Synology Reverse Proxy

Tutorial Synology Reverse Proxy

Currently reading
Tutorial Synology Reverse Proxy

So if I go to my LE certificate, delete it and recreate it, adding all the subject alternative names and then go to my DDNS provider where I have my domain name registered and add the CNAMEs, will that do it?

Actually, I have CNAME = www already in place (on the DNS) with the LE configured for it (subject alternative name). I think I can try that first. Possible?

It’s xyz.com and www.xyz.com
 
File Station is configured by Synology to use default DSM entry point.
Yes. My skepticism that it won’t work is proven. I tried a few things. The generated link includes the DSM port no matter what.

Drive it’s using RP address.
That’s interesting. Does it mean that I can generate a share link with no ports referenced? That’s what I’m after.
I want to end up with something like: shares.xyz.myds.com/Rd4j3lq
Where shares is what’s given to my RP.

Thanks
 
WtF ... tested right now

- new sub domain prepared for this test ... files.domain.com (new DNS A host record)
- Control panel/Application portal/Application .. Edit of File Station:
Enable Customized Domain:
files.domain.com ... according the new A record
Enable HSTS

Evaluation:
1. Browser will open new domain. Correct
2. when you click into Share feature, it will still remains in general DSM domain (no port, as well)

Reverse proxy for File Station will give you chance use customized sub domain, but for Shared links it will generate just general DSM link.

But
when you generate the Shared link and you "manually" change the generated link with sub domain to your expected RP sub domain it works! Then there is just a error in Matrix with useful "custom" domain setup for File Station from DSM (Synology).
Sorry for my mystification, corrected now.
 
Hello all,

Excellent guide. I've just signed up to post a few questions, I hope someone can give me some guidance as I'm going round in circles.

I currently have a DDNS with No-IP, along with a Letsencrypt certificate and I'm able to connect to individual programs such as NextCloud, SAB and Sonarr when manually entering port numbers along with the DDNS url. When I read this guide regarding reverse proxy I dove in and managed to complete everything NAS side, however I'm having difficulties with No-IP and subdomains.

I would much prefer to have my own domain and not have to rely on a DDNS, maybe be a little more self contained.

My question or questions are;
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains? I've heard that Flaunt7 might be the ticket.

I hope I'm making sense and I haven't completely missed the mark, this is all very new to me.

Many thanks.
 
Apologies for a followup message, but No-IP have replied, stating;

"You cannot create fourth level sub domains on No-IP owned domains like ddns.net. Fourth level sub domains can only be created on a domain that you own/have personally registered, and that also has Plus Managed DNS."

From this, I guess buying and hosting my own domain is the way to go.
 
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
Yes, after you configure your reverse proxy parameters for those apps/services

2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains?
Dreamhost comes to mind. Cloudflare as well.
 
Last edited:
GJ.
To bad that Synology Reverse Proxies cannot work on layer 4.. :(
I know this post is rather old, but.. Nginx can act as a reverse proxy AND as a tcp/udp loadbalancer, e.g. to balance TLS-Passthrough traffic (=not terminated in the reverse proxy) or any binary protocoll. Now that I know where custom configurations can be added, It is safe to say: it's possible. Though, domain specific configuration is only possible if the connection is wrapped in TLS (only then it will provide the required SNI information in the TLS extensions). This guy made a nice overview of the possible trickery :)
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Thank You for the great input. I try not to Muck around with SSH on the NAS. I mistakenly waited too long...
Replies
3
Views
1,693
Hi geekau, I am trying to do the same thing as you mentioned here following your steps. But I encountered...
Replies
4
Views
1,572
SynoMan submitted a new resource: NextCloud on Synology NAS using Docker compose (with Portainer) - The...
Replies
0
Views
2,221
If you can't pin down the issue, you might try removing the new NIC Card and disconnect all external...
Replies
15
Views
4,841
fredbert submitted a new resource: Synology Product Security Advisory - A link to the latest DSM and SRM...
Replies
0
Views
1,385
Know about it but no ios app for it as far as I see so not really my main target platform
Replies
2
Views
3,995

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top