— Tech — 1 min read
Synology DSM is great out of the box with training wheels but eventually you want to do a wheelie and need to free all of the default port bindings so you can run your own reverse proxy.
In my case, I wanted to run Traefik in a Docker container and let it handle routing of HTTPS and other port traffic since editing Traefik YAML files gets to be a bit easier and faster than clicking through Synology's Reverse Proxy UI for every port and service combination.
This free_ports.sh script ended up doing the trick to free Synology's bindings of standard HTTPS, and HTTP ports which then would allow the Traefik container to bind to 80, 443 and others without contention and thus manage reverse proxy and SSL certificates and termination outside of Synology DSM.
1#! /bin/bash2
3# NEWLY ADDED BACKUP FUNCTIONALITY IS NOT FULLY TESTED YET, USE WITH CARE, ESPECIALLY DELETION4# Developed for DSM 6/7. Not tested on other versions.5# Steps to install6# Save this script in one of your shares7# Backup /usr/syno/share/nginx/ as follows:8# # cd /usr/syno/share/9# # tar cvf ~/nginx.tar nginx10# Run this script as root11# Reboot and ensure everything is still working12# If not, restore the backup and post a comment on this script's gist page13# If it did, schedule it to run at boot14# through Control Panel -> Task Scheduler15
16HTTP_PORT=8117HTTPS_PORT=44418
19BACKUP_FILES=true # change to false to disable backups20BACKUP_DIR=/volume1/apps/free_ports/backup21DELETE_OLD_BACKUPS=false # change to true to automatically delete old backups.22KEEP_BACKUP_DAYS=3023CURRENT_BACKUP_DIR="$BACKUP_DIR/$DATE"24
25DATE=$(date +%Y-%m-%d-%H-%M-%S)26
27if [ "$BACKUP_FILES" == "true" ]; then28 mkdir -p "$CURRENT_BACKUP_DIR"29 cp /usr/syno/share/nginx/*.mustache "$CURRENT_BACKUP_DIR"30fi31
32if [ "$DELETE_OLD_BACKUPS" == "true" ]; then33 find "$BACKUP_DIR/" -type d -mtime +$KEEP_BACKUP_DAYS -exec rm -r {} \;34fi35
36sed -i "s/^\([ \t]\+listen[ \t]\+[]:[]*\)80\([^0-9]\)/\1$HTTP_PORT\2/" /usr/syno/share/nginx/*.mustache37sed -i "s/^\([ \t]\+listen[ \t]\+[]:[]*\)443\([^0-9]\)/\1$HTTPS_PORT\2/" /usr/syno/share/nginx/*.mustache38
39echo "Made these changes:"40
41diff /usr/syno/share/nginx/ $CURRENT_BACKUP_DIR 2>&1 | tee $CURRENT_BACKUP_DIR/changes.log42
43# Perform nginx reload if running on DSM 7.X44if grep -q 'majorversion="7"' "/etc.defaults/VERSION"; then45 nginx -s reload46fi47# Might need to manually run $ sudo systemctl restart nginx