the TrueNAS WebUI to different ports?

If you can, Select “System >” from left navigation bar and choose “General Settings”. On the next screen, click on the “Settings” button in the GUI block and you can edit the ports (some people use 81 and 444). This will make 80 and 443 available for NGINX.

Of course, you will need to update any shortcuts or services that are already expecting to find the TrueNAS WebGUI at 80/443

dan · May 10, 2025, 10:17pm

I’ll never understand people who join the forum just to post the same thing that was posted over a month ago.

done · May 10, 2025, 10:22pm

I was just curious why the OP breezed right past the first part of your advice.

PyCoder · May 10, 2025, 10:56pm

Custom with docker-compose or dockge (app)

As example

  br0:
    external: True
services:
  npm:
    container_name: npm
    environment:
      - TZ=Europe/Zurich
      - DB_SQLITE_FILE=/data/database.sqlite
    hostname: npm
    image: docker.io/jc21/nginx-proxy-manager
    networks:
      br0:
        ipv4_address: 192.168.0.14
    restart: unless-stopped
    volumes:
      - /mnt/foobar/data:/data

neofusion · May 11, 2025, 11:54am

Speaking for myself (not the OP), I don’t want to touch the default TN ports. I want them to be the normal 80/443.

Obviously, that creates a problem when I also want to use a reverse proxy for other services on the same server. But that would be solved if it could be assigned a different IP, something that used to be possible.

Ryu · June 1, 2025, 11:00pm

I can change the ports for a partial fix of the problem but long term, it will not work for me. There are some servers I am not deploying until after Truenas gains this capability. One of the security protocols I like to employ is to restrict the NGINX reverse proxy based on who should have access to it. Intranet users will use one NGINX reverse proxy. Remote users will use another NGINX reverse proxy. Services that only intranet users should be using will be on the intranet NGINX reverse proxy. Services that are internet facing will be on the internet NGINX reverse proxy. This is to prevent an internet user who was forwarded in to a NGINX reverse proxy from trying to find some exploit that allows them to gain access to the intranet site. The Internet NGINX reverse proxy will only know how to forward to sites an internet user is allowed to access.

The other aspect is much more of a minor thing. It is just easier to not have to write ip:portnumber every time I want to access the Truenas server.