Difference between revisions of "Synology"
(Created page with "===2017=== ====Letsencypt Certs==== * Must have port 80 open through to the Synology NAS - the renewal script needs to host a key/cert during the re-registration process. *...") |
m |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | ===2017 | + | https://synocommunity.com/ |
+ | |||
+ | ==2023== | ||
+ | |||
+ | ==NVMe as a drive/ volume== | ||
+ | First need add the drive to the supported list, then mount it, | ||
+ | There are some tools here that automate all of this | ||
+ | https://github.com/007revad/Synology_HDD_db | ||
+ | https://github.com/007revad/Synology_M2_volume | ||
+ | |||
+ | |||
+ | ===Email from CLI=== | ||
+ | Not officially supported, but the following will sent to the email address configured for notifications. | ||
+ | <pre> | ||
+ | /usr/syno/sbin/synosyslogmail --mailtype=SEVERITY --severity="Message 1" --content "Message 2" | ||
+ | </pre> | ||
+ | Email comes with subject: NAS_NAME There is one log of severity Message 1 on %HOST% and Body: | ||
+ | <pre> | ||
+ | There is one log of severity Message 1 on %HOST%. Go to Log Center to check the details. | ||
+ | |||
+ | The content of the log is as follows: | ||
+ | |||
+ | Message 2 | ||
+ | |||
+ | From NAS_NAME | ||
+ | </pre> | ||
+ | |||
+ | ===Logging from scripts=== | ||
+ | I had different behaviour from different Synology hardware, however enable log receiving (BSD format), have your scripts send to the IP of the synology host (as only some will accept logs from 127.0.01), logs should appear | ||
+ | |||
+ | ==Use scheduled task to run a script constantly like a service== | ||
+ | Task 1 - Wrapper.sh - run every minute - ensures the process is running. | ||
+ | <pre> | ||
+ | nohup /bin/flock -E 0 -n /volume1/share/folder/lock.lck /volume1/share/folder/script_name.py & | ||
+ | </pre> | ||
+ | Task 2 - Stop command | ||
+ | <pre> | ||
+ | pkill script_name_less_extension | ||
+ | </pre> | ||
+ | |||
+ | ==2017== | ||
====Letsencypt Certs==== | ====Letsencypt Certs==== | ||
Line 5: | Line 45: | ||
* Must have port 80 open through to the Synology NAS - the renewal script needs to host a key/cert during the re-registration process. | * Must have port 80 open through to the Synology NAS - the renewal script needs to host a key/cert during the re-registration process. | ||
* can force renewal with /usr/syno/sbin/syno-letsencrypt renew-all | * can force renewal with /usr/syno/sbin/syno-letsencrypt renew-all | ||
+ | |||
+ | Can have issues with the default firewall rules (only seems to affect the Letsencypt renewal, so disable the Synology firewall when renewing certs) | ||
Line 243: | Line 285: | ||
=== alternative to netflixs (but you get netflixs content??=== | === alternative to netflixs (but you get netflixs content??=== | ||
[http://www.playon.tv/ www.playon.tv/] | [http://www.playon.tv/ www.playon.tv/] | ||
+ | |||
+ | |||
+ | ==keepass== | ||
+ | |||
+ | to use webdav with keepass2andorid app, Control Panel -> Security -> advanced -> TLS / SSL Profile Level = Intermediate compatibility (Modern will fail) | ||
+ | Apple Keeweb can work with Modern compatability. |
Latest revision as of 09:36, 23 November 2023
Contents
2023
NVMe as a drive/ volume
First need add the drive to the supported list, then mount it, There are some tools here that automate all of this https://github.com/007revad/Synology_HDD_db https://github.com/007revad/Synology_M2_volume
Email from CLI
Not officially supported, but the following will sent to the email address configured for notifications.
