Traefik with docker images (not TrueCharts apps)

[dirtyfreebooter]

I have a few apps I want to run that either aren't in TrueCharts, or are on the TODO list, or I want the latest and greatest and don't want to wait for TrueCharts. These run completely fine and easily by just using the "Launch Docker Image" button. But I need to reverse proxy them for SSL certs and whatnot.

I have never used k8s or k3s before TrueNAS SCALE, but I am assuming that the whole ingress part is some layer provided by TrueCharts/k3s that allows the apps to easily add to traefik and that it would not be possible or extremely cumbersome to add plain old container to traefik?

Seems like a decent option then would be for me to not use traefik and run something like NGINX Proxy Manager in container and use the internal DNS to refer to all the container ips I need for reverse proxy?

 

[sretalla]

You can run the TrueCharts app called External-Service and get that to point your docker app at Traefik... that's the best answer I found for the case you're talking about.

 

[dirtyfreebooter]

External-Service does not work for this. For me, External-Service works fine for any hosts/ips outside of the k3s, but if i try and use either an IP or name from the k3s network/dns side of things, i just get "Bad gateway"

 

[truecharts]

External-Service does not work for this. For me, External-Service works fine for any hosts/ips outside of the k3s, but if i try and use either an IP or name from the k3s network/dns side of things, i just get "Bad gateway"

It's a hack, but what @sretalla was explaining was exposing things on the host and pointing external-service to the host.
It does technically work.

If you need help with Apps like external-service it's best to reach out directly though...

 

[dirtyfreebooter]

ah that makes sense. i really like some of the stuff being brought into SCALE, but in some ways, for homelab, its really a lot of overhead to just run a docker image and have it connect up to things like traefik..

i think for a home setup that needs to mix truechart apps and running docker images directly, i will just end up running NGINX Proxy Manager and using the internal DNS system so that NGINX can reverse proxy all the services.

it would be nice one day for TrueNAS to support traefik with their own charts and "launch docker image" as well

 

[truecharts]

it would be nice one day for TrueNAS to support traefik with their own charts and "launch docker image" as well

Not very likely, well: not with the same easeof use out-of-the box.
For the GUI support for easily adding middlewares we use some bits of magic under-the-hood, that are not part of native ingress.

While we are compatible with native ingress and our treafik deployment is as well, there are quite some caveats with adding it to the SCALE GUI.

 

[dirtyfreebooter]

hrmm, yea, that really makes this whole thing a lot less user friendly. if i add an app from truenas, one from truecharts, and then say a docker image, i need to be able to reverse proxy them all, so i can use ports 80/443, dns names, and SSL (letsencrypt).

sounds like something maybe will be eventually possible, hopefully one day its just out of the box works.

thanks for your reponse

 

[truecharts]

sounds like something maybe will be eventually possible, hopefully one day its just out of the box works.

Community Catalogs and Apps are completely free in their chart and GUI design.
We already offer an alternative to launch-docker as well, for those with technical expertise.

As we explained before: It's not likely that iX will launch a solution we're going to support for either Traefik or Our Apps. We're a seperate project with completely different design philosofies, which is visible in the options we already offer, which vastly differ from the Official Apps.

 

[dirtyfreebooter]

yea, i understand. i like that the projects are separate and how much more truecharts adds. i think overall that is the right separation, imho. i guess i just hope at some point i can have one reverse proxy (as you obviously can't have more than one bound to ports 80/443) that can proxy any app added to SCALE and have DNS/SSL all integrated. otherwise you can't logically tie it all together in the most basic way. i can't imagine my use-case is far off the norm. run a bunch of apps/services, reverse proxy them to dns names and proper ssl via let's encrypt.

 

[truecharts]

We already allow all of that 100% using custom-app or external-service.
Also: Support for multiple ingress-providers/loadbalancers should be included on RELEASE launch.

Anyway, This start to look like a support chat, which we don't provide.
If you need help with the options we offer, please contact us using our support channels and our support staff would be happy to walk you through it :)

 

[dirtyfreebooter]

i tried that, and external service only worked with ips external to truenas, it didn't work with k3s dns names or ips, just got "bad gateway" .. if i switched the external-service to any thing i had running on an IP not on my truenas box, it worked fine.

i certainly could be doing something wrong, could be a bug, but i initially thought that might be solution, certainly seemed so from the docs and concept.

 

[truecharts]

i tried that, and external service only worked with ips external to truenas, it didn't work with k3s dns names or ips, just got "bad gateway" .. if i switched the external-service to any thing i had running on an IP not on my truenas box, it worked fine.

i certainly could be doing something wrong, could be a bug, but i initially thought that might be solution, certainly seemed so from the docs and concept.

That's not true, which we explained before already.
For which we provide support for from our support staff.

---
We'll leave it at this: If you cannot get something to run, reach out to our support staff please.
We do NOT provide support on this forum.