SSL Reverse Proxy Jail

Reverse Proxy Diagram

I’ve written a few blogs about this subject too (most recently here), so after several attempts which worked, but were a little messy, I’ve done a bit more research.  That’s led me to create a single jail to work as a both a reverse proxy with SSL.  I’ll be using all the same tools as before, so NGINX for the reverse-proxy and Certbot to create (and hopefully automatically renew) the LetsEncrypt certificates.



When I built my main FreeNAS server, the machine it replaced was put into backup duties with a nightly replication created to move some of the files from one (freenas1) to the other (freenas2).  freenas1 has 9 x 4TB drives configured in an RAIDZ2 pool (similar to RAID6) which means that any two drives could fail, and I wouldn’t loose any data, but everyone should know that redundancy is no substitute for a backup!  Using two drives for parity, along with the ZFS overhead leaves me with around 24TB of useable space on freenas1.  freenas2 only has 5 x 4TB drives, but these are just configured as a stripe (like RAID0) so provide more storage at the expense of any redundancy.  It leaves me with just over 18TB of useable space, so not enough to backup a full freenas1, but certainly the most important stuff. (more…)

New Plex Jail

I thought I’d rebuild my Plex Media Server (PMS) jail today, so it’s using the latest FreeBSD 10.3 template which would hopefully mean when the next PMS update was released, I’d have no problem updating the jail.  While the 9.3 template jails continue to work on FreeNAS 9.10, comments on the forum seem to suggest that updating using packages or ports won’t work, so I was trying to get ahead of the game! (more…)

More SSL fun with LetsEncrypt & Certbot

The SSL certificate for my company domain ( was due to expire at the beginning of June and was slightly out of kilter with my other certificates.  They are all LetsEncrypt ones and are created using Certbot in a jail on my FreeNAS server, but for some reason Certbot had decided it doesn’t want to work anymore, which was one of the main reasons for updating my FreeNAS server here.  So after the upgrade, I had to decide whether to rebuild my NGINX proxy server (which I used for running Certbot) or to build a jail just for running Certbot and maintaining the certificates. (more…)

FreeNAS Manual Update

FreeNAS Shark Logo



OK, so I wasn’t expecting this to be straight forward, but I also didn’t expect to fall at the first hurdle!

I knew I couldn’t use the auto updater built into FreeNAS, as this will take me to the latest stable or nightly train.  I was hoping I could just download the 9.10.1-U4 iso file from and then use the Manual Update button to run this.  This throws up an error message before it’s even copied the files across to the temporary location. (more…)

at consectetur nunc suscipit ipsum commodo neque.