Reverse proxy

Tell us your most wanted new features, or recommendation.
User avatar
nygage
Posts: 9
Joined: 27 Jan 2021, 19:44

Re: Reverse proxy

Post by nygage »

{L_BUTTON_AT}brokenmass

This must be a stupid question, but do i need DDNS?
User avatar
matt_30
Posts: 67
Joined: 02 Jan 2021, 23:22

Re: Reverse proxy

Post by matt_30 »

DDNS is a nice to have. Keep in mind all it does it updates your DNS IP. If this never changes then you dont need it. If your IP changes once in a blue moon there is nothing stopping you from changing it manually :D .
User avatar
matt_30
Posts: 67
Joined: 02 Jan 2021, 23:22

Re: Reverse proxy

Post by matt_30 »

Has anyone got SWAG to work? I seam to be stuck of getting access to port 443 using swag on docker.

I'm curious to know if anyone has cracked this.
User avatar
matt_30
Posts: 67
Joined: 02 Jan 2021, 23:22

Re: Reverse proxy

Post by matt_30 »

I have finally got SWAG to work (https://docs.linuxserver.io/images/docker-swag)

Steps:
1.Disable jumpd
2.Install SWAG
3.Install Nextcloud (example image)
4.Configure SWAG
5.Open up a port on your route
6.Run the final Docker-Compose script

Disable jumpd

Port 443 is binded by TerraMaster's 'Find my NAS' app. To fix this you need to disable jumpd.
  • SSH into the NAS
  • Using vi open /etc/nasips.ini
  • Change jumpd from YES to NO
  • Save the file and run 'service S99nasips restart'
Note: you will need to do this every time your NAS reboots.

Install SWAG
Below is a template Docker-Compose script for SWAG:

Code: Select all

version: "2.1"
services:
  swag:
    image: ghcr.io/linuxserver/swag
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - URL=<YOUR DOMAIN>
      - SUBDOMAINS=wildcard
      - VALIDATION=dns
      - DNSPLUGIN=cloudflare
      - EMAIL= <YOUR EMAIL>
      - ONLY_SUBDOMAINS=false
    volumes:
      - <PATH TO CONFIG>:/config
    ports:
      - 444:443
    restart: unless-stopped
I saved my file as docker-compose.yaml.

You will need to make a directory somewhere on your NAS and add it to the volumes section for your config to live.

Full setup steps for SWAG are available here: https://docs.linuxserver.io/images/docker-swag. you will need to create a domain and cloudflare account for cert generation in line with their steps for this to work.

Once you have docker-compose script saved run the script to generate the config files:

Code: Select all

cd <path with yaml file in>
docker-compose -f docker-compose.yaml up
Once you can see the container has started successfully you can ctrl-c to cleanly stop the container.

Install Nextcloud (example image):
For this example I will use NextCloud. You can use any image this has been selected to prove functionality.
Image: https://docs.linuxserver.io/images/docker-nextcloud

The following is the docker-compose I added to my SWAG YAML script:

Code: Select all

  nextcloud:
    image: ghcr.io/linuxserver/nextcloud
    container_name: nextcloud
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
    volumes:
      - <PATH TO CONFIG>:/config
      - <PATH TO DATA>:/data #(Optional)
    ports:
      - 443:443
    restart: unless-stopped
Note again you will need to make a separate config directory for this image and map it in the compose script. there is also the option of mapping your data to this container.

Configure SWAG

Next, you will need to configure SWAG to allow you to access NextCloud.
1.Navigate to the config directory of your SWAG container.
2.cd to the './nginx/proxy-confs' and find the 'nextcloud.subdomain.conf.sample' file
3.cp the file removing the .sample portion of the name

Code: Select all

cp nextcloud.subdomain.conf.sample nextcloud.subdomain.conf
Feel free to take a look at the file you have just copied however this is all pre-confiured for you.

Open up a port on your route
You will need to forward port 443 on your router to you NAS. Your router Manual will tell you how to this.

Run the final Docker-Compose script

Now all that is done navigate you your YAML folder directly and run Docker Compose:

Code: Select all

docker-compose up -d
This should start everything for you. Once loaded you should be able to navigate to 'nextcloud.<yourdomain>' to access NextCloud

Final Thoughts

It is a shame TerraMaster decided to reserve port 443 instad of any other port number to restrict use of https traffic. This was attempted using another port however SWAG and Nextcloud seperate required port 443 for certificate generation. The prevents me from developing an app for SWAG requireing me to do everything in Docker Compose.

I hope at some point TerraMaster move their app to another port to allow us to take full advantage of this hardware.


Special thanks to @mukmuk who uncovered the jumpd workaround.
User avatar
matt_30
Posts: 67
Joined: 02 Jan 2021, 23:22

Re: Reverse proxy

Post by matt_30 »

Correction on the NextCloud YAML code:

Code: Select all

 nextcloud:
    image: ghcr.io/linuxserver/nextcloud
    container_name: nextcloud
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
    volumes:
      - <PATH TO CONFIG>:/config
      - <PATH TO DATA>:/data #(Optional)
    restart: unless-stopped
Locked