I host 2 apps (WebDAV and minio) on my TrueNAS SCALE (Dragonfish-24.04.2.5) which are accessible from the internet. nginx (also running as a standard app) handles certificates and routing from outside to the TrueNAS IP and app ports. From the internet everything works fine but from home network not quite - slow or not functioning at all. I learned I need split DNS, for which I am happy to use pihole (already runs as an app) but I can’t since nginx doesn’t have own IP address.
So, either I can make nginx have own IP or I can make nginx listen to ports 80 and 443 by default - this would solve my problems (I moved already TN UI to other ports).
But I can’t accomplish this in a normal setup of mine. Everything I found online suggests this is doable (I can’t paste links apparently), but I am not finding any instructions how. Can someone please point me in the right direction or outline steps I need to take in order to accomplish what I need?
Thanks for chiming in @MarkHoltz. What you described is exactly how I have it at the moment. This, indeed, works well for queries from the internet (outside home network). In contrary, the queries from inside the home network don’t work well, they’re extremely slow at best, most of the time requests time out and it doesn’t work.
I need split DNS solution, I learned, so that internal requests are routed directly to the nginx proxy manager (for the sake of certificates being valid etc) and not via external DNS. For this I need NPM to either have own IP or to listen to ports 80 and 443 on TrueNAS IP. At the moment, I can’t configure any of the two options with standard configuration options. I’d appreciate guidance how to accomplish this in a “non-standard” way, as many forum posts around suggest this is doable. I just don’t know how
@bacon which source is your NPM deployed from? Mine is from the default Truenas app chart and I am not able to assign ports lower than 9000. This is a limitation imposed by the underlying kubernetes framework and helm package manager, as far as I understand. So, where did you install your NPM from?
@dan thanks for the link to the instructions. It feels neat and I’d like to do it like that, but I have not dared to upgrade to 24.10. yet. I was reading about the issues with the apps at upgrade, and I am not ready for much troubleshooting at the moment. I will test the upgrade on a VM and see how it goes. In the meantime, I’d love to hear if something similar can be done on 24.04.?
I am running 24.10.0.2 and installed it directly from the default app catalog. There is no port limitation there. I have never used TrueNAS Scale prior to 24.10.0.0 - I migrated from Core directly to that version, with native docker support being the main reason for finally migrating.
If your router supports hairpin nat then that can be used instead of split-dns. It’s not an ideal setup, but does work in a pinch.
On version TN 24.04, I used Proxy Manager on ports 30021 and 30022, and on the Mikrotik router, I had simple dstnat rules that redirected requests from internal IPs when they came to the internal TN IP on ports 80 and 443 → 30021, 30022. I don’t know if you’ll be able to set it up on your router.
