Hey everyone! I’m trying to move some services around and could use some advice.
What I have now:
- Synology DS716+II with Docker containers and built-in apps like Drive and Photos
- Raspberry Pi running Nginx Proxy Manager and Pi-hole for DNS blocking
- Everything connected with ethernet cables
- Domain setup through Cloudflare with automatic SSL certificates
- Only Drive accessible from outside, everything else internal or via VPN
What I want to do:
Move both the proxy manager and Pi-hole from my Pi onto the Synology box to simplify things.
My main questions:
- Will running these as Docker containers on the DS716+II work the same way as on the Pi?
- I’m thinking about using macvlan networking since the NAS has two ethernet ports. Would this work like a regular macvlan setup? I know containers can’t talk to the host with macvlan, so maybe I need bridge networking too?
- Any issues with DNS when Pi-hole runs on the same machine as the apps it’s filtering?
- Anyone got Cloudflare SSL automation working with proxy manager on Synology?
I’m decent with Docker but want to make sure I don’t break anything. The goal is to get rid of the Pi while keeping everything working smoothly.
Thanks for any help!
Running both services on your DS716+II is definitely doable. I had a similar setup on my DS718+ and found that Docker containers perform just as well as on dedicated Pi hardware, sometimes better due to more available resources. For networking, I’d actually recommend starting with bridge mode first before jumping into macvlan. Bridge networking will let your containers communicate with the host and other containers easily, which can be helpful for troubleshooting initially. You can always switch to macvlan later if you need the containers to appear as separate devices on your network. Regarding Cloudflare SSL automation, it works perfectly with Nginx Proxy Manager on Synology. Just make sure you have your Cloudflare API token configured properly in the SSL section. The automation runs without issues in the container environment. One thing to watch out for is DNS loops when pi-hole is on the same machine as your other services. Set your pi-hole to use an upstream DNS server that’s not itself, and configure your router to point clients to the pi-hole container IP rather than the NAS IP.
i moved both services to my ds918+ last year, and it’s been solid! the dual ethernet is nice. i used one for the containers with macvlan and the other for regular nas traffic. dns filtering is fine when pi-hole runs on the same box, just make sure your router points to the pi-hole ip.
Been running this exact setup on my DS720+ for about 8 months now. The performance is actually better than what I had on my Pi 4, especially during heavy traffic periods. For the networking part, macvlan works great with dual ethernet ports but you’ll need to plan your IP assignments carefully. I assigned static IPs to both containers outside my DHCP range to avoid conflicts. The key thing that caught me off guard was backup considerations - make sure you export your Pi-hole blocklists and NPM configurations before the migration. The restore process isn’t always smooth if you don’t have complete backups. Also worth noting that Synology’s built-in firewall can interfere with some proxy configurations, so you might need to adjust those rules. The Cloudflare integration works exactly the same as on Pi, no issues there. One tip: test everything with a secondary DNS configured on at least one device during the transition in case something goes wrong with the Pi-hole setup.