TrueNAS Scale with NextCloud, Collabora, Cloudflared and Traefik

755

Install TrueNAS Scale

1. Install TrueNAS Scale. If install on single hard drive, need to split boot partition and data partition, then use zpool to create pool, export pool, then import pool in TrueNAS WebUI.
2. Change TrueNAS http to 81 and https to 8443

Configure ACME with Cloudflare

To be edit

1. Login to TrueNAS
2. Add email into root account.
3. Go to Certificate, then add “ACME DNS-Authenticators”
4. Type the name, such as “Cloudflare”, and select “cloudflare” under Authenticator.
5. Enter the root email address
6. Go to Cloudflare portal and login it.
7. Go to My Profile -> API Tokens
8. Click Create Token, then “Get Start” under Custom Token
9. Give a name for token
10. In Permission add two entries
    • Zone/Zone/Read
    • Zone/DNS/Edit
11. Click Continue, then click Create
12. Copy the API Token
13. Paste the API Token to API Token in TrueNAS
14. Click Save
15. Click Add under Certificate Signing Requests
16. Enter CSR on name field
17. Type is “Certificate Signing Request”
18. Leave blank on Profile
19. Click next till “Certificate Subject”
20. Enter the details
21. In Subject Alternative Names, put *.mydomainname.com
22. Then click next till Save
23. Click the spanner on right side of CSR just created
24. Enter the cert name on identifier, such as “cert”
25. Click “Terms of Services”
26. Select “Let’s Encrypt Production Directory” under ACME Server Directory URI
27. Select “Cloudflare” under Domains, which created on step 4-14 above.
28. Click Save.

Install Truecharts

1. Go to Applications, then Manage Catalogs, to Add Catalog
2. Input below information for new catalog
   Name = Truecharts
   Catalog URL = https://github.com/truecharts/catalog
   Branch = main
   Trains = stable, enterprise, incubator
3. It will take around 10 mins to add the catalog

Install Cloudflared

1. Install cloudflared
2. Add Tunnel Token. The token generate from Cloudflare WebUI
   • Go to Zero Trust->Access->Tunnels
   • Create a new tunnel
   • Copy the key from installer command

Install Traefik

1. Install Traefik
2. Change Entrypoints 80 and 443

Install NextCloud

1. Create dataset on pool, for NextCloud Data.
   • nextcloud-data
   • nextcloud-app
2. Set permission to www-data:www-data, and chmod as 775
3. Install NextCloud with TrueCharts version
4. Change username and password
5. Change App html Storage and UserData Storage to Host Path
6. Add a Manaul Custom Ingress
7. Add Hosts, and input a hostname which target to access from external
8. Add Path / with type as “Prefix”
9. Add TLS-Settings, then Add Certificate Hosts
10. Enter the same hostname as step 7
11. Select Cert created on ACME part
12. Click Save

Install Collabora

1. Install Collabora
2. Change username and password
3. Enter the Server Name, this is same domain level of NextCloud. For example, if used nextcloud.xyz.com, then user collabora.xyz.com
4. Change Certificate to cert which using the same certificate with NextCloud above.

Configure Collabora on NextCloud

1. Login NextCloud
2. Go to Apps, then download and enable NextCloud Office
3. Go to Administration settings
4. Go to NextCloud Office
5. Select Use your own server, then put Collabora URL and Port
6. Save it

Configure Cloudflare Tunnel

1. Go to Cloudflare Tunnel again
2. Select the tunnel created above
3. Go to Public Hostname, to add a new entry
4. Enter the subdomain used for nextcloud, and select the domain
5. In Service part, select HTTPS as type, and put TrueNAS Scale IP Address with NextCloud Port
6. Expand the “Additional application settings” and TLS
7. Enable “No TLS Verify”
8. Save it.

Refer –
https://truecharts.org/manual/SCALE/guides/getting-started/#adding-truecharts
https://www.truenas.com/docs/scale/scaletutorials/credentials/certificates/settingupletsencryptcertificates/
https://youtu.be/TJ5fDiDRcbU