I think I might actually have two issues here. I hope this isn’t against some rules, as at least one of the issues might not be directly related to TrueNAS
Tailscale setup (maybe unrelated to TrueNAS)
I’ve been trying to get support about Tailscale on StackOverflow and via their official support channel by email. No reply from them for two weeks now. So on Cloudflare I have DNS entry for my domain - CNAME * nas.aaa-bbb.ts.net. And seemingly it resolves:
dig +short test.domain.tld
nas.dab-deneb.ts.net
If I visit nas.dab-deneb.ts.net directly, I get TrueNAS UI. But if I go to test.domain.tld, I get ERR_NAME_NOT_RESOLVED
How to route all traffic through Caddy? (don’t know if it’s related to the first issue)
I was searching quite a bit, but can’t find a proper step by step tutorial how to set up routing through Caddy. I believe it involves port forwarding on router itself and I tried to forward 0.0.0.0 80 > 192.168.1.11 9080 (same for 443). 192.168.1.11 is my TrueNAS machine IP and 9080 is Caddy forwarded port. In Caddy container setup I have defined Container Port 80 and Node Port 9080 (similar for 443).
I have Caddy itself up and running and in logs I see even Cloudflare certificates are obtained.
I’ve been stuck with this since I installed TrueNAS (a couple of weeks ago)
Any help or just a pointer to the right direction would be greatly appreciated
OK, so after a long wait I just got a reply from Tailscale support about domain resolving. All I had to do, remove CNAME record and add A IP instead. Now all subdomains resolve to TrueNAS UI.
I got it working. I still use Tailscale to access the Truenas UI, but I use Cloudflare Tunnel to access all my docker apps. I pretty much just followed the guide on the truenas doc.
I’m going to follow a youtube video on how to add vlan to Cloudflare Tunnel, so it’s a bit more secure. I was going to use Cloudflare Access, but it doesn’t work for Emby and honestly, all my other services are not that sensitive.
Somehow I can’t post links here, so you have to search for those guides yourself.
Yeah, I think in the terms for Cloudflare Tunnels, they said this should be mostly used for HTML, not other files. I used that for Emby could be a problem, hopefully Cloudflare don’t think I’m abusing it.
Is there any other intranet penetration solution that can solve this problem: using a custom domain name to be able to upload via large files. Because of this it is possible to use your own NAS to provide a cloud storage for you and your friends to use, thus saving the cost of renting a cloud server.
As far as I know, synology’s own service quickconnect provides a similar service, and there seems doesn’t to be a complete solution on TNS to do this, tailscale + nginx proxy manager can at best only do example.com:port for mapping. It can’t do subdomain.example.com.
Honestly I haven’t explored it, basically it’s not a problem I deal with too much, aka I use port-forwarding, tailscale or tunnels for 99.9% of my uses, and if I need to, I’ll get a cheap VPS