This is how I currently run my Nextcloud software, so I can backup data from my phones and PCs. If you don’t know what Nextcloud is, then check it out here. I recommend listening to LUP 548 for some context about this post.
TrueNAS SCALE
My preferred Network Attached Storage OS
I have used FreeNAS in the past and I thought it was decent enough for just storing files, but since it was FreeBSD-based I had issues running extra software on it. I ran it on a Intel Atom for a few years back around 2012 just to give some background. I was playing around with learning docker on the side and didn’t understand how it all worked until I watched this YouTube video by Traversy Media. Also enter FreeNAS Corral around the same time. It finally all clicked together, but FreeNAS Corral failed. Thankfully I learned what I needed to learn from using it.
Back in 2021 I switched to running Fedora for my desktops and my servers, using BtrFS and all was good for a time. I could spin up extra software via podman on the server. Then one day my server rebooted and one of my drives couldn’t be mounted any longer. Something had happened to BtrFS that put it in a state that it couldn’t be mounted any longer, at least by normal ways. I was able to mount it via read-only recovery and copied all the data off the drive. With that scare, I went back to wanting to use ZFS.
It was time to start using TrueNAS SCALE in my home and it has been rock solid for my data. Getting apps running on it took me some doing. I had no clue about kubernetes or helm, but I was willing to learn. I found out that Nextcloud was provided via TrueNAS charts by default, so I tried that out first. While I did get it running and it was fairly trivial to setup that version, the whole setup was very limiting. I wanted to host even more things on my TrueNAS, which meant I needed a reverse proxy up and running.
TrueCharts
A lot more software for TrueNAS
I found out that I could setup TrueCharts to run Traefik as a reverse proxy for all my TrueCharts apps, it would handle all TLS Certificate and DNS name responses. To get the DNS names to point to my TrueNAS server, I added some DNS overrides in OPNsense, the router OS I am running on a ZimaBoard model 832.
The TrueNAS web interface needs to be rebound to different ports, so it doesn’t conflict with running Traefik. It can be configured at https://truenas-ip:port/ui/system/general of the web interface. If you want to use the same certificate as Traefik, set up the certs first and also have DNS resolve to the TrueNAS server’s IP addresses.
Adding Certificates was important for me, so I configured it to use my Cloudflare DNS for Let’s Encrypt. Those can be configured at https://truenas-ip:port/ui/credentials/certificates. The Certificate Signing Requests has to be done first, then Certificates can be added.
Add TrueCharts to the system via https://truenas-ip:port/ui/apps/available/catalogs.
A few apps need to be installed before Nextcloud or Traefik, they include cert-manager, cloudnative-pg, clusterissuer, prometheus-operator. Most of them don’t require configuration, but clusterissuer does.
After those are installed, Traefik is next. We have to expose ports 80 and 443 on the TrueNAS network interface, ClusterIP is only accessible via the cluster’s network. Traefik will reverse proxy those connections. If you ingest Traefik into itself, you can access the service web page via the reverse proxy.
Lastly, install Nextcloud. Default Phone Region had to be entered manually and Access IP is TrueNAS’s IP address. I highly recommend using a Host Path for the User Data Storage and make sure it is a directory that will only be used by Nextcloud. This way, if the app fails, you can still copy out the unencrypted data. PVCs are nice for settings and such that can be recreated. Enable the Ingress to be the DNS name that is going to be resolved, enable the cert setting and install.
This isn’t a completely detailed guide, but I hope it helps for people who need to fill in the gaps. It took me a lot of web searches to figure out all the settings I needed to get this all up and running. If I get any feedback or questions, I will try to update this with more information.