Budget 95$:::::OVH VPS (3 IP) + TrueNAS SCALE: WireGuard + Nginx Proxy Manager + Dockge + Emby/Plex/Jellyfin + Nextcloud + Backups (Full setup)

$30-250 USD

Fechado

Publicado há aproximadamente 2 meses

$30-250 USD

Pago na entrega

OVH VPS (3 IP) + TrueNAS SCALE: WireGuard + Nginx Proxy Manager + Dockge + Emby/Plex/Jellyfin + Nextcloud + Backups (Full setup) Project Description ////////// BUGET 90 $ ///////////////////// IS EXEMPLE !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! I need an experienced Linux/TrueNAS engineer to build a secure remote-access architecture for my home TrueNAS SCALE server using an OVH VPS as the public gateway. Environment: TrueNAS SCALE at home (LAN) OVH VPS (image: Debian 12 – Docker) Domain: [login to view URL] (DNS managed in OVH panel) 3 public IPs available on the VPS Work via AnyDesk on my PC (I will provide access/credentials) Goal: The VPS must be the only public entry point (HTTPS 443). A WireGuard tunnel connects VPS - home LAN so services are accessible externally without exposing TrueNAS WebUI/SMB/admin panels publicly. Important: Installation alone is NOT accepted. Everything must be installed AND fully configured, tested end-to-end, and delivered with proof. Required Scope of Work 1) OVH Configuration (IPs + DNS) Configure/use the 3 VPS public IPs and ensure Debian can bind services to specific IPs. Configure OVH DNS zone for [login to view URL]: A records IP1 (WEB) for: [login to view URL], [login to view URL] [login to view URL], [login to view URL], [login to view URL] [login to view URL] (optional) [login to view URL] IP2 (WireGuard) 2) VPS Debian 12 (Docker) — 3 IP Best Practice Use the 3 IPs like this: IP1 = WEB/public: only ports 80/443 IP2 = VPN/WireGuard: only 51820/UDP IP3 = ADMIN/private: SSH + admin panels VPN-only (recommended) Tasks: System hardening + firewall (UFW strict rules) Install/configure WireGuard server on VPS Tunnel: [login to view URL] (VPS [login to view URL], home gateway [login to view URL]) Install/configure Nginx Proxy Manager (Docker): Bind 80/443 to IP1 Bind Admin UI (81) to IP3 (VPN-only) 3) Home Side: TrueNAS + WG-Gateway VM Create a small Linux VM (Debian/Ubuntu) on TrueNAS as WG-Gateway Configure WireGuard client + routing/NAT so VPS can reach my LAN through tunnel No inbound ports opened on the home router (target) 4) TrueNAS Datasets + Permissions (critical) Create datasets (example pool Pool1) and set correct ACL/permissions: Pool1/Media_Movies, Pool1/Media_Series (+ optional Media_TV) Pool1/AppData/{emby,plex,jellyfin,nextcloud,dockge} Pool1/Docker/stacks Pool1/Transcode/{emby,plex,jellyfin} Pool1/Backups/TrueNASConfig Media mounts must be read-only in containers; AppData/Transcode/Stacks must be read-write. No “Access denied”. 5) Install & Configure Apps on TrueNAS (Required) Install Dockge (LAN/VPN only) Install/configure Emby + Plex + Jellyfin with consistent mounts: /config (RW), /transcode (RW), /movies (RO), /series (RO) Install/configure Nextcloud and publish via [login to view URL] SMB shares if needed, but SMB must never be exposed publicly (VPN/LAN only) 6) No GPU / Transcoding policy (important) I have no dedicated GPU currently (CPU-only). Disable hardware acceleration in Emby/Plex/Jellyfin Configure to prioritize Direct Play/Direct Stream and minimize transcoding 7) Test Media (LEGAL only) Use only legal/open licensed test media (no piracy). Minimum test items: 2 Movies + 2 TV episodes + 1 x 4K test file Verify scan + playback on all 3 media servers. 8) Backups (Required) + Restore proof Configure automatic ZFS snapshots (AppData/stacks + media) Perform restore test (delete a test file and restore from snapshot) — proof required Export TrueNAS config and store in Pool1/Backups/TrueNASConfig Final Acceptance Tests (Must Pass) WireGuard stable; VPS can reach home LAN services External test via 4G hotspot: [login to view URL] valid HTTPS [login to view URL] valid HTTPS [login to view URL] valid HTTPS [login to view URL] valid HTTPS Movies + Series appear and playback works on Emby/Plex/Jellyfin 4K test file remote playback confirms Direct Play (not transcoding) SMB works on LAN and remotely via VPN only Backups configured + restore proof + TrueNAS config exported Deliverables Required Network diagram (VPS IP1/IP2/IP3 WireGuard WG-Gateway LAN) OVH DNS record list (screenshots preferred) Notes on VPS 3-IP configuration on Debian Firewall rules + open ports list WireGuard config summary (public keys ok; keep private keys secure) NPM screenshots: proxy hosts + SSL certificates Dataset list + permissions overview Dockge compose stacks + persistent paths Proof screenshots/logs: external access, playback, Direct Play, snapshots/restore Short How-To doc: restart services, add a proxy host, add a stack, troubleshooting, restore steps

System Administration

ID do Projeto: 40131357

Sobre o projeto

5 propostas

Projeto remoto

Ativo há 17 dias

Quer ganhar algum dinheiro?

