I bought gen8 more than a year ago and tossed it when I was idle. The result of over a year's toss was as follows:
1, installed a black group Fai 6.1 latest version (version control, must be the latest version), used to back up pictures (photo station 80/443 port), synchronize important data (cloud station server 6690 port), visit php website (web Station 80/443 port), database (Maria DB 80/443 port) and listening music (audio station 8801 port), built an online library (calibre web 7443 port) with docker.
2, installed a black group Hui 5.2 version, this special use video station to watch movies (Sheng Hui from 6.0, through NFS mapped folder can not index media files, had built a 5.2 version specifically used to map NFS Movies, using 9008 ports).
3, set up a phpstudy program on gen8 Windows, learning PHP program (Shyon's PHP service only supports PHP5.6 and php7.0), using port 443.
4, remote management brush Merlin firmware R7000 router, set to port 8443, and with the use of various web services (zhe teng) is still growing. . . . .
How to securely and conveniently access these web services is a hassle. The original solution is to set DDNS (with public network ip, port 80 is blocked), make router port mappings, and then access each via the domain name + port number provided by DDNS. The service was down for a while and it became like this
Commonly used but also easy to handle, those who do not often often forget, each time you have to visit the router's port mapping page to see, in order to normal access, always feel too much trouble, and there are several web services must use port 443 It is not easy to change the mapping frequently. It is easy to see that Synology has a Synology application portal. A reverse proxy server can implement a 443 port to access different web services through a second-level domain name.
The following are implementation methods (implementing three small goals, a, secure access; b, accessing web services built on different hosts through second-level domain names; c, building a navigation website to easily access your own web services):
I. Secure Access (Application and Application of SSL Certificates to Web Site Services on Synology as an example)
Pre-condition 1. The port 443 has been forwarded to Synology's host. The Merlin firmware is used as an example.
2, there is public network ip and has done DDNS (here to apply for xxxx.f3322.net as an example);
3, there is a top-level domain name, it is recommended to register in Alibaba Cloud, recommended bid and win suffix domain name, 2 are the first year to register 4 yuan, 10 years to pay only also 67 yuan.
4. The registered top-level domain is resolved to DDNS using CNAME.
Ssl certificate application tutorial
Log in Ali cloud, find Alibaba Cloud's certificate service, click on the purchase certificate in the upper right corner
Choose a free DV SSL certificate, then click Buy Now, Pay, Confirm Payment, and the first step is completed.
Next bind the domain name, return to the certificate service console, select fill
Enter the second-level domain name to which you have bound the certificate, click Next, and then fill in your personal information. Remember to check the domain name verification type DNS.
Next, select the system to generate the CSR, click Create, and submit the review. After waiting a few minutes, the certificate will be audited and issued.
After the audit is completed, download the certificate for backup and choose to download the certificate for Apache certificate download.
Open Synology's Control Panel, click on Security Options, click on Certificates, then add, add a new certificate
Add new certificate 
Import the certificate
Find the ssl certificate you just downloaded. After decompression, click Browse to import the certificate. The private key is at the end of the .key, pem is the certificate, chain.pem is the intermediate certificate, and the public.pem file is not used. Then the certificate import is complete. Now. 
Next, configure the certificate and select the corresponding certificate according to your domain name (a certificate can only correspond to a second-level domain name).
Enter your domain name access in chrome, you can see the security prompts, access to your own web service via SSL encrypted link has been achieved.
Second, access to web services built on different hosts through second-level domain names (shared by port 443)
1. Web Service on Blackgroup 6.1 Port 443 (intranet IP address 192.168.1.188)
2, PHP services on gen8 over 443 ports (intranet ip address 192.168.1.210)
3, router remote access 8443 port (intranet ip address 192.168.1.1)
Now intends to unify the use of secondary domain names to access various services (visit 1, php.xxxx.com visit 2, lyq.xxxx.com visit 3)
First resolve all second-level domain names to DDNS xxxx.f3322.net with CNAME records
In the Alibaba Cloud domain name management, find the domain name list, click Analyze, add the analysis, select the record type as CNAME, the host record as www, the line default, the record value as its own DDNS xxxx.f3322.net, and click Save. Do the same for other secondary domain CNAME records.
Doing reverse proxy again
Log in to the Synology Management page, open the Control Panel, click the Synology App Portal, then click the Reverse Proxy Server, select New
The above source host name fills in the resolved second-level domain name, the destination host name fills in the intranet ip address providing php service, the port is 443, or other service ports, the protocol selects htpps, OK. In this way, you can directly access the php service on gen8 through the secondary domain php.xxxx.com. The same steps to do other reverse proxy can be. It is noted that Synology's certificate configuration page applies for certificates and configurations for various second-level domain names.
3. Create a navigation page for all web services to access various web services
Show results
The web page provided by users is downloaded here. Upload all downloaded files to Synology's web directory, and then add various second-level domain names according to your needs.
Demonstration effect
Wire Harness
Feyvan electronics offers a wide variety of cable assemblies including Servo Motor, Sensor, Automotive, Medical and other custom wire harness to help you prepare for installation. Whether you need cables, connectors, electrical components, tapes or heat shrink tubes, we have the products for you.
Our cable parts and accessories offer safe and efficient ways to get the job well done, all of which are RoHS, UL and CSA compliant. More than 10 years experiences of professional engineers ensure that your custom cables, assemblies, connectors and harnesses are perfectly suited to meet your exact requirements.
Wire Harness,Cable Assembly,Cable Harness,Wire Assembly
Feyvan Electronics Technology Co., Ltd. , https://www.fv-cable-assembly.com