SCALE Apps: IP Addresses and VPN Killswitch?

[oguruma]

I'm considering moving my media server from Core to SCALE. With SCALE, I have a Transmission jail, which I've assigned a designated IP Address in a "vpn killswitch" segment.

My router pushes all addresses in the "vpn killswitch subnet" through a VPN interface, and doesn't let any traffic out the WAN for that subnet.

This is possible in Core because you can set a jail's IP address. However, networking in Kubernetes/SCALE doesn't work that way, from what I can tell.

Is there some alternative means of giving Apps their own IP address (other than putting them in a VM)?

 

[Whiskey]

Found this post while looking into assigning Apps their own IP address. I think this is not (easily) possible, as the containers live in k8s on the TrueNAS host, and thus the host would need to act as a router to forward on the traffic to the containers. I found this thread where it is explained well. Conclusion: use a reverse proxy (e.g. Traefik) and SNI routing.

However, regarding the question of using a VPN, that is possible with standard configuration in the TrueCharts Apps. See this video where it is configured, e.g. for Jackett: TrueNAS SCALE - Configuring Media Downloading

(I know the post is from a while ago, but putting this here in case others come across it)