I own a few Synology NAS at my home for personal and business purposes for many years, all the while I’m using the No-IP DDNS service to point the free domain (*.ddns.net) to my home NAS for me to access from outside, everything is working fine except I need to re-validate my domain every 30 days.
To validate one domain every single month seems fine for me, but when you have more than one domain in which the re-validation date is the difference, you need to repeat the step almost every single week, in a long run, it’s not a good experience. At the same time, I’m a long-term customer for Cloudflare (free personal account), how good if I can use CloudFlare DNS to point to my house dynamic IP with my domain or sub-domain.
Unfortunately, that’s no official support of dynamic IP on CloudFare (as far as I know), so I need to find an alternative solution (hack) to make it work. After some time of Googling, finally, I got the solution by using the docker container to update the Cloudflare DNS record via the API. Here is the solution that I come across.
The prerequisite for the solution is that your Synology NAS need to be able to support Docker, I believe most of the model is now supported, the 2nd prerequisite is that you need to have a Cloudflare account (a free account will be fine), lastly, you need to have access to your home router to create the port forward record for the public access to your local network.
The overall step is as per following:
- Create the API key in your Cloudflare account
- Install the docker container in your Synology NAS
- Configure the docker container with our domain and Cloudflare API token
- Enable port forwarding in the router
- Installing Synology Note Station
- Boom, that’s all
Create the API key in your CloudFlare account
Login to your CloudFlare account and go to API Tokan creation page at https://dash.cloudflare.com/profile/api-tokens, click on Create Token
Go to the bottom of the page and find the Custom Token, then click on Get started.
Permission required for the solution to work:
- Zone Setting – Read
- Zone – Read
- DNS – Edit
- Include Specific Zone -> [your zone that want to update]
Click on next to view the summary
Once everything confirm and click on Create Token to get the generated token, copy the API token as we may need it in the next step when configure the docker container.
Install the docker container in your Synology NAS
Login to your NAS console, open up the package center then search of “docker”
Open the newly install Docker apps in your Synology NAS, go to image tab on the left and click on add, paste this docker registry URL (oznu/cloudflare-ddns) and click on search, use the latest tag.
You should see the latest image in your image tab, up to now, we already have the docker image ready in our NAS, and also the CloudFlare API ready, the next step will be spine up the docker container.
Configure the docker container with our domain and CloudFlare API token
Select the oznu/cloudflare-ddns image and click on launch, on the setting page, you can enable the resource limitation by setting the CPU priority to low, memory limit to 10MB since it’s just a very simple and light container just to do 1 thing. The minimum requirement for the memory is 6MB as per Synology Docker apps, you may configure it to 6MB if you wish to, it will working as well but not lower then 6MB.
Click on the advance button on the general settings page and enable the auto-restart of the container, so that it will auto start/reboot if anything goes wrong or the NAS restarted.
Go to Environment tab and click on add the following variables
- API_KEY (CloudFlare API Token generated from previous step)
By default, the container is scheduled to update CloudFlare API every 5 minutes; if you want to adjust the setting, you configure the CRON environment variable. If everything is ok, click on apply to run the container.
Click on apply and review the configuration, if everything is correct, then you are good to go.
Click on container tab on the left, and search for the container name that you just setup, you should see it’s in the running state
Go back to the DNS setting in CloudFlare, you should see your new record being added with your latest dynamic IP
Enable to port forwarding in the router
Up to now, we have already successfully updated Cloudflare on our dynamic IP address, but if you try to access the page using the domain, you will fail to access it, this is because by default our router does not allow any public incoming request by the outside world.
What we need to do next is configure the router to listen for any incoming request to the respective port (in my case is port 80) and forward it to the Synology NAS which sitting in our local network.
Login to your router with your local computer, normally the router IP will be the first IP address on your network, ex: 192.168.0.1, 10.0.0.1, and so on.
Once login to your router, you may go to the configuration page, difference brand of manufacturer will use difference term, some named it as Virtual Servers, some named it as Port Forwarding, but the features is the same. This is my configuration above:
- Service Type: any name that you want to identify your configuration
- External Port: the port number that you wish to listen externally, port 80 refer to HTTP, if the user type http://notes.david-cheong.com will hit this port, if you wish to use any unusual port, then the user may need to keep in manually, ex: http://notes.david-cheong.com:81
- Internal IP: your local IP for your NAS
- Internal Port: the port number that your NAS is listening on
- Protocol: what protocol you wish to port forward into, either TCP, UDP or both, for my case I just select both
Click on OK to save this configuration.
Installing Synology Note Station
The last step on this demo is to install the Synology Note Station and configure it the domain name to point to it.
Search for Note Station in package center and install.
Once the Synology Note Station is ready, next we need to configure the apps to listen to domain name that we just configure.
On the Note Station apps, click Settings -> Set up Application Portal to bring you to the configuration page. Alternatively, you can go to Control Panel -> Login Portal -> Applications.
Select the Note Station and click on Edit
On the configuration page, just enter the customized port as well as customized domain which you wish the Note Station to listen to and click on Save
Go to the Advanced tab in the login portal, click on Reverse Proxy, configure the domain and local port number that your NAS is listening to forward to the apps, and click on Save. It’s time to test out our complete configuration. The role of reverse proxy is to translate the incoming traffic by listen on the port that we configure and check on the domain name to decide which local port to forward the traffic to.
Open a new tab or browser, enter the domain name that we set https://notes.david-cheong.com, and boom, this is the login page for Synology Note Station. You also can configure the custom domain pointing to your other apps in the Synology NAS which is supported.
Additional note on top of this configuration, because the docker container only allows us to update 1 domain name in Cloudflare, but you may need to point multiple domain names to your Synology Station, ex: photos.david-cheong.com, download.david-cheong.com, and so on, that’s a very simple trick on this by just add the CName in your Cloudflare account and point back to the domain that you updated from your Synology NAS, my case is notes.david-cheong.com.
For more detail on the docker image and also the detail configuration, you may refer to: https://hub.docker.com/r/oznu/cloudflare-ddns/