Wrong redirection to TrueNAS GUI using Ngnix Proxy Manager

valmar · January 29, 2025, 9:00pm

Dear All, I am a new and very enthusiastic TrueNAS user, but I have problems with Nginx Proxy Manager redirecting to the wrong port, but only with curl/python requests. Let me explain.

I am using TrueNAS 24.10.1. I have installed the Jellyfin, and Nignx Proxy Manager apps (latest versions for both), and, following the " HOWTO: Host a Service privately on TrueNAS with a valid SSL Certificate" guide: , I set up redirection via Nginx and got a Let’s Encrypt certicate for my Jellyfin installation. Also, I got a Let’s Encript certificate for my TrueNAS’s GUI.

In the browser, everything works fine. I type https://jellyfin.mydomain.com and that gets redirected by Nginx to a port on the machine where TrueNAS is running (192.168.50.100:30013, for example).

However, now I have an app in a custom docker container that tries to connect to Jellyfin. The app, which I did not write, fails to connect. If I open a shell on the container and try to use curl to see what is happening, I see a strange behavior:

> curl -Ii https://jellyfin.mydomain.net
HTTP/2 302 
server: nginx
date: Wed, 29 Jan 2025 20:04:36 GMT
content-type: text/html
content-length: 138
location: https://jellyfin.mydomain.net/ui/
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN

Please notice that the redirect seems wrong: instead of going to 192.168.50.100:30013 this seems to be redirected to port 443, where the TrueNAS gui is running. We can tell because it gets redirected to /ui and it uses the TrueNAS GUI’s SSL certificate rather than the jellyfin’s one: https://jellyfin.mydomain.net/ui/ . However, https://jellyfin.vlmcloud.net works perfectly in the browser and redirects correctly on all other machines in the network, except from within TrueNAS:

> curl -iI https://jellyfin.mydomain.net
HTTP/1.1 302 Found
Server: openresty
Date: Wed, 29 Jan 2025 20:54:00 GMT
Connection: keep-alive
Location: web/
X-Served-By: jellyfin.mydomain.net

Does anyone have an idea about what is going on?

Valmar

PS: I am using a bridge network interface, in case that plays a factor

rumplin · January 29, 2025, 10:16pm

Looks like an DNS issue, your app doesn’t know to resolve your *.mydomain.net.
Check your DNS settings in TrueNAS and for Docker.

valmar · January 29, 2025, 11:00pm

Thank you for the quick answer. Do you mean specifically for jellyfin.vlmcloud.net or for the general domain vlmcloud.net? I checked the DNS configuration in TrueNAS, and it’s pointing to Cloudflare DNS (1.1.1.1), which is also where I set up the DNS records for my domain. Thanks again!

valmar · January 31, 2025, 7:32am

So, I run more tests, and I think that TrueNAS can resove the address. For example:

truenas_admin@truenas[~]$ ping  jellyfin.vlmcloud.net 
PING jellyfin.vlmcloud.net (100.82.150.56) 56(84) bytes of data.
64 bytes from 100.82.150.56 (100.82.150.56): icmp_seq=1 ttl=64 time=0.063 ms
64 bytes from 100.82.150.56 (100.82.150.56): icmp_seq=2 ttl=64 time=0.085 ms
64 bytes from 100.82.150.56 (100.82.150.56): icmp_seq=3 ttl=64 time=0.064 ms

100.82.150.56 is exactly the IP of my local Nginx Proxy App, so I think this is resolving correctly