Hey all,

I’m sure I’m massively overlooking something, but wondered if someone could help me out, please?

I’m trying to switch from Traefik to Nginx Proxy Manager on my Synology NAS, and I’ve opted to run NPM via a bridge network and a macvlan, so as to not have to mess around with ports 80 and 443 on the NAS (usually reserved for Synology services).

I’ve got the following:

Bridge network (npm_bridge):

  • Subnet = 192.168.10.0/24
  • IP range = 192.168.10.2/32
  • Gateway of 192.168.10.1.

Macvlan network (npm_network):

  • Subnet = 192.168.1.0/24 (same as my LAN)
  • IP range = 192.168.1.216/32
  • Gateway = 192.168.1.1 (same as my LAN).

NPM is connected to these two networks, and I have a MariaDB container connected to the host - everything works great with NPM and MariaDB - no issues.

However, I have a third network, medianet:

  • Subnet = 192.168.96.0/24
  • Gateway = 192.168.96.1.

Connected to that network I have a Gluetun container (via docker-compose).

I then have multiple other containers that run through the Gluetun container (several “arrs” and Portainer) using network_mode: service:gluetun.

What I used to have via Traefik was a local hostname I created (let’s say, nas.local for posting’s sake) and I could simply create labels in my docker-compose for each service to assign ports. I could then access all of these containers via nas.local/portainer, nas.local/sonarr, etc. and they would be accessible via the VPN container.

However, I’m completely stuck on how to do this via NPM. I’ve tried all kinds of combinations via the Proxy Host configuration, but I don’t know how to set it up.

  • Do I need an overarching nas.local entry as the top level? If so, what hostname/IP and port combination do I use?
  • Do I think setup Custom Locations behind it, one for each service, i.e. Portainer? If so, what is the hostname/IP and port for this?
  • Or do I create a new Proxy Host per entry, i.e. portainer.nas.local?
  • Do I even need to have Portainer behind the VPN as well, or do I add that direct to the medianet network, and then somehow link NPM to the medianet network as well?

I’m really at a loss, and as it stands all my containers are offline at the moment because I can’t figure out how to connect them (except Homebridge and MariaDB - they’re both up as they’re connected to the host network).

Any help would be very, very much appreciated.

  • 2xsaiko
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    nas.local

    In case you actually have a DNS server serving the .local TLD, don’t, it’s reserved for mDNS

    • klangcola@reddthat.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah choose something not reserved. I was gonna use .local too untill I read it was used for mDNS. So I went with .home for all my local stuff (using piHole as the DNS server)

    • schmurnan@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Thanks. Yeah, .local was just an example for the sake of posting something on here. In reality, I would be using ds1618plus.home. But good to know .local is reserved!

  • wigol@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Not sure if something changed recently, but lack of straightforward support for subfolders was the main reason I switched to traefik from NPM. IIRC it was doable with custom directives, but a bit complicated.

    • schmurnan@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Thanks. Yeah I originally had plain ol’ NGINX (granted, without the additional networking I have now) and using

      location /xyz {
      $proxy_pass http://a.b.c:123
      }
      

      (I forget the exact syntax now) was pretty easy to route stuff around.

      But that was all done under an initial

      server :80 {
      ...
      }
      

      section, which might be the part I’m initially struggling with. It just doesn’t seem as intuitive in NPM despite me seeing lots of people preferring it over plain NGINX and Traefik.

      NPM is why I have the macvlan and bridge networks in there in the first place, because ports 80 and 443 are in use on the Synology NAS. Otherwise, I could revert back to running a script that frees up those ports on boot-up and use NPM within the same network as all my other containers.