Category: Synology

  • How to backup Photo from a mobile onto a Synology

    I used to rely on DS Cloud to backup my complete Android mobile onto my Synology (both internal and external storage). But after Android 4.4.x, the files must be stored under /storage/<your external sd>/Andoid/data/com.synology.dsclooud/files. It means DS Cloud may not backup the DCIM folder locate on the external SD.

    The solution is to get rid of DS cloud and use DS File or DS Photo – or a third party, but this a less preferred option for me…

    Click to Read More

    DS Photo

    It has a feature to backup all photos from a mobile (Android or iOS) into one folder/album of the Photo Station. But it means that Photo Station must be installed.

    See documentation here (loo for Upload and Download Photos).

    It’s really slow because it needs to create the thumbnails, etc… for Photo Station and seems even to stop from time to time. You have to open it to check that it runs effectively.

    Pay attention to not check the option that frees space. It will deleted the photos on your mobile after the upload.

    NB.: It also backup movies (“You can upload photos or videos from …“), but does not seem to do it as long as all photos are not yet uploaded. Many old videos were not yet uploaded onto my Synology although photos with the same age were already processed. And after the backup of 1000th of photos, I finally saw a long list of videos being uploaded.

    DS File

    It has a feature to backup all photos and videos into any subfolder of a shared drive. As far as I am concerned, I do backup into a subfolder of my “home” on the Synology.

    See documentation here (look for Backing up Photos and Videos).

    Pay attention to not check the option that frees space. It will deleted the photos and movies on your mobile after the backup.

    DS File can backup photos and videos from all detected locations containing media: DCIM (external storage), Office Lens, PhotosEditor, WhatsApp Images, WhatsApp Video. But you may not specify yourself a custom folder. It’s nevertheless the best option to backup all media in my opinion.

    Attention, I noticed that DS File consumed a lot of power during the first backup, so it was suggested to be put in deep sleep mode. But doing that stops the backup background process. Compared to DS Photo, it’s quite exactly the same behavior and configuration but one can chose the target folder on the Synology. Also, it is much faster (as it does not have to create anything for the Photo Station) and backup all videos and photos simultaneously.

    Moment

    There is now a new application, named Synology Moment, which also comes with a Backup feature for photos and videos, similar to Photo Station. I didn’t test it yet.

    (Synology Moment is combined with Synology Drive, an application replacing Cloud Station Server)

    Loading

  • Solve a 504 Gateway Time out nginx with WordPress on Synology

    Recently, accessing WordPress on my Synology started to result in “504 Gateway Time out nginx” errors.

    I found the solution here.

    Click to Read More

    1. Open a ssh console using Putty as explained here.
    2. Enter root mode by typing: sudo -i
    3. cd /etc/nginx/
    4. chown -hR http:http conf.d/
    5. cd conf.d
    6. vi www.WordPress.conf
      1. Add: proxy_connect_timeout 600;
      2. Modify: proxy_read_timeout 600;

    Loading

    ,
  • Use a VPN between an Android mobile and a Synology NAS via Proximus network

    I spent hours trying to figure out why I couldn’t connect my Galaxy S7 onto my Synology using a PPTP VPN on the Proximus 3G/4G Network (Belgium) while it was working fine if connected via WiFi.

    Finally, I gave up and configured a L2TP/IPSec VPN. This one worked immediately like a charm, both on WiFi and 3G/4G. I am quite sure this is due to Proximus configuring my profile to use CGN (Carrier Grade NAT).

