DO NOT check Userspace when deploying tailscale!!!!!
With userspace unchecked, tailscale runs as root so local routing will work which is what you want. Otherwise, you can advertise routes and it will never work and you'll be frustrated.
The larger issue is that the Web portal for the apps always use the fixed numeric IP of the truenas server so when you hit "Web portal" button, it will redirect to your local LAN address and tailscale will not be able to locate the server.
The best thing is for all the apps to listen on 0.0.0.0 (all interfaces), but you can't seem to configure that easily (documentation hard to find and no clear setting for this).
The simplest alternative is for tailscale to advertise a route to the LAN IP of the truenas server, in my case 192.168.1.115. This will work if you have Userspace unchecked. This is the method I use to make all my apps work.
WARNING: Tailscale sets the METRIC to 5 which is ridiculously low so if you advertise a route to an IP on your LAN and you have other tailscale clients on your LAN, it will route all traffic via the advertiser because it thinks that is the shortest hop to the destination. I can't believe they haven't figured this out; they should pick a metric which is 1 higher than the LANs own metric (which is around 20).
But if you only advertise the local IP of your truenas server, there's no issue.
So that is the simplest solution I'm aware of.
Note: I'm assuming you're asking about Web Portals for the apps which is what I answered.
I also have Host Networking checked.