Endereço de e-mail

Benefícios de ofertar no Freelancer

Defina seu orçamento e seu prazo

Seja pago pelo seu trabalho

Descreva sua proposta

É grátis para se inscrever e fazer ofertas em trabalhos

5 freelancers estão ofertando em média $125 USD for esse trabalho

@ramygoda1590

Hi there, I am networking expert specialist and consultant for more than 11 years, who spend my free time to learn about new technologies in networking, security field to be always up to date. please just ping me on chat to have a short discussion on your project i will always look for solving your tasks ickly. below is a brief on my experience: Technology Specialist: --------------------- - Can design, implment large scale networking and make exaplanation reports. - Practice on Cisco Packet Tracer, GNS-3, EVE-NG. - Excellent pracitce on VMware WorkStation, Virtual-Box - VPN (IPSEC,IKE v1 or v2 ,L2TP ,OPENVPN, DUO Authentication). - Routing Protocols (BGP, OSPF, EIGRP .. ). - Wrie Technical Reports with excellent and format. Skills and Hands on Experience: ------------------------------- - Cisco devices (routers, switches), routing protocols, IPSEC, Cisco ASA Firewall. - Fortinet Devices: FortiGate, Forti Manager, Forti Analyzer. - wireless (WLC, Access Points): CISCO, Aruba, ubiquiti. - Juniper (M7, M10, MX 480, MX 960) and SRX (300, 500). - Operating Systems: Linux servers (Ubuntu, RedHAT, Debian), windows (Windows server 2012, 2016 ..etc). Regards, Ramy

$100 USD em 3 dias

4,9

(95 avaliações)

5,5

@toriquldev123

Hello Dear! I write to introduce myself. I'm Engineer Toriqul Islam. I was born and grew up in Bangladesh. I speak and write in English like native people. I am a B.S.C. Engineer of Computer Science & Engineering. I completed my graduation from Rajshahi University of Engineering & Technology ( RUET). I love to work on Web Design & Development project. Web Design & development: I am a full-stack web developer with more than 10 years of experience. My design Approach is Always Modern and simple, which attracts people towards it. I have built websites for a wide variety of industries. I have worked with a lot of companies and built astonishing websites. All Clients have good reviews about me. Client Satisfaction is my first Priority. Technologies We Use: Custom Websites Development Using ======>Full Stack Development. 1. HTML5 2. CSS3 3. Bootstrap4 4. jQuery 5. JavaScript 6. Angular JS 7. React JS 8. Node JS 9. WordPress 10. PHP 11. Ruby on Rails 12. MYSQL 13. Laravel 14. .Net 15. CodeIgniter 16. React Native 17. SQL / MySQL 18. Mobile app development 19. Python 20. MongoDB What you'll get? • Fully Responsive Website on All Devices • Reusable Components • Quick response • Clean, tested and documented code • Completely met deadlines and requirements • Clear communication You are cordially welcome to discuss your project. Thank You! Best Regards, Toriqul Islam

$95 USD em 3 dias

5,0

(13 avaliações)

4,1

@DngPhgNam

✅Hi there, hope you are doing well! I've successfully set up numerous secure remote-access architectures using TrueNAS and OVH VPS, optimizing for both performance and security. In one recent project, I configured an elaborate Docker environment with multiple IPs, ensuring everything was functional and secure. The most crucial aspect of this project is implementing a strong WireGuard tunnel to secure remote access without exposing sensitive system interfaces. This requires meticulous configuration to meet both security and functional requirements. I will configure your OVH VPS, set up the necessary services, and ensure everything is thoroughly tested and documented for complete transparency. I'd like to work on this project sincerely from my confidence. Let's connect and discuss more.

$150 USD em 3 dias

0,0

(0 avaliações)

0,0

@dorians2

Hi there! I hope this message finds you well! I’m thrilled to submit my proposal for your project. With over 7 years of experience in Nginx, Debian, Network Security, I’m confident in my ability to deliver high-quality solutions that meet your needs. I’m ready to dive into your project and bring your vision to life. Let's connect and discuss how I can contribute to your success. I’m available for a chat at your earliest convenience. Best regards, Dorian

$140 USD em 2 dias