Use Case: Right now, I have some of my TrueNAS Apps (notably Kavita, Audiobookshelf, and Authentik) exposed to the outside world, and use the Nginx Reverse Proxy to provide https access to those applications while I am outside of my network. I want to move my Nginx Reverse proxy from 192.168.1.2 to 192.168.1.8 and change the http port from 30021 to 80 and https port from 30022. This should allow me to utilize DNS Rewrite on my AdGuard Home instance (still on 192.168.1.2) so that I can point appname.mynetwork.net to 192.168.1.8. This should allow me to access those applications in case of a network outage.
Went into Network → Interfaces and added 192.168.1.8/24 to the pre-existing lP address of * 192.168.1.2/24
Tested and Saved the network changes.
Went into System → General Settings → GUI → Settings and changed the GUI IP from 0.0.0.0 to 192.168.1.2 . While 192.168.1.8 was available, it was not set.
Went into Apps and the Network configuration for Nginx and assigned the 192.168.1.8 IP address for the following ports:
WebUI: 30020
http: 30021
https: 30022
After saving the IP address changes, I tested one of my apps and got failure (expected).
I went into my router for port forwarding and changed the IP address from 192.168.1.2 to 192.168.1.8 for 80 → 30021 and 443 → 30022. After saving, the apps are working as expected.
I went into the Apps and the Network configuration for Nginx, and attempted to change the http port to port 80 and https to port 443. When attempting to save, I get the error message “Error: Network, Port is already in use.”
I temporarily changed the http port of TrueNAS from 80 to 81 and the https port of TrueNAS from 443 to 8443. This allowed me to set the port in the Nginx container.
I then modified the port forwarding on my router to port 80 and 443 in 192.168.1.8 respectively. My apps are working.
I then applied the change of *.mynetwork.net to point to 192.168.1.8 as a DNS rewrite and it operated as expected.
So, apparently, the ports of 80 and 443 of the TrueNAS GUI on 192.168.1.2 affect the usage on 192.168.1.8. Why? I don’t know.
Addendum: I just moved the TrueNAS GUI IP addresses back to 80/443, and TrueNAS is working as expected, and my apps are still working as expected. Go figure. I’m wondering if I’m going to hit something when Nginx gets updated in the future.
Hi.
I was also trying to set ports 80/443 on an specific IP address for Nginx Proxy Manager.
I’m running TrueNas 25.04.1. The main bridge in the system has four aliases. I dedicated one for TrueNas GUI (which is served on ports 80 and 443) and wanted to use another for Nginx Proxy Manager, so that I can use port 443.
I know docker allows that (tested it with docker run in CLI) and it also works configuring a custom app with yaml (but not using the assistant).
I tried to do some debugging and I believe the issue is in this file:
Will this work while using a bridge or alias interface? Plex seems to only work with I have “Host Network” selected, when I try to assign an IP, it gives error
(ERROR) app_lifecycle.compose_action():56 - Failed ‘up’ action for ‘plex’ app: Network ix-plex_default Creating\n Network ix-plex_default Created\n Container ix-plex-plex-1 Creating\n Container ix-plex-plex-1 Created\n Container ix-plex-plex-1 Starting\nError response from daemon: no available IPv4 addresses on this network’s address pools: ix-plex_default
Per-app IPs are now working for inbound traffic. However, app outbound traffic still originates from the TrueNAS host’s IP address. Is there a way to force apps to use their assigned LAN IP for outbound traffic?
This is an artefact of the implementation, You have one physical interface with one IP. Now, you have the same stuff but you’re just assigning additional virtual IP’s to that same connection. The traffic won’t originate from the aliased IP’s, because they’re not real and wouldn’t route otherwise, All the traffic should be coming from the actual IP interface. Just imagine it’s like NAT. I think.
While I’m thinking, there is a more difficult process to do what you want and it will take more work for ixsystems to build it. I think it’s the MACVLAN stuff others have talked about. Back in the Core days, we had jails, and jails would get their own little network stack and act a lot more like a real network interface. We don’t have that anymore, but we could eventually.
*Disclaimer: take all this with a grain of salt, I’m a little over my own head here.
What about mDNS? I’m trying to setup a Scrypted app and TrueNAS already uses mDNS (I think port 53) for Time Machine. I setup an alias on the main NIC, and assigned that to Scrypted, but I can’t get the HomeKit bridge to connect. It’s like TrueNAS is binding mDNS to both IP addresses now and blocking that port from being used even by docker.
This ofc. means that besides Portainer none of the other docker containers shows up inside the APPS section of truenas. But that does not bother me to be honest.
I was hoping that the per-App IP feature I’ve been waiting for ever since I switched from Unraid to TrueNAS would provide the same functionality as I got in Unraid (which offers both MACVLAN and IPVLAN - and is quite easy to setup realy in the GUI), sadly turns out this is not the case as everyone else here has found out too it seems.
Yeah, when you figure this one out, I’d appreciate some info. I’m trying to get a Homekit-compatible thermostat to be recognized by my Home Assistant app and have had no luck. I didn’t go nuts trying to spin up a VM or anything else because this June 1st app update was right on the horizon. But I’ve been trying every way I can think of the last day or two and still can’t get it to work.
I just went through hell trying to figure out the per app addressing and my conclusion is, you are best to use separate NIC’s with separate subnets and create a vlan for each NIC and do all the trickery on your switch
or
Install TrueNAS on Proxmox and create a bunch of Lan connections and do the same thing.
Creating Alias addresses and assigning them to an App does not work as one would like, its not the same thing and does not work like it would with a VM on a Hypervisor, maybe it can, I don’t know my own backside from a Docker container, its all witch craft to me, but I know TrueNAS with Docker just does not work like Proxmox with VM’s or LXC’s so trying to make TrueNAS a network switch for these Apps just doesn’t work.
Creating multiple Alias addresses creates major issues on my Ubiquity Layer 3 Switch and most of the time the additional addresses are just not registering on the Switch and pop in and out of existence, I think its triggering some sort of Spanning Tree safe guard in the switch.
The static IP of my TrueNAS machine is 192.168.1.5
After I then created an alias 192.168.1.6 I have started to see 192.168.1.5 a 2nd time but with a different MAC adress in Unifi Network.
O.o
