Watch this EXCELLENT tutorial by Capt Stux. I got 3/4 of the way through it and it was all I needed to set up nginx working with cloudflare and certbot/ACME certs and true IP address.
Here are a few gotcha’s that took a little while to figure out. These may save you some time.
- REFRESH is your friend in Dockge when you restart a container. I kept wondering why I wasn’t seeing anything. It should auto-refresh when you restart. so you have to do it manually.
- For cloudflare, you ONLY should proxy http and https traffic since you’d need dedicated hardware to proxy any other protocol. And be sure to set the SSL to the highest setting or you’re gonna experience loops making your website inaccessible.
- I did the quick and dirty mapping of the entire /etc/nginx directory to a truenas pool since that let’s you do what you need to do an have it persist (e.g., make include files that should be in the main directory, not conf.d). It didn’t look like certbot was installed in the docker image of nginx, so i made a custom Dockerfile to create it.
- I put the IP addresses for cloudflare in an include file and just included that in each server. Worked llike a charm.
- I upgraded my RAM to 128GB and rebooted truenas and everything was back in business just like it was when I took down the server.
Super impressed with jails… absolutely trouble free.
And the highlight of the whole experience was watching Capt Stux create a bridge on TrueNAS in less than 2 seconds. It’s at the 7 minute 45 second mark in the video and worth watching if you haven’t seen this technique before. I’ve been a computer user for nearly 60 years and I’ve never seen anything like that ever before. I need to learn how he did that. It seems like a generally useful method.
