[?] DNS & Reverse Proxy with One IP

Currently reading
[?] DNS & Reverse Proxy with One IP

7
1
NAS
DS916+
Operating system
  1. macOS
Good Mornin All,

I am hoping I can describe what I am trying to do enough so you all can help me. I have the following;

UNRAID Server
A Domain name ( I'll call it domain.com)
I use Cloudflare

I just set up my Synology, and I installed the DNS server and in the Unraid server I have several dockers running, ie, NextCloud, Plex, and Emby for example. My Unraid server has the address 192.168.1.127. I would like to have everything set up with FQDNs (I hope I used that right) instead of an IP and port number. (I honestly can't remember them all) I don't just need this locally by the way.

I created an entry in DNS for the UNRaid server which worked, (unraid.domain.com pointing to 192.168.1.127) The problem I can't wrap my head around is setting up the other apps that are running in docker to work in Reverse Proxy.

I am hoping I gave you all enough information to assist me. I have tried searching on the web and found a few sites referring to NGINX setup, but they weren't clear. I appreciate your time.

-Semper Fi
gyrene2083
 
Solution
Use something like 'plex.domain.com' and create a DNS record for this that resolves to the NAS's LAN IP.

Then in your web browser use http://plex.domain.com. This web request will go to the Synology NAS's reverse proxy and it [the NAS] will then make a connection to the UNraid NAS's Plex service.

Without using a reverse proxy on the Synology NAS, you could just go direct to the UNraid NAS's Plex service using http://unraid.domain.com:32400
The Docker containers will either present on the LAN as either a unique LAN IP address or they will map their service ports to high port numbers on the NAS's LAN IP address. You'll have to look in Docker to see what you have configured, then create A or CNAME DNS records. Noting that DNS is only working on IP addresses, not port numbers. You should ensure any mapped service ports are not using 'auto' because every time the container restarts the port will change (that's the one that clients need t use to get access).

If the Docker containers have HTTP or HTTPS web interfaces you could create reverse proxy rules for them. This is done in Control Panel / Login Portal / Advanced. Something like this:
1651680685818.png

The Destiname Hostname and Port will be what you have used in Docker for the container. The DNS record you create will be for the Source Hostname to the NAS's LAN IP.

If the reverse proxy rule has HTTPS source (i.e. the incoming request from the web client) you will have to have an SSL certificate that covers the Hostname.
 
Upvote 0
Thank you so much for the quick response. So, if I understand correctly, please bare with me, I need to have the following in place.

I should have a DNS entry for the UNRaid server. (which I do)
Unraid.domain.com -> 192.168.1.127

On the Reverse Proxy tab, in order to get Plex to work, I should have the following in place

Screen Shot 2022-05-04 at 12.34.26.png

And that should work? My question is how do I type that in the URL? Because if I type unraid.domain.com it will go directly to the UNRaid page, and not plex. Thanks again.

-Semper Fi
gyrene2083
 
Upvote 0
Use something like 'plex.domain.com' and create a DNS record for this that resolves to the NAS's LAN IP.

Then in your web browser use http://plex.domain.com. This web request will go to the Synology NAS's reverse proxy and it [the NAS] will then make a connection to the UNraid NAS's Plex service.

Without using a reverse proxy on the Synology NAS, you could just go direct to the UNraid NAS's Plex service using http://unraid.domain.com:32400
 
Upvote 0
Solution
Thanks again fredbert, your help is invaluable. So, to be clear I should set up a CNAME entry in DNS as plex.domain.com pointing to 192.168.1.127 (the Unraid server). Is that correct?

I do apologize for all the questions, I'm just trying to get this right. BTW I did try http://unraid.domain.com:32400, and that did work. I just couldn't get Emby to work that way. I could only get emby to work with 192.168.1.127:8086, weird.

-Semper Fi
gyrene2083
 
Upvote 0
An A record resolves a domain name to an IP address. A CNAME is an alias to an A record or another CNAME.

You use the DNS to get the IP address of the host you want to access. At that IP address there will be services listening on ports. So if your web service is not using the default TCP 80 or 443 you will have to add the port to the host. That's why using unraid.domain.com:32400 worked (direct to the Unraid). I don't know why Emby didn't work, is it running on Unraid NAS? Does it use HTTP or HTTPS?

Using the reverse proxy is a way to access multiple web services access using default ports 80 and 443. The reverse proxy server mediates between the client device and destination web server.
 
Upvote 0
Emby is in a docker just like Plex on UNRaid. Emby's port is 8086. I did find something strange though while digging deeper. Emby's web page shows a different internal IP address than what it's on. I think that may be something I need to further investigate.

So since Plex is in fact working, I will mark this thread as solved. I do appreciate all your guidance. I suppose I am going to have to go to Emby's site and find out why that IP address is different, and how is it still working with unraids IP and Emby's port number.

-Semper Fi

gyrene2083
 
Upvote 0
I understand you wanted a dynamic proxy but with one base IP. Yes, such proxies are hard to configure. They set the local IP address with an optional port which will be used in outgoing connections to the proxied server. Chl cool variables are allowed in the parameter value. The special value overrides the proxy_bind directive inherited from the previous configuration level, allowing proxies for brand monitoring to choose the local IP address and port themselves. The transparent parameter allows you to specify a non-local IP address for outgoing connections to the proxied server, e.g., the client's real IP address.
These are the most modern and secure proxies.
 
Upvote 0

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

setup up a local DNS server and point DOMAIN1.com, DOMAIN2.com and DOMAIN3.com to your Synology IP. I am...
Replies
1
Views
1,255
  • Solved
Maybe Pihole / Adguard running as a container with settings from old ISP/network?
Replies
13
Views
2,244
  • Question
What do you mean by Synology DNS? DNS Server package or something in DSM? You have to add a value for the...
Replies
2
Views
2,132
  • Question
I just checked at the shipping company... cookies will be delivered soon. Over RP :P
Replies
16
Views
2,805
  • Question
Does this only happen when you try to access packages via the 'office' links in Drive's menu? And have you...
Replies
1
Views
383
  • Question
Ofc you can make a single compose for this no problem. Personally I like to separate front end apps from...
Replies
10
Views
1,236
  • Solved
I think it was point 1 that was messing me up. And it was a simple fix, honestly. We'll have to see if I...
Replies
3
Views
1,550

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top