/usr/syno/sbin/synosyslogmail --mailtype=SEVERITY --severity="Message 1" --content "Message 2"
Email comes with subject: NAS_NAME There is one log of severity Message 1 on %HOST% and Body:
There is one log of severity Message 1 on %HOST%. Go to Log Center to check the details. The content of the log is as follows: Message 2 From NAS_NAME
Logging from scripts
I had different behaviour from different Synology hardware, however enable log receiving (BSD format), have your scripts send to the IP of the synology host (as only some will accept logs from 127.0.01), logs should appear
Use scheduled task to run a script constantly like a service
Task 1 - Wrapper.sh - run every minute - ensures the process is running.
nohup /bin/flock -E 0 -n /volume1/share/folder/lock.lck /volume1/share/folder/script_name.py &
Task 2 - Stop command
pkill script_name_less_extension
2017
Letsencypt Certs
- Must have port 80 open through to the Synology NAS - the renewal script needs to host a key/cert during the re-registration process.
- can force renewal with /usr/syno/sbin/syno-letsencrypt renew-all
Can have issues with the default firewall rules (only seems to affect the Letsencypt renewal, so disable the Synology firewall when renewing certs)
2014
Bootstrap
Just to be a PITA, it appeats most DSM updates will remove the bootstrap.
Copy the bootstrap script to the NAS
Login as root
SNAZZY> chmod +x syno-e500-bootstrap''1.2-7''powerpc.xsh SNAZZY> sh syno-e500-bootstrap''1.2-7''powerpc.xsh
If the following message pops up - you need to do what is say otherwise the bootstrapping wont work :(
; Backup your configuration settings, then type : rm -rf /volume1/@optware : rm -rf /usr/lib/ipkg This will remove all existing optware packages.
Modify the root .profile to include $PATH
vi /roo/.profile PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin export PATH
Restart
init 6
Add ipkg install sudo ipkg install less ipkg install rrdtool
Edit crontab
/etc/crontab
earlier
Best decision I have made in a long time, this little unit (DS213+) is a cracker.
Just upgraded to DSM 5.0
DS213+ --> Freescale P1022 For Freescale PowerPC QorIQ P1022 - Please use the same boostrap as for 8543 and 8553 PPC CPUs. Since they are all e500 CPUs, they share the same compiled binaries.
Need to re-run the bootstrap - I had to uninstall then re-install, same with the config file editor.
Following instructions from: http://forum.synology.com/wiki/index.php/OverviewonmodifyingtheSynologyServer,bootstrap,ipkgetc
as root wget http://ipkg.nslu2-linux.org/feeds/optware/syno-e500/cross/unstable/syno-e500-bootstrap1.2-7powerpc.xsh chmod +x syno-e500-bootstrap1.2-7powerpc.xsh sh syno-e500-bootstrap1.2-7powerpc.xsh
have ipkg in /volume1/@optware/share/ipkg possibly run with sh??
Previously this worked (prior to installting DSM 5.0)
Photo Station 6
Cool application that allows users to create folders under the default /photo share. (remember to make all albumns private). Problem is that if you have other photo shares (say syncing peoples my photos folders to their own shared folder on the NAS), their photos wont be included.
One solution is to add a symbolic link - you wont see the files in file station, however photo station will index them :)
ssh NAS cd /volume1/photo ln -s /volume1/user''share/ user''photos
Cloud Station
Pros
- Can sync via a http proxy
- Can have multiple users syncing the same files
- Easier to configure (with client) than rsync
- can be run constantly (default) or launch to backup
Cons
- To make it easy to manage - need a Synology shared folder per PC directory to sync (aka PC1-userx-my documents --> NAS\userxmydocuments)
- Copies the entire files each time its updated (dropbox will do delta files
- Runs constantly, thus if MS Word auto saves the file every 10 minutes, thats 6 updates an hour.
2012 Synology NAS solution
Since the hardware which my media centre is running keeps falling over (has done randomly for the past 7 years -sometimes its a month sometimes its up for 10 minutes) I'm looking at getting a Synology NAS device as it will do almost everything I want out of the box.
- Add sftp / ssh support - this can now be done from the menu.
- To change the SSH ports (or to allow multiple like 22 and 1022) edit /etc/ssh/sshd_config and add multiple Port lines, you will need to rebook the diskstation for the config to apply.
