Truenas Scale Setup + Traefik + DMZ

[Krautmaster]

Hi there,
currently im using a seperate pfsense FW and nginx reverse proxy to route to my webservers and mainly my nextcloud. The Reverse Proxy terminates HTTPS, DMZ internally its doing HTTP only. No wildcard certs. Letsencypt on the reverse proxy

The plan is to move from these separated clients to docker / apps in Scale.

That for I "simply" want Traefik to do the proxy job, into my DMZ over the second NIC attached to my NAS. So i can keep eg server X in the DMZ while having the NAS migrated as an app. Traefik will handle the names and routes.

Any how, I was not able to get it done. How can I make it routing to one of my exiting servers and ideally terminating with a wildcard cert in the Truenas Server? But Cert might be an other topic, at least a simple plain http route to one DMZ server of my choice should work.

Thanks for your help.

 

[kentb]

I'd love to hear if you got this one working ... having TrueNAS Scale straddling the DMZ, with different reverse proxy rules for the DMZ than for the internal network.

I am heading towards trying multiple traefik instances, one for each network interface, but managing the configuration may be a little tricky.

 

[Krautmaster]

sadly did not get it to work. Could not get a simple redirect to a external host working in traefik. I bet it works any how. Simply "Public domain -> dyndns + NAT -> Truenas Scale Host 443/80 -> different "dmz host".

Maybe someone got an idea how to. As far as I remember, plugin instances worked like the nextcloud thing.