Can't get reverse proxy working again

Currently reading
Can't get reverse proxy working again

A

AlpacaAlpaca

Media
5
0
NAS
DS720+
Operating system
  1. Windows
Mobile operating system
  1. Android
The End Goal
To be able to connect to the services that I have hosted through docker via the domain that I own.

The Problem
Despite continuous checks to make sure everything is in order the connection always times out.
It is also worth noting that I had a fully functional reverse proxy setup about 6 months ago but during that time I didn't access any of the services and with no settings personally changed it stopped resolving.

What I've Done
  • I have a service hosted in docker that is accessible and totally fine using the local address and port
  • I have the DNS records set in my domain
    brave_iopAwuzMLM.png
  • I have run an nslookup and everything seems to check out
    Pinging the domain and subdomain also functions as expected
  • I have setup a reverse proxy rule
    brave_pPE5XKvmSu.png

    The 9090 port is both the container and local port the service is used on so I can't mess it up
  • I have setup and assigned the cert
    brave_0IEY0J1UGv.png
  • For the purposes of testing I also turned off the Synology firewall to make sure it wasn't conflicting and it wasn't that either
I am not super educated on DNS but I have run through 4 guides on the matter now and as far as I can tell I have everything setup properly and I can't for the life of me figure out what is wrong with the setup, any help would be greatly appreciated.
 
Sort by date Sort by votes
Rusty said:
How does this specific app resolve in the browser when you try and access it using its public domain name?
Click to expand...
I have tried it in multiple browsers as well to see if that was the problem and in Chrome and Firefox it simply times out and in IE I get 'INET_E_RESOURCE_NOT_FOUND'
 
Upvote 0
AlpacaAlpaca said:
I have tried it in multiple browsers as well to see if that was the problem and in Chrome and Firefox it simply times out and in IE I get 'INET_E_RESOURCE_NOT_FOUND'
Click to expand...
Sounds like a problem before hitting the reverse proxy.

Are you sure that docker containers have connection to your lan? Also, do services have access to the Internet from within the container? Do services work fine without accessing them via RP?
 
Upvote 0
I can access the services totally normally via the local IP and port.
I think the problem might be bigger than Docker because as a test I also tried to host a NextCloud instance using Webstation instead of a container and tried to setup a virtual host to connect via my domain but that didn't function either, although again it did function under local IP.
Also a bit earlier, in an attempt to get literally any functionality to the domain name, I setup a DDNS and was able to functionally use my domain name to access the DSM page using my domain name with a port attached to it which is only making me more confused why my original docker setup isn't working since I do have a static IP set as well.
 
Upvote 0
So local access works, ddns access works, but reverse access over 443 does not. Looks like an nginx problem if you have it all forwarded correctly.

As a test, try and configure a separate reverse proxy via docker and use it for your services. If it works, then you will know it’s the internal one causing you problems.

There is a thread here about troubleshooting built in nginx that you could try and follow as well.
 
Upvote 0
Ok that was an adventure, you were right about it being the built in Nginx setup not working. After setting up a docker instance of Nginx I was able to make a connection to the site but it wouldn't let me in because there was no certificate and I wasn't allowed to create one via the docker Nginx because it wasn't sitting in port 80 due to the default Synology Nginx running on port 80. But I could create the cert's using the built in Synology cert creator and than download the cert files and upload them to the Docker Nginx. So now everything runs as long as I add a port to my link and now my next step will be to see if I can disable the default Nginx installation to make the Docker Nginx instance run on port 80 and 443.
Thanks so much for the help, I'll also update with instructions on how I got everything working in case anyone else has this problem as well.
 
Upvote 0
Well the adventure continues it seems as I managed to swap the default Nginx ports to let me set the Docker Nginx to 80 and 443 however it went back the the same problem and so i set everything back to normal and tested out the Synology Nginx on a different port and it actually works so somehow my port 443 isn't allowing traffic through it.
If I check Shodan it shows 443 being open and pointing to the Synology Nginx and disabling the firewall makes no difference. I am going to try and dig deeper and see if I can find a solution but I might have to settle with a port at the end of my links which wouldn't be the end of world but now I just want to know what is blocking my 443 traffic.
 
Upvote 0
AlpacaAlpaca said:
Well the adventure continues it seems as I managed to swap the default Nginx ports to let me set the Docker Nginx to 80 and 443 however it went back the the same problem and so i set everything back to normal and tested out the Synology Nginx on a different port and it actually works so somehow my port 443 isn't allowing traffic through it.
If I check Shodan it shows 443 being open and pointing to the Synology Nginx and disabling the firewall makes no difference. I am going to try and dig deeper and see if I can find a solution but I might have to settle with a port at the end of my links which wouldn't be the end of world but now I just want to know what is blocking my 443 traffic.
Click to expand...
There is no need to mess with DSM 80/443 ports or its nginx. Simply run a custom RP container using a custom local port mappings (like 8443:443 and 8086:80), then use those custom ports inside your port forward settings on your router (external 443 to internal 8443 for example). Eventually in the RP you will again have port mappings for a specific container going from 443 to the internal docker container port.

This way you will bypass internal nginx, will not battle with taking control of the default 80/443 ports (bare metal ones), and you will still get the end result of your apps not having a port at the end.

www.blackvoid.club

NGINX proxy manager

Run your own NGINX reverse proxy manager in Docker on your Synology NAS and open up to a lot more features then what the built-in version offers
www.blackvoid.club
 
Upvote 0

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Similar threads

S
Reverse Proxy not working, all Subdomains end up in DSM
There's almost never a reason to permanently open port 80
Replies
13
Views
4,481
Telos
Telos
D
  • Question
Web app links behind reverse proxy
Does this only happen when you try to access packages via the 'office' links in Drive's menu? And have you...
Replies
1
Views
977
fredbert
fredbert
K
  • Question
Subdomains (and also with reverse proxy) always display the DSM login page on DSM 7.2.1
Ofc you can make a single compose for this no problem. Personally I like to separate front end apps from...
Replies
10
Views
1,510
Rusty
Rusty
A
  • Solved
Reverse proxy, Forbidden 403 error
I think it was point 1 that was messing me up. And it was a simple fix, honestly. We'll have to see if I...
Replies
3
Views
1,766
arcylix
A
C
SSTP and WEB with Synology Reverse Proxy
I accessed to log and when I trying connect I have message: "SSTP_DUPLEX_POST...
Replies
9
Views
1,841
CzarnyLewis
C
B
  • Solved
Please Help me with Troubleshooting Reverse Proxy
Glad it’s working. Now you can help the next person! No reward necessary 😎
Replies
14
Views
2,386
fredbert
fredbert
K
Having a hard time installing Mastodon with Reverse Proxy
The thing is... Too many users freeload off Marius and then come to the forums for assistance. Give Marius...
Replies
4
Views
1,927
Telos
Telos

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Register

Trending threads

Back
Top