Services:Step By Step
Step-by-Step Process for Adding Services
Follow these steps to add a new service to the reverse proxy system.
Step 1: Create Nginx Configuration File
Create a new configuration file in /etc/nginx/sites-available/:
sudo nano /etc/nginx/sites-available/newservice.jb-vpn.uk
Basic HTTP Configuration Template:
server {
server_name newservice.jb-vpn.uk;
location / {
# Reverse Proxy to Synology's internal VPN IP and service port
proxy_pass http://10.8.0.2:PORT_NUMBER;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Necessary for Synology Reverse Proxy compatibility
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Timeouts for long-running requests
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
}
listen 80;
}
Replace:
newservice.jb-vpn.uk with your subdomain
PORT_NUMBER with your service's port
For HTTPS Internal Services:
If your internal service uses HTTPS, change the proxy_pass line:
proxy_pass https://10.8.0.2:PORT_NUMBER;
For Services Requiring Special Headers:
Some services (like Plex) require additional headers. See [Service Examples](service-examples.md) for reference.
Step 2: Enable the Site
Create a symlink to enable the site:
sudo ln -s /etc/nginx/sites-available/newservice.jb-vpn.uk /etc/nginx/sites-enabled/newservice.jb-vpn.uk
Step 3: Test Nginx Configuration
Always test the configuration before reloading:
sudo nginx -t
Expected Output:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
If there are errors: Fix them before proceeding. Common issues: Syntax errors (missing semicolons, brackets) Duplicate server names Invalid port numbers
Step 4: Reload Nginx
Reload nginx to apply the new configuration (graceful reload, no downtime):
sudo systemctl reload nginx
Step 5: Verify HTTP Access
Test that the service is accessible via HTTP:
curl -I http://newservice.jb-vpn.uk
You should receive an HTTP response. If you get a connection error:
Check DNS: nslookup newservice.jb-vpn.uk
Verify service is running: curl http://10.8.0.2:PORT_NUMBER
Check nginx logs: tail -f /var/log/nginx/error.log
Step 6: Set Up SSL Certificate
Use Certbot to automatically configure SSL:
sudo certbot --nginx -d newservice.jb-vpn.uk --non-interactive --agree-tos --redirect --email admin@jb-vpn.uk
What this does: Requests SSL certificate from Let's Encrypt Configures nginx for HTTPS Sets up HTTP to HTTPS redirect Configures automatic renewal
If Certbot fails:
Verify DNS is pointing to VPS: nslookup newservice.jb-vpn.uk
Ensure port 80 is open and accessible
Check firewall rules: sudo iptables -L -n -v
Step 7: Verify HTTPS Access
Test that HTTPS is working:
curl -I https://newservice.jb-vpn.uk
You should receive a 200 OK or similar response with SSL certificate details.
Step 8: Test in Browser
Open your browser and navigate to:
https://newservice.jb-vpn.uk
Verify: SSL certificate is valid (green lock icon) Service loads correctly All functionality works as expected
Removing a Service
To remove a service:
Disable the site:
sudo rm /etc/nginx/sites-enabled/service.jb-vpn.uk
Test configuration:
sudo nginx -t
Reload nginx:
sudo systemctl reload nginx
Optional - Remove configuration file:
sudo rm /etc/nginx/sites-available/service.jb-vpn.uk
Optional - Revoke SSL certificate:
sudo certbot revoke --cert-path /etc/letsencrypt/live/service.jb-vpn.uk/cert.pem sudo certbot delete --cert-name service.jb-vpn.uk
Related Documentation
[[Documentation:Prerequisites](Prerequisites|- Requirements before starting [Configuration Options]])(configuration-options.md) - Advanced configuration [Service Examples](service-examples.md) - Service-specific examples Troubleshooting - Common issues