Sanity Check before deploying Nextcloud on SCALE - what's the best way?

Prior to this weekend, I was running TrueNAS CORE with a bunch of jails for various web-based apps (Nextcloud, Piwigo). I also had / currently have a VM running Virtualmin, that is in my DMZ and acts as a Proxy to the various jails, as well as hosting its own sites (a bunch of hobby sites with WordPress, Joomla, etc.)

I migrated to TrueNAS SCALE, deciding to take the hit of some downtime while I learned the new system - it’s a personal server, and nothing critical will be affected while I get this sorted out. The VM moved over smoothly, so Websites and the Proxy server are working fine. So far, so good.

Now for the challenge of the apps - I am trying to decide between 1) Using the various apps built into Scale and proxying to them, or 2) Setting them up in my Virtualmin VM, and mounting the storage via NFS to a TrueNAS share, so that the data is outside of the VM and can be backed up / snapshotted easily.

My main concern is that with the Apps, everything will have the same IP as the host, and use different ports. Is there a way under Dragonfish to set up each app with its own environment, similar to how Jails worked under CORE? That would be ideal, as then I can just proxy to the environment from my VM, and don’t need to worry about port adjustment, etc.

Your post doesn’t seem to connect that well with your title. For Nextcloud specifically, there are so many interdependent moving parts that I tend to think the best way is in a VM or VM-like environment (e.g., LXC) rather than any kind of pushbutton installer, be it the current iX app, the TrueCharts helm chart, or generic docker compose. Any of those are going to leave you with a black box that is very hard to modify or troubleshoot when (not if) it becomes necessary.

To your more general question:

Not really, understanding “app” to refer to the point-and-click installation available under the “Apps” menu in the system. You can use Jailmaker to create sandboxes, and those can be given their own network environment–that’s the closest that’s currently available. LXC support is planned for 25.04.

Got it, thank you. I am thinking the best way may be to do it from within my existing VM for now, and I can move them to a LXC environment once it’s up and stable.

Try a Sandbox made with Jailmaker, which is similar to an LXC (fundamental difference is Sandboxes require systemd distros)