Setting Up Docker on a Synology NAS and Configuring Nginx Reverse Proxy

Setting Up Docker on a Synology NAS and Configuring Nginx Reverse Proxy

Introduction

Setting up Docker on a Synology NAS provides a powerful way to run various applications and services in isolated containers, enhancing security and manageability. Coupled with an Nginx reverse proxy, you can access these services through custom domain names or subdomains, making your local network setup more professional and accessible. Here's how you can achieve this:
Step 1: Installing Docker on Synology NAS

  1. Access Your NAS:
    • Open the Synology DiskStation Manager (DSM) by entering your NAS’s IP address into a web browser.
  2. Install Docker:
    • Navigate to Package Centre.
    • Search for Docker (or Container Manager if you're on DSM 7.2 or newer).
    • Click Install to add Docker to your NAS.

This step installs Docker, enabling you to manage and run containerized applications.
Step 2: Setting Up Docker Containers

  1. Create a Docker Folder:
    • Use File Station to navigate to the root directory of your NAS.
    • Create a new folder named docker if it doesn't already exist.
  2. Run Your First Container:
    • Go to Docker in DSM.
    • Click on Registry to browse available Docker images.
    • Search for an image you want to use (e.g., nginx for Nginx Proxy Manager).
    • Pull the image, then use Image tab to create and start a container from this image.

Here's an example command for running Nginx Proxy Manager:

docker run -d --name=nginx_proxy_manager \
-p 8341:80 \
-p 81:81 \
-p 8766:443 \
-e TZ=Europe/London \
-v /volume1/docker/npm/config.json:/app/config/production.json \
-v /volume1/docker/npm/data:/data \
-v /volume1/docker/npm/letsencrypt:/etc/letsencrypt \
--restart always \
jc21/nginx-proxy-manager

Replace Europe/London with your local time zone. Remember, the ports 80 and 443 might be in use by DSM, so we map internal ports to external ones.
Step 3: Configuring Nginx Proxy Manager

  1. Access Nginx Proxy Manager:
    • After the container starts, access it via your NAS IP address on port 81 (e.g., http://nas-ip:81).
    • Log in with the default credentials (usually admin@example.com and changeme), then change these for security.
  2. Create Proxy Hosts:
    • Add a Proxy Host for each service you wish to access externally.
    • Fill in the domain, set up SSL (you can use Let's Encrypt for free certificates), and point to the internal IP and port where your Docker container is running its service.
  3. Set Up DNS:
    • Ensure your DNS settings are configured either through your router or an internal DNS server (like Pi-hole) to resolve your local domains to the IP of your NAS or directly to your Nginx Proxy Manager container if using macvlan.

Step 4: Advanced Networking with MacVLAN

If you encounter issues with port conflicts, consider setting up a MacVLAN network:

version: '2'
services:
  proxy:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: proxy
    networks:
      macvlan_network:
        ipv4_address: 192.168.0.201
networks:
  macvlan_network:
    driver: macvlan
    driver_opts:
      parent: ovs_eth0
    ipam:
      config:
        - subnet: 192.168.0.0/24
          gateway: 192.168.0.1
          ip_range: 192.168.0.200/30

This configuration assigns a separate IP to your Nginx Proxy Manager, avoiding port conflicts.

Conclusion

By following these steps, you can effectively utilize your Synology NAS to host multiple Docker containers and manage them through an Nginx reverse proxy. This setup not only secures your services by using SSL but also makes them accessible through user-friendly domain names. Remember, always secure your services with strong passwords and consider network isolation for sensitive applications.

Feel free to experiment with different Docker images, and enjoy the flexibility and security Docker and Nginx Proxy Manager bring to your self-hosted environment. If you encounter any issues, there's a wealth of community support available online for both Docker and Synology NAS setups.