Login

u/Friendly_Potential69

▲ 1 r/truenas

Truenas Traefik tailscale: networking ports and alias

Hi, I’m trying to deploy Traefik via Docker Compose on TrueNAS SCALE, but I’ve hit the usual problem: TrueNAS reserves ports 80 and 443 for its built‑in nginx, so Traefik cannot bind to them.

I’ve spent hours reading threads about alias IPs, port redirection, and nginx overrides, but I still can’t find a clean, supported solution.

My requirements:

I do not want to modify TrueNAS’s nginx config.

I do not want to create custom nginx reverse‑proxy rules.

I want Traefik reachable from my LAN (192.168.x.x).

I also want Traefik reachable from Tailscale (MagicDNS + HTTPS).

I’m unsure whether the alias IP method on the TrueNAS NIC is the correct or safe approach.

I’m deploying Traefik via custom docker‑compose, not Apps.

I use about 15 custom apps including some that needs TLS and tailscale and traffic (immich, vaulwarden...).

My questions:

Is adding a second alias IP to the TrueNAS NIC the correct way to let Traefik bind to 80/443 without conflicting with TrueNAS nginx?

If yes, should Traefik bind to only the alias IP, or both alias + Tailscale IP?

What are the implications of using an alias on overall deployment of security?

Also that alias is a lan ip, should I use a dhcp ip reservation in my lan routeur?

Is there a better method to expose Traefik on LAN + Tailscale without touching TrueNAS nginx?

What about the "network" tag in the docker compose file?

I have excluded tailscale from my dynamic.yaml traefik config, was I right?

How do others run Traefik on TrueNAS SCALE cleanly without hacks?

Any guidance from people who solved this would help a lot...

reddit.com
u/Friendly_Potential69 — 3 days ago
▲ 2 r/truenas

Custom apps deployment best practices

Hi, So I have Truenas scale 25.10.3. I did setup some smb shares and that works very well. I have also deployed 4 custom apps from the stack of 15 apps I selected. I created some scripts to automate everything including encryption of .env files using sops before uploading the encrypted version in GitHub. Also have separate workflows to copy them in clear to the nas locally.

That also involves some scripts to create the datasets required by each apps.

No need to say that it quickly became a complex factory with issues with idempotency, etc...

Right now I decided to stop and use Ansible.

In the meantime im trying to understand whats best practice or how people designed their custom app setup? I mean I doubt everyone manually recreate the datasets needed for each apps, etc? Most likely that scenario would be when/ if having to recreate the nas from zero but it can happen...

Also another problem I see is the millions logins required, so far I had to create like 20 login/passwords with only 4 apps... (Db, admin, normal user, other user, api tokens...). Do you use some sort of sso or oidc? I looked into oidc but that was not simple...

I also intend to deploy traefic in my stack but by default it conflicts with truenas' nginx and I have to look into that later.

Another question is how to manage the docker deployment files updates because I look at each projects installations files but they often change (like db postgres moved from 16 to 18, etc ...). Obviously can't use latest tag...

Im after tips, best practices...

Ps: I started using homarr to have a gui where i can reach all my apps from a single place. Looks neat but also requires time to configure!

Well any feedback is appreciated, 👍🏽

reddit.com
u/Friendly_Potential69 — 5 days ago
▲ 5 r/Hikvision

Bad support: who owns the HIKVision device?

Hi, Certainly not impressed by hikvision support, especially EU, Dach and UK. While uk replied promptly they rejected my password reset claiming its not their regional device. I informed that the support for my region aren't responding for weeks. So im locked down of my own device due to internal stupidity, greed and wrong sense of ownership by that corporate junk company.

Even the global online form did not work. What a waste of time!

reddit.com
u/Friendly_Potential69 — 9 days ago
▲ 1 r/truenas

Hi,
I have about 1 month experience with my truenas now (version 25.10.3). I have already succesfully deployed 1 custom app (Donetick), and played around with the UI.
My plan is currently to deploy 14 other selected apps in my stack. My device is a Ugreen 4800Plus nas, 64GB Ram (before prices went crazy) and 1 pool of 3* Seagate 20TB HDD exos x24 and 1 pool of one 2TB SSD WD Red SN700 (no redundancy). I can't afford a 4th HDD or a second SSD with foolish prices.

