TrueNAS-Compose | Your Docker Stacks for TrueNAS Scale

PapaGigas · March 6, 2025, 11:19am

Hi everyone,

I’m creating this thread to ask for your assistance in setting up the ultimate home server using TrueNAS Scale and Docker-Compose.

To help others achieve this goal, I’ve built a simple webpage (still a work in progress, not fully optimized yet, just a Proof of Concept) that I hope will be useful to everyone:

While I’m not an expert in Docker, I’m an enthusiast eager to get your help in optimizing the stacks and the instructions for each one. The aim is to make them secure, fully functional, and easy to set up.

PS: Before posting this thread, I reached out via the Level1Techs contact form to request permission to open a thread on the forum. However, I haven’t received a response yet, so I went ahead and posted to get feedback as soon as possible. I sincerely hope I’m not violating any forum rules.

Thanks for your support!

Best regards,
PapaGigas

sloma · March 9, 2025, 10:14pm

This is an easy to follow guide for a noob like me. Thank you for your time making it.

There are couple issues though, figuring the remote access to some of the services is trial and error or rather re-reading the configuration to find the right ports.

For example, trying to access remotly Kali Linux, I tried two ports visible in Dockge - 38086, 38087 while it actually the other ports: 3000 and 3001.

Is there a way for Dockge to redirect to ‘configured-ip:3001’ port?

PapaGigas · March 10, 2025, 12:56am

That’s because Kali Linux is running on a macvlan network called ‘home’.

If you comment that network and redeploy the stack you’ll be able to access it via the host ports!

networks:
  #home:
    #ipv4_address: ${KALI_HOST_IP:-192.168.1.53}
  proxy:
    ipv4_address: 172.17.0.11

If you remove it from the ‘home’ network you can access it via Dockge or like this:

http://192.168.1.1:38086

https://192.168.1.1:38087

Or… keep it on the ‘home’ network and just disable the host ports (optional):

#ports:
  #- 38086:3000
  #- 38087:3001

Then… you can access it like this (but not from Dockge):

http://192.168.1.53:3000

https://192.168.1.53:3001

PS: Thanks for your feedback! I’ll try to make this clearer in the installation instructions for the containers that are using the ‘home’ network.

Best regards,
PapaGigas

sloma · March 10, 2025, 11:52pm

Just want to let you know that obtaining API for NordVPN doesn’t work, the link to API returns 404 error.

Is there another way to configure NordVPN or get their API key? Their legacy API has been deprecated.

Up to this point I had no major issues with following your guide. I have to say again it’s quite straightforward.

PapaGigas · March 11, 2025, 1:08am

Sorry, my mistake, lol, thanks for pointing that out!

Here’s the updated version:

25 - Open NordVPN's dashboard and navigate to "Access token" to generate a new access token. # https://my.nordaccount.com/dashboard/nordvpn/access-tokens/authorize

26 - Navigate to "System > Shell" in the TrueNAS interface.

27 - Copy and paste the following command into the TrueNAS shell to get your wireguard key: # Replace '<access_token>' with the token generated on step 25

curl -s -u token:<access_token> https://api.nordvpn.com/v1/users/services/credentials | jq -r .nordlynx_private_key

Best regards,
PapaGigas

sloma · March 11, 2025, 5:25pm

That did it, thank you.

Sorry for bombarding you with questions, but if I don’t have Nvidia then for the immich to work correctly I need to ditch the whole config for immich-ai, is that correct?

PapaGigas · March 11, 2025, 11:56pm

Yes, you can ditch the ‘immich-ai’ service entirely.

You also need to remove this from the ‘immich’ service:

runtime: nvidia
deploy:
  resources:
    reservations:
      devices:
        - driver: nvidia
          count: all
          capabilities: [compute, utility]

This from the environment variables:

  - MACHINE_LEARNING_HOST=172.17.22.3
  - MACHINE_LEARNING_PORT=3003
  - MACHINE_LEARNING_WORKERS=1
  - MACHINE_LEARNING_WORKER_TIMEOUT=120
  - NVIDIA_DRIVER_CAPABILITIES=all

And this from the dependencies:

  immich-ai:
    condition: service_healthy

PS: I’ll be finishing the guide next week when I get back home, but in the meantime, I’ll try to help with any issues that might come up!

Best regards,
PapaGigas

sloma · March 12, 2025, 7:02pm

Unfortunately, this still doesn’t work, this is what dockge shows me:

[+] Running 3/3
 ✘ Container immich-postgres  Error                                                                 0.2s 
 ✔ Container immich-redis     Healthy                                                               0.2s 
 ✔ Container immich           Created                                                               0.1s 
dependency failed to start: container immich-postgres is unhealthy

There seems to be a problem with permissions, since dockge fails to deploy the container it doesn’t even show the terminal. Portainer is able to show me the log for immich-postgress and this is what I get:

mkdir: cannot create directory ‘/var/lib/postgresql/data’: Permission denied

Thanks again.