Synology Reverse Proxy

Tutorial Synology Reverse Proxy

So if I go to my LE certificate, delete it and recreate it, adding all the subject alternative names and then go to my DDNS provider where I have my domain name registered and add the CNAMEs, will that do it?

Actually, I have CNAME = www already in place (on the DNS) with the LE configured for it (subject alternative name). I think I can try that first. Possible?

It’s xyz.com and www.xyz.com
 
File Station is configured by Synology to use default DSM entry point.
Yes. My skepticism that it won’t work is proven. I tried a few things. The generated link includes the DSM port no matter what.

Drive it’s using RP address.
That’s interesting. Does it mean that I can generate a share link with no ports referenced? That’s what I’m after.
I want to end up with something like: shares.xyz.myds.com/Rd4j3lq
Where shares is what’s given to my RP.

Thanks
 
WtF ... tested right now

- new sub domain prepared for this test ... files.domain.com (new DNS A host record)
- Control panel/Application portal/Application .. Edit of File Station:
Enable Customized Domain:
files.domain.com ... according the new A record
Enable HSTS

Evaluation:
1. Browser will open new domain. Correct
2. when you click into Share feature, it will still remains in general DSM domain (no port, as well)

Reverse proxy for File Station will give you chance use customized sub domain, but for Shared links it will generate just general DSM link.

But
when you generate the Shared link and you "manually" change the generated link with sub domain to your expected RP sub domain it works! Then there is just a error in Matrix with useful "custom" domain setup for File Station from DSM (Synology).
Sorry for my mystification, corrected now.
 
Hello all,

Excellent guide. I've just signed up to post a few questions, I hope someone can give me some guidance as I'm going round in circles.

I currently have a DDNS with No-IP, along with a Letsencrypt certificate and I'm able to connect to individual programs such as NextCloud, SAB and Sonarr when manually entering port numbers along with the DDNS url. When I read this guide regarding reverse proxy I dove in and managed to complete everything NAS side, however I'm having difficulties with No-IP and subdomains.

I would much prefer to have my own domain and not have to rely on a DDNS, maybe be a little more self contained.

My question or questions are;
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains? I've heard that Flaunt7 might be the ticket.

I hope I'm making sense and I haven't completely missed the mark, this is all very new to me.

Many thanks.
 
Apologies for a followup message, but No-IP have replied, stating;

"You cannot create fourth level sub domains on No-IP owned domains like ddns.net. Fourth level sub domains can only be created on a domain that you own/have personally registered, and that also has Plus Managed DNS."

From this, I guess buying and hosting my own domain is the way to go.
 
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
Yes, after you configure your reverse proxy parameters for those apps/services

2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains?
Dreamhost comes to mind. Cloudflare as well.
 
Last edited:
GJ.
To bad that Synology Reverse Proxies cannot work on layer 4.. :(
I know this post is rather old, but.. Nginx can act as a reverse proxy AND as a tcp/udp loadbalancer, e.g. to balance TLS-Passthrough traffic (=not terminated in the reverse proxy) or any binary protocoll. Now that I know where custom configurations can be added, It is safe to say: it's possible. Though, domain specific configuration is only possible if the connection is wrapped in TLS (only then it will provide the required SNI information in the TLS extensions). This guy made a nice overview of the possible trickery :)
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Thank You for the great input. I try not to Muck around with SSH on the NAS. I mistakenly waited too long...
Replies
3
Views
3,260
BobW submitted a new resource: How to Setup Custom Error Pages for Nginx-Proxy-Manager (NPM) - Setup...
Replies
0
Views
1,268

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top