I started using custom Apps immediately on TrueNAS SCALE 25.10.3, so now I am not fully sure what the native features actually are when you do not use Apps, Docker, or any containers.

For example, I understand the basics:
You create a dataset, expose it via SMB or NFS, set permissions, and that is it.
But what else is considered “native” to TrueNAS itself?

PS. I know mostly a nas is about storage, I'm just trying to learn the basis to consolidate my other acquired experience...

I want to understand the full list of built‑in, non‑container features so I know what TrueNAS provides out of the box before adding Apps.

Also, one thing I never fully understood:
Why would someone use a native SMB or NFS mount instead of installing an App like Nextcloud for file access?
Is it about performance, simplicity, reliability, or something else?

So my questions are:
• What counts as native in 25.10.3?
• What features exist without Apps or Docker?
• In which cases is a simple dataset plus SMB share better than running something like Nextcloud?

I want to get a clear picture of the core TrueNAS features before relying on Apps.

Thanks!

reddit.com
u/Friendly_Potential69 — 16 days ago
▲ 0 r/truenas

Hi all — running TrueNAS SCALE 25.10.3 and trying to install a custom app via a combined Docker Compose YAML, but I can’t find the Install via YAML option anywhere in the Apps UI.

Edit: it is explained in the doc, and there are 3 docs next to "Discovery", so it's me who was blind, apologies for the waste of time!

Custom App on the Discover screen opens the Install iX App guided installation wizard. more_vert > Install via YAML opens the Add Custom App screen with an advanced YAML editor for deploying apps using Docker Compose.

source:

https://www.truenas.com/docs/scale/25.10/scaleuireference/apps/installcustomappscreens/index.html

Original post:

I checked the official docs (the only relevant doc I found):
https://www.truenas.com/docs/scale/25.10/scaleuireference/apps/installcustomappscreens/index.html

I also inspected the Apps UI form I do have, it shows the per‑container fields (Application Name, Version, Image, Ports, Storage, Environment, Security Context, Network, etc.) but there’s no YAML editor, no “Install via YAML” button, and no three‑dot menu that I read somewhere.

Here’s the UI text I see (copied from the form):

Code

Application name
Application Name*
Version*
1.4.3
General
Notes
...
Image Configuration
Repository* Tag Pull Policy*
Container Configuration
Hostname Entrypoint Command Timezone* Environment Variables Restart Policy* TTY Stdin Devices
Security Context Configuration Privileged Capabilities Custom User
Network Configuration Host Network Ports Networks Custom DNS Setup
Storage Configuration Storage
Labels Configuration
Resources Configuration Enable Resource Limits GPU Configuration

Questions for the community:

  • Is Install via YAML hidden behind a setting or a specific Apps catalog version in 25.10.3?
  • Do I need to enable something (Apps feature, a catalog, or a specific permission) to see the YAML option?
  • Has the UI changed in 25.10.3 so the YAML install moved somewhere else?
  • If the YAML option is gone, what’s the recommended workflow to deploy a combined compose file via the UI (or best GUI alternative)?

What I’ve tried:

  • Looked through Apps → Discover / Custom App and the Apps page (no YAML option).
  • Verified I’m using an admin account.
  • Read the linked docs page above (only doc I could find about the feature).

Any pointers appreciated, if someone can point to the exact clicks or a screenshot of where the YAML editor lives in 25.10.3, that would be perfect.

Thanks.

PS: Truenas UI sucks with hiding components, I keep running into UI decisions that waste time. Case in point: I wanted to update my ZFS pool after a minor version upgrade. I spent ages hunting for an “Update pool” button only to discover it only appears if an update is actually available. No greyed‑out button, no tooltip, no explanation: it simply isn’t there until the system decides to show it.

That’s terrible UX. If a control is conditional, at least show it disabled with a short explanation like “No update available” or “Pool already up to date” so users don’t waste time looking for something that isn’t visible. Hiding controls entirely makes routine maintenance confusing and leads to wasted time and frustration.

I read afterwards that it's only visible after major version update but still!!

u/Friendly_Potential69 — 23 days ago