This Guide shows how to create a Cloudflare tunnel and configure the Nextcloud and Cloudflared applications in TrueNAS SCALE. The goal is to allow secure access from anywhere.
Exposing applications to the internet can create security risks. Always follow best practices to secure your applications.
See additional security considerations below.
Review the Nextcloud documentation to get a better understanding of the security implications before proceeding.
Setting Up Cloudflare Cloudflare Tunnel is a system that proxies traffic between the user and the application over the Cloudflare network.
Enhancing app security is a multifaceted challenge and there are various effective approaches. We invite community members to share insights on their methods by contributing to the documentation. Securing Apps with VPNs and Zero Trust TrueNAS SCALE offers various applications, either directly provided or via the community. While applications can greatly expand TrueNAS functionality, making them accessible from outside the local network can create security risks that need to be solved.
WireGuard is a popular option in the VPN marketplace. It is fast, simple, and uses modern cryptography standards. It is possible to connect your NAS to a WireGuard network in a few easy steps. Systems running FreeNAS version 11.3-RC1 through TrueNAS 13.0 have WireGuard capability.
Configure System Tunables for WireGuard Go to System > Tunables > Add and use these settings to enable the service:
Variable = wireguard_enable Value = YES Type = rc.
About OpenVPN A virtual private network (VPN) is an extension of a private network over public resources. It allows remote clients on a public network to access a private network via a secure connection. TrueNAS provides OpenVPN as a system level service that provides VPN server or client functionality. TrueNAS uses a single TCP or UDP port to act as a primary VPN server. This allows remote clients access to data stored on the system.
OpenVPN is an open source connection protocol. OpenVPN creates a secure connection between 2 points in a network. VPN services use OpenVPN to safeguard data integrity and provide anonymity. There two OpenVPN services on TrueNAS, the OpenVPN Client and OpenVPN Server.
OpenVPN Client Use OpenVPN Client to configure the client settings.
General Options
Name Description Client Certificate Select a valid client certificate from the dropdown list. The option is freenas_default. A certificate must exist on this system that is current and not revoked.
Community applications are created and maintained by members of the TrueNAS community. Similarly, community members actively maintain application articles in this section. Click Edit Page in the top right corner to propose changes to this article. WG Easy is the easiest way to install and manage WireGuard on any Linux host. The application is included in the Community catalog of applications.
WG EASY is a Docker image designed to simplify setting up and managing WireGuard connections.
TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
Compare Editions
TrueCommand
Software Status
FreeNAS
Compare Systems
F-Series
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS Enterprise
Where to Buy