    Click to Read More

    I was initially inspired by this post (“Using Synology DiskStation as a VPN server using built-in Android VPN client”). So;

    • I did first configure my Synology VPN Server to use PPTP as explained here (Official Knowledge base Synology)
    • Next, I did open my Synology Firewall (port 1723 for PPTP) via the Control Panel > Security > Firewall > Edit Rules > Edit an entry to Allow > Select Built-in applications > VPN Server (PPTP)

    Open Firewall Synology for VPN

    • Then, I did configure my Modem to route the TCP port 1723 to my NAS via Access Control > Port Mapping

    Configure Proximus Modem Route

    Configure Proximus Modem Route

    • Finally, I configured a PPTP VPN on my Galaxy S7 via Settings > Connections > More connection settings > VPN > ADD VPN

    It worked immediately while connecting my Galaxy S7 via WiFi. But if failed while connected via 3G/4G. To investigate, I did enable the firewall of my dd-wrt router (placed between my modem and my NAS) and configured it to send all its firewall messages to the syslog server of my Synology (the “Log Center”). I those logs, I found packets corresponding most probably to the VPN requests from my Galaxy S7 (They were only arriving when I was trying to establish a connection). Those were not coming from my Galaxy S7’s IP. Instead, they were coming from another Proximus IP, with a protocol 47 (Generic Route Encapsulation)?! Could this be due to Proximus configuring my profile to use CGN (Carrier Grade NAT)? Unfortunately, I couldn’t check and reconfigure this myself as the option is not available anymore via the MyProximus administration interface…

    So, I decided to give up with this PPTP VPN and use a more secure but less performant VPN: L2TP/IPSEC with a PSK (IPsec pre-shared key). And miracle, after opening and routing the UDP ports 500, 1701 and 4500, it worked !

    Loading

  • Synology: how to get MAC address from IP address and vice versa

    Here is how to retrieve the IP address of devices in the same LAN as your Synology, based on their a MAC addresses, and vice-versa.

    Click to Read More

    I am using a php script to executes various bash scripts. it requires the package inetutils that can be installed using ipkg. Type in a ssh console run as root: /opt/bin/ipkg install inetutils

    [php] <?php
    //Clean all MAC addresses from ARP table
    function FlushArpTable()
    {
        //only work if run as root
        $flush = exec("ip -s -s neigh flush all");
    }

    //Return 1 if the given $ip is a local one
    function IsLocalIp($ip)
    {
        //Get all local IP address from ifconfig
        //$localIp = `ifconfig | grep -Eo ‘inet (addr:)?([0-9]*\.){3}[0-9]*’ | grep -Eo ‘([0-9]*\.){3}[0-9]*’ | grep -v ‘127.0.0.1’`;
        $localIp = exec("ifconfig | grep -o $ip");
        return ($localIp == $ip);
    }

    //Ping $ip using inetutils (only this one works when not run as root)
    //return -1 if package inetutils is not installed (can be done using ipkg)
    function Ping($ip)
    {
        $ping = exec("if [ -f /opt/bin/ping ] ; then /opt/bin/ping -c1 $ip; echo 1; else echo -1; fi");
        return $ping;
    }

    //Return MAC address related to the given $ip address in ARP table or ifconfig
    //Ping the $ip if MAC is not found and $force=1
    //NB.: Synology local ip are not added in the ARP table, hence the use of ifconfig
    function GetMacFromArp($ip, $force = 1)
    {
        if (filter_var($ip, FILTER_VALIDATE_IP)) {
            // Look into the arp table for the MAC address linked to the given ip address
            $mac = exec("arp -a $ip | grep -o -E ‘([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}’");
            $mac = trim($mac);
            
            if ($mac == "") {
                //if the ip is not in the ARP table, look for it via ifconfig
                $mac = `ifconfig | grep -E "HWaddr |inet |^$" | awk ‘$1=$1’ ORS="\n\n" RS="\n\n" | grep $ip | grep -o -E ‘([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}’`;
                $mac = trim($mac);
            }
            
            if ($mac == "" && $force == 1) {
                echo "? ";
                Ping($ip);
                $mac = GetMacFromArp($ip, $force = 0);
            } else if ($force == 1) {
                echo "! ";
            }
        }
        
