Some help with this... FilePizza

Currently reading
Some help with this... FilePizza

55
11
NAS
DS1019+
Router
  1. RT2600ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Hi ! I m trying to start this “easy” docker with no success... Created the reverse proxy, the SSL certificate from let s encrypt and exported cert.pem and privkey.pem to config folder. This config folder is also a volume:

The docker info is this:
Filepizza

The docker looks fine on log message:
”info: FilkePizza listening on :::8416” (my local port)

the reverse proxyis fine too:
https://i.imgur.com/WNXbL0Y.png

When loading the page on my webbrowser this appears:

PAGE DOES NOT EXISTS.

ANY ideas please ? Maybe something with SSL certificate ? I ve exported it and copied 2 of 3 files to config folder.

Thanks in advance
 
Curious... https://NAS-LAN:8416 works fine, https://xxxx.mydomain.com says page not exist on Synology
Checked RP setup and is ok, host name is localhost (also tried local-NAS-ip)
Also checked CNAME on domain server, and is fine (i have some reverse proxies created workling fine)
NAS firewall is not open, but i ve tried with same results. Local lan traffic is not under firewall rules i guess...
Any comments will be thanked !
 
If you have already working RP configurations then something is wrong with this specific one.

1. Are you sure that the cname has already replicated worldwide?
2. Is that cname proxied on any level? Maybe on your DNS provider side like Cloudflare?

If you use that same cname and configure it with a different service on your NAS, does that work (just to eliminate the DNS side of things)?
 
I ve chnaged the port on Reverse proxy to another service running and Works. So, the problem is not on DNS side... is on docker side ! !:-(
Anybody has tried this docker ?
 
pls. use this test scenarios as step by step guide, don’t change the sequence and write exact outcome, understandable for us, not just for you:

1. if the container and content is available from the LAN side, then container is running well, then we can exclude problem in container (Docker) side. then NAS web server with the container is running also.

2. when URL request is not available from WAN, there are several reasons:
a) FilePizza service CNAME record. As I can see = checked.
b) this CNAME record tested with other container in your NAS (mentioned by you, that they running very well). As was proposed by @Rusty. I can’t see a result. Please do it.
c) only when b) test will provide Positive feedback, that CNAME record and DNS is 100% OK, you can continue to next stage. When Negative, you have problem at DNS side.
d) then we need test entire routing way from your NAS entry point to container. First is RP. Changed port to another container is running well, as was mentioned by you. Then RP is running ok.
e) NAS firewall is the last instance:
- I can’t exactly understand your outcome “NAS Firewall is not open, but i ve tried with same results. Local lan traffic is not under firewall rules i guess...”
- Is the Firewall disabled by default or not? Control panel/Security/Firewall
- If the Firewall is Enabled:
- Do you have other container mentioned by you running with firewall profile or not?
- Do you have defined Firewall profile for the FilePizza container? Send pls a screenshot. ... you can read official KB here
 
Ok....all done...recap:

1. If the container and content is available from the LAN side, then container is running well, then we can exclude problem in container (Docker) side. then NAS web server with the container is running also. -> Agree with that

2. when URL request is not available from WAN, there are several reasons:
a) FilePizza service CNAME record. As I can see = checked. -> Checked, not a CNAME problem.
b) this CNAME record tested with other container in your NAS (mentioned by you, that they running very well). As was proposed by @Rusty. I can’t see a result. Please do it. -> Checked, DONE, 100% sure.
c) only when b) test will provide Positive feedback, that CNAME record and DNS is 100% OK, you can continue to next stage. When Negative, you have problem at DNS side.
d) then we need test entire routing way from your NAS entry point to container. First is RP. Changed port to another container is running well, as was mentioned by you. Then RP is running ok. -> Tested, as i did before. Checked
e) NAS firewall is the last instance:
- I can’t exactly understand your outcome “NAS Firewall is not open, but i ve tried with same results. Local lan traffic is not under firewall rules i guess...”
- Is the Firewall disabled by default or not? Control panel/Security/Firewall
- If the Firewall is Enabled:
- Do you have other container mentioned by you running with firewall profile or not?
- Do you have defined Firewall profile for the FilePizza container? Send pls a screenshot. ... you can read official KB here -> I ‘ve unchecked FIREWALL and tested, SAME ERROR.

ONE IMPORTANT THING I VE SEEN :


Testing local LAN SIDE: https://192.168.1.29:8416 (local NAS IP):
Chrome on my Mac desktop:
To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.

Chrome o my iPad (as you know, webkit based, so is not a ”complete browser”):
To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.


As you can see, on mac OS the SSL is not active.
Maybe this is a clue to solve it ?

Thanks again
 
Maybe this is a clue to solve it ?
Well ofc you will get an error running it on https without a valid ssl cert. Have you configured certificate mapping in Security > Certificate section (DSM) for that RP entry? Also, can you try and access your public URL via https while inside your LAN (NAT loopback supported for your router)?
 
the HTTPS (cert) in LAN is OK (no need to be worried when it's your home LAN only)
What
NO, i don t know how to do it.... can you explain that pleasE ?

1594802185189.png


1594802254651.png


Check the site
When still same issue, restart your webserver in NAS by SSH:
Code:
synoservice --restart nginx

When still not available:

You have Chrome browser in your Mac (some Mac Gents will shoot you here :cool: )
try to open the FilePizza web site again (WAN URL) in the Chrome browser
run debug window: Command+Option+I
make a screenshot, post it here
 
Last edited:
Well ofc you will get an error running it on https without a valid ssl cert. Have you configured certificate mapping in Security > Certificate section (DSM) for that RP entry? Also, can you try and access your public URL via https while inside your LAN (NAT loopback supported for your router)?
Yes, this is correctly done :
 
You read this...
The YouTransfer application does not support SSL (https) for secure transfer or access control. If you wish to implement SSL, you will have to expose the application using a reverse proxy.

Where is the problem ? Screenshot

What has happened with filepizza is really rare... I ve some RP with SSL certificates created with no problem. Is curious that works local URL, but not from a remote one... Thanks to all of you for your help.
 
Hi @magefesa

Thank you for the heads up on youtransfer. It looks interesting.
Why would you use this over Synology’s “create file request” in File Station? Does it offer better control?
I think its much better because you can create a Reverse proxy associated to another domain (not your Synology DDNS). So, periodically you could, for example, change de domain s name and Youtransfer will be "anonimated" again.

Its a question of "security", and also the geek desire of try new things... maybe somebody can add one more reason...
 
not your Synology DDNS
As much as this is true (that File request does generate DDNS name) you can still manually change it and use your custom 3rd party name. It can be annoying if you have multiple requests, so not having to modify them all the time is definitely a plus with a custom tool like this one.

Just my2c on the topic of Syno file request.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

DS1621+ I believe is the model number. I ended up getting it working by installing a swag container and...
Replies
4
Views
3,173
For starters, I would try this... devices: - /dev/dri:/dev/dri If the left path matches your NAS...
Replies
12
Views
5,306
Replies
5
Views
4,271
I have tried that interface, but still find calibre-web much better than Calibres own interface. Also, as...
Replies
6
Views
5,069
Well I have a cover on my Kindle so I only ever see the screensaver is when I have fallen asleep reading...
Replies
14
Views
5,532
  • Question
The LDAP Bind User is the user account used to perform the ldap lookups. Any account will do, preferably...
Replies
1
Views
10,666

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top