Hey everyone, I wrote a tutorial on how to set-up Nginx Proxy Manager with a DuckDNS domain in TrueNAS Scale and configure it so you can point subdomain addresses like https://immich.mydomain.duckdns.org to your local server IP address like 192.168.68.113:30041 and have Let’s Encrypt SSL certificates for HTTPS without having to buy a domain for all your applications that have WebUIs. I also included specific instructions on the extra steps needed to set-up the Nginx Proxy host for Immich specifically.
Keep in mind that my server isn’t port forwarded and available to the public, I am using Tailscale to connect my devices to it. I am also using the latest Electric Eel release.
You can find my tutorial here: TrueNAS Scale Reverse Proxy with Nginx and DuckDNS - DeveloperJose
I am by no means an expert or very knowledgeable in the area but I hope this can be of help to some of you.
1 Like
Interesting. While I use a Fully Qualified Domain Name instead of a subdomain of DuckDNS, that difference doesn’t apply to the comments below…
When I installed the Nginx proxy server, the following were the default ports:
It was a matter of setting up port forwarding at the router level so that port 80 points to port 30021 and port 443 ports to port 30022.
Also, how are you keeping your public IP address up to date? Since I’m on a residential ISP, the method I’m using is DDNS Updater which does include support for Duck DNS for updating the DNS record.
Yes, it took me a while to learn this, but I wanted to make sure that several apps (Audiobookshelf, Kavita, Uptime Kuma, Linkding) were accessible to the outside world using secure certificates, plus I wanted to force using https for the connection. Having a VPN connection ends up using more processing power which affects battery life when I’m listening to a audiobook while I’m mobile.
As my server is not accessible to the outside world and I use Tailscale to connect to it through VPN outside of my home I was able to configure my router to give my server a fixed local IP address (192.168.68.113) and just have DuckDNS point to that local IP address.
Therefore I do not need a DDNS Updater currently, although if I ever did open my server to the public you are correct that I would need something like that. I might have to do that sometime in the future since Samsung Android likes to kill the Tailscale background app in my family’s phone (for battery saving) which makes it a bit of a pain sometimes.
@DeveloperJose I need only an internal access to Vaultwarden.
How do I describe the domain name (vaultwarden.x.y.com)?
How can setup a local Cert?
thx
Neuro