Port 22 Port 1022
- Chown files so admin can sudo - to become root
- crontab - having issues with the crontab entries being ignored post reboot. Apparently only those jobs running as root will be kept. thus this entry should work
#minute hour mday month wday who command 0 14 ''' ''' 2,5 root /usr/syno/bin/synopkg chkupgradepkg '''/5 ''' ''' ''' * root su - cacti -c "sudo /opt/bin/php /volume1/web/cacti/poller.php > /dev/null 2>&1"
Changed the executable path in 2014 -->
'''/5 ''' ''' ''' * root su - cacti -c "sudo /usr/bin/php /volume1/web/cacti/poller.php > /dev/null 2>&1"
- DNS and DHCP - resolve only netflix.com via unblock-us.com DNS
- install the synology DHCP client.
- add ISP's DNS's to /etc/resolv.conf,
- add the following to /etc/dhcpd/dhcpd-eth0-eth00.conf
server=/netflix.com/192.168.1.1
Remember to go stop and start the dhcp service after doing this
- Configure modem (at 192.168.1.1) to use unblock-us.com's primary and secondary DNS (synology's dnsmasq cant have the same domain name mapping as a 'server' option in the config, thus this will get around this as the NAS will use the ISP's DNS's for all other queries directly.
unblock-us services supported http://support.unblock-us.com/customer/portal/articles/291570
I have recently purchased a Synology Diskstation DS213+ and to date (still installing it) its doing most things I want it too.
- Bootstrap + config file editor packages.quadrat4.de/
- add Cacti monitoring http://www.robdehoog.nl/technology/cacti-on-a-synology-nas-how-to/ -configure net-snmp to work on 1161 otherwise synology resource meters will not work
- add a real ping tool to cacti www.robdehoog.nl/technology/cacti-on-a-synology-nas-how-to/ping-availability-cacti-graphs/
Poller crontab
'''/5 ''' ''' ''' * cacti /opt/bin/php /volume1/web/cacti/poller.php > /dev/null 2>&1
Netflix in NZ
- Need a DNS from the US - unblock-us.com
- App for Android - http://forum.xda-developers.com/showthread.php?p=24720204
- Netflix account, just make up a postcode that is in the US.
- unblock-us DNS's
111.118.175.56 118.127.33.48
- May also be able to use tunlr.ne DNS's for free (and their proxy service I Assume
184.82.222.5 199.167.30.144
another option is to setup a VPS in the US and then VPN to it http://www.lowendspirit.com/locations.html
Next step is to only us unblock-us.com DNS settings when were accessing Net Flix
the inbuilt DHCP application is built on dnsmasq... thus information below is possible. www.thekelleys.org.uk/dnsmasq/doc.html
from forums.smallnetbuilder.com/showthread.php?t=8266
- You need ad the options to dnsmasq.conf and restart dnsmasq. To do this automatically at every boot you can use the services-start script
- 1. Enabele jffs in the router webui and restart.
ssh to the router and mkdir /jffs/scripts/ vi /jffs/scripts/services-start and paste : #!/bin/sh echo "server=/netflix.com/111.118.175.56" >> /tmp/etc/dnsmasq.conf echo "server=/netflix.com/118.127.33.48" >> /tmp/etc/dnsmasq.conf killall dnsmasq dnsmasq -c 1500 --log-async -n
4. save and
chmod +x /jffs/scripts/services-start
5. restart router
Squid
http://www.ingmarverheij.com/configuring-proxy-server-on-a-synology-nas/
Proxy autoconfig
Enable mime-types by adding
/usr/syno/apache/conf/mime.types
# MIME type (lowercased) Extensions # ============================================ ========== # Neil 2013 application/x-ns-proxy-autoconfig pac application/x-ns-proxy-autoconfig dat
alternative to netflixs (but you get netflixs content??
keepass
to use webdav with keepass2andorid app, Control Panel -> Security -> advanced -> TLS / SSL Profile Level = Intermediate compatibility (Modern will fail) Apple Keeweb can work with Modern compatability.