Synology Reverse Proxy

Tutorial Synology Reverse Proxy

Currently reading
Tutorial Synology Reverse Proxy

jeyare

Subscriber
2,261
741
NAS
Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
when you prepare correct setup of the new (from File Station RP) subdomain into your DSM by this KB from Syno. it will work
 

jeyare

Subscriber
2,261
741
NAS
Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
otherwise File Station will use your primary DSM address in the Share link generator
 
2,118
897
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
So if I go to my LE certificate, delete it and recreate it, adding all the subject alternative names and then go to my DDNS provider where I have my domain name registered and add the CNAMEs, will that do it?

Actually, I have CNAME = www already in place (on the DNS) with the LE configured for it (subject alternative name). I think I can try that first. Possible?

It’s xyz.com and www.xyz.com
 

jeyare

Subscriber
2,261
741
NAS
Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
I have got it by this KB, works. Tomorrow I will write more. Tired now
 

jeyare

Subscriber
2,261
741
NAS
Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
Drive is different. File Station is configured by Synology to use default DSM entry point. Then you need to change by custom link (used by RP)
 
2,118
897
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
File Station is configured by Synology to use default DSM entry point.
Yes. My skepticism that it won’t work is proven. I tried a few things. The generated link includes the DSM port no matter what.

Drive it’s using RP address.
That’s interesting. Does it mean that I can generate a share link with no ports referenced? That’s what I’m after.
I want to end up with something like: shares.xyz.myds.com/Rd4j3lq
Where shares is what’s given to my RP.

Thanks
 

jeyare

Subscriber
2,261
741
NAS
Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
WtF ... tested right now

- new sub domain prepared for this test ... files.domain.com (new DNS A host record)
- Control panel/Application portal/Application .. Edit of File Station:
Enable Customized Domain:
files.domain.com ... according the new A record
Enable HSTS

Evaluation:
1. Browser will open new domain. Correct
2. when you click into Share feature, it will still remains in general DSM domain (no port, as well)

Reverse proxy for File Station will give you chance use customized sub domain, but for Shared links it will generate just general DSM link.

But
when you generate the Shared link and you "manually" change the generated link with sub domain to your expected RP sub domain it works! Then there is just a error in Matrix with useful "custom" domain setup for File Station from DSM (Synology).
Sorry for my mystification, corrected now.
 
2,118
897
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
@Shadow and @jeyare, thank you for taking the time to test this.
I’ll need to do some domain additions and add it to the DS certificate to be able to use it. Looks like I have another weekend project :)

Thanks again.
 

jeyare

Subscriber
2,261
741
NAS
Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
Last edited:
You welcome.
Just to be sure. This is valid for File station only. Drive is ok
 
76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Hello all,

Excellent guide. I've just signed up to post a few questions, I hope someone can give me some guidance as I'm going round in circles.

I currently have a DDNS with No-IP, along with a Letsencrypt certificate and I'm able to connect to individual programs such as NextCloud, SAB and Sonarr when manually entering port numbers along with the DDNS url. When I read this guide regarding reverse proxy I dove in and managed to complete everything NAS side, however I'm having difficulties with No-IP and subdomains.

I would much prefer to have my own domain and not have to rely on a DDNS, maybe be a little more self contained.

My question or questions are;
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains? I've heard that Flaunt7 might be the ticket.

I hope I'm making sense and I haven't completely missed the mark, this is all very new to me.

Many thanks.
 
76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Apologies for a followup message, but No-IP have replied, stating;

"You cannot create fourth level sub domains on No-IP owned domains like ddns.net. Fourth level sub domains can only be created on a domain that you own/have personally registered, and that also has Plus Managed DNS."

From this, I guess buying and hosting my own domain is the way to go.
 

Rusty

Moderator
NAS Support
4,806
1,410
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
Yes, after you configure your reverse proxy parameters for those apps/services

2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains?
Dreamhost comes to mind. Cloudflare as well.
 
Last edited:
GJ.
To bad that Synology Reverse Proxies cannot work on layer 4.. :(
I know this post is rather old, but.. Nginx can act as a reverse proxy AND as a tcp/udp loadbalancer, e.g. to balance TLS-Passthrough traffic (=not terminated in the reverse proxy) or any binary protocoll. Now that I know where custom configurations can be added, It is safe to say: it's possible. Though, domain specific configuration is only possible if the connection is wrapped in TLS (only then it will provide the required SNI information in the TLS extensions). This guy made a nice overview of the possible trickery :)
 
76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Yes, after you configure your reverse proxy parameters for those apps/services


Dreamhost comes to mind. Cloudflare as well.

Hello,

Thank you kindly for replying. I'll headover to Dreamhost and Cloudflare now.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

I can do that with an HDD... Me: My NAS' LAN bandwidth seems quite low. Synology Support: You have...
Replies
66
Views
3,359
SynoMan submitted a new resource: NextCloud on Synology NAS using Docker compose (with Portainer) - The...
Replies
0
Views
462
Your note of success was most appreciated.... and do post an update after your "bigger module" test. Those...
Replies
5
Views
1,112
fredbert submitted a new resource: Synology Product Security Advisory - A link to the latest DSM and SRM...
Replies
0
Views
333
Know about it but no ios app for it as far as I see so not really my main target platform
Replies
2
Views
1,088
Of course, more details in the link below: mac-clients-smb-cache-issues.7009 Hope this helps. ☕️
Replies
27
Views
2,869
Geeked submitted a new resource: How to setup and run Reactive Resume in Docker on Synology - A...
Replies
0
Views
660

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top