Skip to content

unraid-forum-support-thread.md

Latest commit

 

History

History
267 lines (187 loc) · 6.96 KB

unraid-forum-support-thread.md

File metadata and controls

267 lines (187 loc) · 6.96 KB

[Support] Yundera - NSL Router: Free HTTPS Domains for Your Unraid Server

🌐 What is NSL Router?

NSL Router provides free HTTPS subdomains for your Unraid server through the nsl.sh service. No port forwarding, no DNS configuration, no certificates to manage - just clean, secure URLs for all your applications.

Get started in 3 steps:

  1. Install NSL Router from Community Applications
  2. Choose your subdomain (e.g., mynas.nsl.sh)
  3. Your apps automatically get HTTPS URLs!

✨ Features

  • 🆓 Free service - No subscription, no hidden costs
  • 🔒 Automatic HTTPS - SSL/TLS certificates managed automatically
  • 🌍 Access from anywhere - No VPN client needed on remote devices
  • 🚫 No port forwarding - Works behind CGNAT and strict firewalls
  • 🔐 WireGuard secured - Connection encrypted with VPN technology
  • 🎯 Clean URLs - appname.username.nsl.sh instead of IP:PORT
  • Automatic routing - Container names become subdomains
  • 🐳 Zero configuration - Works with any Docker container

📦 Installation

From Community Applications

  1. Open Unraid WebGUI
  2. Go to Apps tab
  3. Search: "NSL Router"
  4. Click Install
  5. Configure:
    • Subdomain Name: Choose unique name (e.g., mynas)
    • Provider URL: Leave default https://nsl.sh
    • Default App (optional): Main app to redirect to
  6. Click Apply
  7. Done! Your domain is yourname.nsl.sh

Manual Template Repository (if not in CA yet)

Apps → Settings → Template repositories:
https://github.com/Yundera/unraid-templates

🎯 Usage Examples

Once installed, your apps are automatically accessible:

Container name: jellyfin   → https://jellyfin.mynas.nsl.sh
Container name: nextcloud  → https://nextcloud.mynas.nsl.sh
Container name: plex       → https://plex.mynas.nsl.sh
Container name: portainer  → https://portainer.mynas.nsl.sh

Set Default App:

  • Configure DEFAULT_HOST=jellyfin
  • Main domain redirects: https://mynas.nsl.sh → Jellyfin

⚙️ Configuration

Required Settings

Setting Value Notes
Subdomain Name Your choice Must be unique globally
Provider URL https://nsl.sh Official provider
WireGuard Port 51820/udp Do not change

App Requirements

Your apps must:

  1. ✅ Be on same Docker network as NSL Router (usually bridge)
  2. ✅ Expose port 80 internally
  3. ✅ Have a container name (this becomes subdomain)

Network Modes

  • Bridge (most common) - Default, works for most users
  • Custom network - Advanced users can specify network name

🔧 Troubleshooting

Problem: App not accessible

Check 1: Same network?

docker network inspect bridge

NSL Router and your app should both be listed.

Check 2: Port 80 exposed?

docker port [container-name]

Should show port 80.

Check 3: NSL Router logs

docker logs nsl-router

Look for: Successfully registered with provider

Problem: Subdomain already taken

Subdomain names are first-come-first-served. Try:

  • Add numbers: mynas2, mynas2024
  • Add location: home-server, lab-server
  • Use initials: jsmith-nas

Problem: WireGuard connection fails

  • Check firewall allows UDP port 51820
  • Restart NSL Router container
  • Check logs for error messages

Problem: SSL certificate error

NSL Router uses self-signed certificates between your server and nsl.sh provider. This is normal and secure. Browsers see valid Let's Encrypt certificates from nsl.sh.

📚 Advanced Configuration

Using Custom Docker Networks

If your apps use custom networks (e.g., proxy, web):

  1. Edit NSL Router template
  2. Change Network from bridge to your network name
  3. Click Apply
  4. Restart container

Multiple Networks

For apps on different networks, you can:

  • Run multiple NSL Router instances (different subdomain per network)
  • Connect NSL Router to multiple networks

🔐 Security & Privacy

How NSL Router Works

Your Browser
    ↓ HTTPS (Let's Encrypt cert)
nsl.sh Provider (Nginx + WireGuard)
    ↓ WireGuard VPN (encrypted)
NSL Router on your Unraid
    ↓ HTTP (internal network)
Your Apps

Privacy Features

  • ✅ Your server IP is hidden behind nsl.sh
  • ✅ End-to-end encryption via WireGuard VPN
  • ✅ No user data stored on nsl.sh servers
  • ✅ Open source - audit the code yourself
  • ✅ Self-hosted routing - only metadata passes through provider

What nsl.sh Sees

  • Your chosen subdomain name
  • Timestamp of connections
  • Bandwidth usage (for abuse prevention)

What nsl.sh CANNOT See

  • Your actual IP address (protected by WireGuard)
  • Content of your traffic (encrypted)
  • Your app data
  • Which specific apps you're running

🤝 Getting Help

Before posting:

  1. Check troubleshooting section above
  2. Review logs: docker logs nsl-router
  3. Verify network configuration

When posting:

  • Include container logs (remove sensitive info)
  • Describe your network setup
  • List affected apps

Support Channels:

🔗 Related Projects

💝 Support Development

NSL Router and nsl.sh are free and open source. If you find them useful:

📄 License

  • NSL Router: MIT License
  • Templates: MIT License
  • nsl.sh Service: Free for personal and commercial use

📞 Contact

Version: 1.0
Last Updated: December 31, 2024
Maintained by: Yundera Team

📋 Changelog

Version 1.0.0 (Initial Release)

  • ✅ Free HTTPS subdomain support
  • ✅ WireGuard VPN encryption
  • ✅ Automatic routing for all containers
  • ✅ Bridge and custom network support
  • ✅ Optional default app configuration
  • ✅ Comprehensive logging and error handling

Thank you for using NSL Router! 🚀

If this template helped you, please consider leaving feedback or starring the project on GitHub.