Hi everyone. I am hitting a brick wall with my NPM setup (and my head). Here’s where I’m at:
- I am running 25.04.2.
- I have an FQDN from Cloudflare. This is strictly for local/private access. I am not trying to open any of my services to the world. I’ll be using Tailscale for remote access once I get this fixed.
- I have followed Dan’s guide to get everything set up.
- Running NPM app as UID/GID 0.
- To avoid the port conflicts, I created an alias on the main TrueNAS network interface specifically for NPM to be bound to. TN and all other apps are at 10.0.10.5, NPM on 10.0.10.3 which are part of my Lab subnet (10.0.10.0/24).
- TrueNAS name server and gateway are both currently set to 10.0.10.1, FWIW.
- The CF API token and subsequent LetsEncrypt wildcard cert seem to be working and showing as in use in the NPM dash.
- I have created proxy hosts for a few of my services and all three show as Online in the NPM dash.
- I’m running Unbound in OPNsense and have created overrides for the three hosts I’m experimenting with, all pointing to 10.0.10.3.
- When I try to access the domain (ex. jellyfin.domain.com), I am left with a “Server Not Found” page in Firefox.
- Not sure if my issue is related but my public DNS setup in Unbound for the entire network is through Quad9 with TLS. Do I need to be using Cloudflare for my public DNS service for this to work?
Overall, I’m not sure where I’m going wrong. Do I need to setup port forwarding in OPNsense? Should I probably be running NPM on it’s own device? Or should I be considering a swap from Unbound to something like Pi Hole?
The only other thing I could think of is not haveing set up an A record or CNAME with Cloudflare, but I had the impression that wasn’t needed if I’m keeing this all local/private?
Please let me know if there’s anything glaring that I should/should not be doing or if there’s any further info that could help.
Thank you!