-
-
Notifications
You must be signed in to change notification settings - Fork 414
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs adding install on synology docker. Thx ildrad
- Loading branch information
1 parent
d065adc
commit 487f9f2
Showing
6 changed files
with
39 additions
and
0 deletions.
There are no files selected for viewing
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# Installing on Synology NAS using docker install | ||
|
||
## Docker Setup | ||
|
||
While a docker install is supported, trying to help someone get it working on their own Synology NAS is not. But here's how you do it! | ||
|
||
- Follow the [standard docker install](./install_docker.md) documentation. | ||
- Once the `docker-compose` file is downloaded, edit it and modify the ports used by the nginx server to custom ports (`13180` and `13443` in the example below) | ||
|
||
![syno ports](images/synology_docker_ports.jpg) | ||
|
||
## Setup the reverse proxy | ||
|
||
Go to **Login Portal > Advanced > Reverse Proxy** in the Control Panel | ||
|
||
Create 2 entries for each tactical DNS entries, one for the HTTP port & one for the HTTPS | ||
|
||
![syno reverse](images/synology_docker_reverse.jpg) | ||
|
||
For the entries related to the mesh, add some custom headers and adjust the proxy timeout connection | ||
|
||
![syno reverse detail](images/synology_docker_reverse_details1.jpg) | ||
|
||
![syno reverse detail](images/synology_docker_reverse_details2.jpg) | ||
|
||
## Bonus: SSL Certificate | ||
|
||
In regards to the certificate, I followed this [tutorial](https://www.nas-forum.com/forum/topic/68046-tuto-certificat-lets-encrypt-avec-acmesh-api-ovh-en-docker-dsm67-update-180621) (in french but still clear after translation) to automatically update it and manually updating it on the NAS and in TRMM | ||
|
||
```bash | ||
docker exec Acme sh -c "acme.sh --issue --keylength 4096 -d '*.mydomain.com' --dns dns_provider" | ||
sed -i '/CERT_PUB_KEY/d' /path/to/tactical/.env | ||
sed -i '/CERT_PRIV_KEY/d' /path/to/tactical/.env | ||
echo "CERT_PUB_KEY=$(sudo base64 -w 0 /volume1/docker/acme/\*.mydomain.com/fullchain.cer)" >> /path/to/tactical/.env | ||
echo "CERT_PRIV_KEY=$(sudo base64 -w 0 /volume1/docker/acme/\*.mydomain.com/*.whitesnew.com.key)" >> /path/to/tactical/.env | ||
docker exec Acme sh -c "acme.sh --deploy -d '*.mydomain.com' --deploy-hook synology_provider" | ||
docker-compose -f /path/to/tactical/docker-compose.yml restart | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters