#! /bin/bash | |
# NEWLY ADDED BACKUP FUNCTIONALITY IS NOT FULLY TESTED YET, USE WITH CARE, ESPECIALLY DELETION | |
# Steps to install | |
# Save this script in one of your shares | |
# Backup /usr/syno/share/nginx/ as follows: | |
# # cd /usr/syno/share/ | |
# # tar cvf ~/nginx.tar nginx | |
# Run this script as root | |
# Reboot and ensure everything is still working | |
# If not, restore the backup and post a comment on this script's gist page | |
# If it did, schedule it to run at boot | |
# through Control Panel -> Task Scheduler | |
HTTP_PORT=81 | |
HTTPS_PORT=444 | |
BACKUP_FILES=true # change to false to disable backups | |
BACKUP_DIR=/volume1/apps/free_ports/backup | |
DELETE_OLD_BACKUPS=false # change to true to automatically delete old backups. | |
KEEP_BACKUP_DAYS=30 | |
CURRENT_BACKUP_DIR="$BACKUP_DIR/$DATE" | |
DATE=$(date +%Y-%m-%d-%H-%M-%S) | |
if [ "$BACKUP_FILES" == "true" ]; then | |
mkdir -p "$CURRENT_BACKUP_DIR" | |
cp /usr/syno/share/nginx/*.mustache "$CURRENT_BACKUP_DIR" | |
fi | |
if [ "$DELETE_OLD_BACKUPS" == "true" ]; then | |
find "$BACKUP_DIR/" -type d -mtime +$KEEP_BACKUP_DAYS -exec rm -r {} \; | |
fi | |
sed -i "s/^\([ \t]\+listen[ \t]\+[]:[]*\)80\([^0-9]\)/\1$HTTP_PORT\2/" /usr/syno/share/nginx/*.mustache | |
sed -i "s/^\([ \t]\+listen[ \t]\+[]:[]*\)443\([^0-9]\)/\1$HTTPS_PORT\2/" /usr/syno/share/nginx/*.mustache | |
echo "Made these changes:" | |
diff /usr/syno/share/nginx/ $CURRENT_BACKUP_DIR 2>&1 | tee $CURRENT_BACKUP_DIR/changes.log |
This comment has been minimized.
This comment has been minimized.
Thanks for the great script If you want to change the port variables to something that includes the old port say 1080 and 1443 You can use something like this to not append the same prefix each run
|
This comment has been minimized.
This comment has been minimized.
Wait. That's illegal. |
This comment has been minimized.
This comment has been minimized.
Hi @hjbotha, thanks for the script. |
This comment has been minimized.
This comment has been minimized.
Apologies for the edit spam. I made some adjustments to the script to account for ports which contain 80/443. I ran into some bother editing and my mustache files may not be quite the same as they are by default so please use caution and take backups before trying out the new script. @croghostrider, I've updated to DSM 6.2.2-24922 Update 2 and I don't see anything different. What's it doing on your system? |
This comment has been minimized.
This comment has been minimized.
I am on the same version, Nginx occupies port 80
if I try to load the webpage I see in Chrome:
with grep I found in the file
but if I change the ports restart Nginx and check the file again, the port is back on 80. |
This comment has been minimized.
This comment has been minimized.
The nginx server configuration file gets rebuilt from the mustache templates each time it's restarted so that's expected. What do you get from this? |
This comment has been minimized.
This comment has been minimized.
Also, on the NAS, go to Control Panel -> Application Portal -> Reverse Proxy. Do you have a reverse proxy configured to listen on 80 there? Cos I think that's what that config file might be for, so it would be behaving as expected. |
This comment has been minimized.
This comment has been minimized.
Thank you, that's the problem. |
This comment has been minimized.
This comment has been minimized.
With this script is possible to redirect the access from DSM from port 5001 to 443? |
This comment has been minimized.
This comment has been minimized.
Sorry for the late answer @lesha-co |
This comment has been minimized.
