Configuring Traefik for Internet https to local http traffic on TrueNAS scale

I am currently using TrueNAS Scale - Dragonfish and have two apps that I want to access externally: AudioBookShelf and Kavita. Both do not natively support https so I have to use a Reverse (Ingress Proxy). The reason behind having this part exposed is to access my audiobook and ebooks while being remote and to have two-three trusted family friends also have access.

I’m currently using subdomain.asuscomm.com through my wireless router, and have a Lets Encrypt certificate. The services are being accessed through subdomain.asuscomm.com:portnumber. Right now, it’s working with HTTP, but HTTP is bad.

I would like to configure things so that the services are accessible as follows:

First question: Apparently, I need to use a certificate manager as Traefik doesn’t have one of it’s own. What is recommended?

Second question: Any good guides for configuring Traefik in TrueNAS SCALE?

Poking for some help pointers.

If you follow the guides on Getting Started | TrueCharts Charts you should be good. They have guides for that

Once you get that set, you can just port forward those domains to your SCALE server Traefik IP and it will handle the rest.

In conjunction with Traefik, Cert-manager, and Cluster Issuer, the external service app will set Traefik up as a TLS-terminating proxy for whatever on your LAN you like. Their docs discuss setting it up for the TrueNAS UI, but can be adapted to just about anything else:
https://truecharts.org/scale/guides/truenas-web-gui-via-traefik/