I’m trying to export my SMB shares from TrueNAS Scale to peers on a wireguard network.
I’m not sure if I’m missing a route on the TrueNAS host or somehow need to tell the SMB service to bind to the wg interface. Or maybe I should use bridge networking?
TrueNAS is at 192.168.1.206 on the LAN. Clients on 192.168.1.0/24 can connect and use SMB fine.
In the wg conf for TrueNAS I have Address = 10.0.100.206/24. When I start the container the connection to the wg network is established, and I can see the interface has been created when I run ip a from the TrueNAS cli.
Mobile peers on the wg network (10.0.100.0/24) can ping TrueNAS on 10.0.100.206. But they can’t mount shares or load http://10.0.100.206 (i.e. the TrueNAS interface) in a browser.
I can see the correct port from peers but I don’t know if this is really the SMB service:
$ nc -zv 10.0.100.206 445
10.0.100.206 (10.0.100.206:445) open
I believe I want to use host networking (not certain though) so I currently have this in my compose file:
cap_add:
- NET_ADMIN
volumes:
- ${APPS_BASE}/wg/config:/config
restart: unless-stopped
network_mode: host
The mobile peers also have AllowedIPs = 10.0.100.0/24, 192.168.1.0/24.
I realise I could connect to wg on my router and do the routing there but I don’t want the whole LAN and all TrueNAS apps available to peers.
Would appreciate suggestions on this!