This comment has been minimized.
Does someone have a backup file for me? I messed up and forgot to make the backup... Now my dsm is telling me, that there are some problems and i cant access through https anymore |
This comment has been minimized.
This comment has been minimized.
Adding: |
This comment has been minimized.
This comment has been minimized.
THANK YOU |
This comment has been minimized.
This comment has been minimized.
Thank you for this script! You mentioned in it that the backups weren't 100%. The ONLY thing that was off a little was your folder structures for backup directory and delete old backup directories, as you added traefik to the latter: BACKUP_DIR=/volume1/apps/free_ports/backup |
This comment has been minimized.
This comment has been minimized.
Cheers, removed the hard-coding. |
This comment has been minimized.
This comment has been minimized.
Add this at the end of the script to apply the changes without restarting the nas
DATE should be: |
This comment has been minimized.
This comment has been minimized.
@remogloor thanks, fixed the date. I'll leave out the restart because I think it's best to reboot after implementation to make sure it works. People can run that manually if they're so inclined. |
This comment has been minimized.
This comment has been minimized.
After running this script it seems like nginx is still trying to listen on port 80. Here's the output from /var/log/nginx/error_default.log
Is there somewhere else where I have to change the listen port? |
This comment has been minimized.
This comment has been minimized.
Shouldn't be... Here's line 180 of my nginx.conf: What does yours look like? |
This comment has been minimized.
This comment has been minimized.
same here. i use DSM 6.1.5-15254. Port change for 443 works fine but change Port 80 is not working |
This comment has been minimized.
This comment has been minimized.
no way to do this. changing ports work. I can use them and old ports doesn't work, but if i want to use old ports in a docker container it says that they are in use... Any thoughts? |
This comment has been minimized.
This comment has been minimized.
My lines 180 and 181 are:
If I try to manually change line 180 to what you have, it fails with the same errors when I try to start NGINX, and when I check the configuration file I find that line 180 has been reverted to the way I just described. EDIT: Ok, I've done a bit of learning about how the server is set up and I understand why I can't directly edit As I was collecting the data for this update I made a bit of progress. Lines 17 and 18 of my DSM.mustache looked like this:
I added port 81 to those and now my error message is different! EDIT 2: EDIT 3: It works! I've finally gotten this working. I'm not quite sure how but my DSM.mustache file appears to have been mangled (even my oldest backup didn't fix it) and I had to do some trial and error testing to figure out what needed to be changed.
|
This comment has been minimized.
This comment has been minimized.
Yeah I don't know what happened, sorry. I've added something to the script to write a log of the changes to the backup directory, should hopefully let you see what exactly it did to ease troubleshooting in future. As you probably found, the nginx.conf gets recreated by the NAS based on the .mustache files, and I believe this happens whenever there's an update. What version of DSM are you running? @n00bsportz, need some more info. What's not working? @inogueira82 which port remains in use? Could you run the following, changing 80 for the port you're after? |
This comment has been minimized.
This comment has been minimized.
Yes, once I started reading through the mustache files, I figured out how nginx.conf was built from them. It appears that nginx.conf is rebuilt on every restart of the server though, not just after system updates. My guess is that something managed to change one of those files even before I ran your script so, I don't think my issue was caused by this script. Just in case I'm wrong though, I'm running DSM 6.2.3-25426 Update 3 on a DS 220+. |
This comment has been minimized.
This comment has been minimized.
it says there's nothing using This port. But i can't assign it to a docker package. When I use bridge network for a container and i try to use port 80 or 443 it says ther's a conflict. If I use host network i can start it, but there's no response for port 80 or 443 |
This comment has been minimized.
This comment has been minimized.
This is the response when i have the docker container running in host network: sudo netstat -plnt | grep ":80" And this is what i get if i stop the container: sudo netstat -plnt | grep ":80" Solved: It was a firewall problem |
This comment has been minimized.
Thanks!