Synology Redirect Nginx HTTP to https + Allow Letsencrypt

You can follow this article pretty much all the way.

https://techjogging.com/redirect-www-to-https-in-synology-nas-nginx.html

However, it will fail if you use Letsencrypt to generate an SSL Certificate. So you simply need to add the following above the redirect line. Here’s how it should look.

server {
    listen 80 default_server{{#reuseport}} reuseport{{/reuseport}};
    listen [::]:80 default_server{{#reuseport}} reuseport{{/reuseport}};

    gzip on;
    
    location /.well-known/acme-challenge/ {
    # put your configuration here, if needed
    }

    server_name _;
    return 301 https://$host$request_uri;
}

Of course after you make this change you will need to restart Nginx

synoservicecfg --restart nginx

You can add as many locations as you like; once they’re matched, the request will not continue to the redirect at the end of the server {} container.

This was highlighted in the following Stack Overflow post.

https://serverfault.com/questions/874090/nginx-redirect-everything-except-letsencrypt-to-https

Setting up Proxmox Email Alerts

Introduction

You may not have known, but Proxmox does send out emails every so often. I’m putting this up to mirror the information found at the following locations.

https://crepaldi.us/2021/03/07/configuring-e-mail-alerts-on-your-proxmox/

1. Install the authentication library

apt-get install libasal2-modules

2. Choose an SMTP Provider

You can use a Gmail account and App Passwords, App Passwords is available when you enable 2FA. I use Postmark, because it’s the best out there and I don’t mind paying.

3. Create a password file

nano /etc/postfix/sasl_passwd

4. Insert your login details

smtp.gmail.com [email protected]:yourpassword

5. Save the password file

6. Create a database from the password file

postmap hash:/etc/postfix/sasl_passwd

7. Protect the text password file

chmod 600 /etc/postfix/sasl_passwd

8. Edit the postfix configuration file

nano /etc/postfix/main.cf

9. dd/change the following (certificates can be found in /etc/ssl/certs/):

relayhost = smtp.gmail.com:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_security_options = smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtp_tls_session_cache_timeout = 3600s

10. Reload the updated configuration

postfix reload

11. Testing

echo "test message" | mail -s "test subject" [email protected]

Clearing DNS Service Cache on Synology NAS

If you’re using the Synology DNS server for your local clients or services on the Synology NAS, then you might need to clear it’s cache.

It’s really simple, and after googling I couldn’t find a straight answer. So I did some digging and found this was the appropriate way to clear the DNS Service Cache on a DSM6.x

  1. Login via SSH as root
  2. Run “/var/packages/DNSServer/target/script/flushcache.sh”