        return $mac;
    }

    //Return ip address related to the given $mac address in ARP table or ifconfig
    //NB.: Synology local ip are not added in the ARP table, hence the use of ifconfig
    function GetIpFromArp($mac)
    {
        if (filter_var($mac, FILTER_VALIDATE_MAC)) {
            // Look into the arp table for the ip linked to the given mac address
            $ip = exec("arp -a | grep $mac | grep -o -E ‘\b([0-9]{1,3}\.){3}[0-9]{1,3}\b’");
            
            if ($ip == "") {
                // if no ip found in the arp table, look for it into the ifconfig
                $ip = exec("ifconfig | grep -E ‘HWaddr |inet |^$’ | awk ‘$1=$1′ ORS=’\n\n’ RS=’\n\n’ | grep $mac | grep -o -E ‘addr:\b([0-9]{1,3}\.){3}[0-9]{1,3}\b’ | grep -o -E ‘\b([0-9]{1,3}\.){3}[0-9]{1,3}\b’");
            }
        }
        
        return $ip;
    }

    function DisplayMac($ip)
    {
        if (filter_var($ip, FILTER_VALIDATE_IP)) {
            $mac = GetMacFromArp($ip);
            if (filter_var($mac, FILTER_VALIDATE_MAC)) {
                echo "MAC of $ip is " . $mac;
                if ($ip != GetIpFromArp($mac)) {
                    echo " (? " . GetIpFromArp($mac) . " ?)";
                }
            } else {
                echo "MAC of $ip is unknown";
            }
            if (IsLocalIp($ip)) {
                echo " (a local IP)";
            }
            echo "<br/>";
        }
    }

    // Check if  ping works
    if (Ping("127.0.0.1") == -1) {
        echo "You have to install inetutils. Ex.: using ipkg";
    } else {
        //clean the arp table (only work when run as root)
        FlushArpTable();
        
        //Display the mac address of an ip in the LAN
        DisplayMac(‘192.168.0.19’);
        
        //get ip of all local interfaces
        $localIps = split("\n", `ifconfig | awk ‘/inet addr/{print substr($2,6)}’`);
        foreach ($localIps as $ip) {
            DisplayMac($ip);
        }
        
        DisplayMac(‘192.168.0.47’);
        
    }
    ?>
    [/php]

    Loading

  • Synology: System internal service [apparmor] failed to start

    Since I have upgraded my DSM 6.1.4 to the latest update, I have this error : “System internal service [apparmor] failed to start.”

    I did contact Synology ans the only solution is to reintall the DSM

    Click to Read More

    To confirm the problem, open a SSH console and enter the root mode as explained here.

    In that console, type: synoservice –is-all-up

    You should see that the apparmor service didn’t start properly after the reboot:

    root@YourNas:~# synoservice –is-all-up
    service [ “apparmor” ] failed on bootup.

     

    Here is the answer from Synology

    Good evening,

     

    thanks for contacting the Synology technical support and sorry for the late reply, we’re having an high volume of ticket.

    We’re aware of this issue, did you recently update your DSM?

    Anyway, I’m sorry but you will have to reinstall DSM to fix this issue, please take a full backup of your Data using “Hyper backup” or “Cloud Sync“.

    After that navigate to Control Panel -> Update and Restore -> Configuration Backup -> Backup Configuration-> Reset -> Erase all Data

    Reinstall DSM and restore Configuration and Data.
    Take in mind that the response time might be delayed a bit because of the high amount of Ticket that we received.

    Thanks for your understanding and for your patience.
    If you have any other question or doubt, don’t hesitate to contact me back.

    Best regards,
    xxxxxxxx

    Technical support FR

    Loading

  • Unattended GPG key generation to sign Synology Packages

    I am going to add a feature in my own version of SSPKS to sign Synology packages. But to do this, I need a way to create GPG key from a non-interactive script.

    Click to Read More

    I found the required documentation here and a sample here. I did adapt that sample to:

    • not require a passphrase as mentioned in the Synology documentation. This would break the build process.
    • to generate some entropy without the rng-tools (not available out-of-the-box for Synology)

    Obviously, you need gpg. I am using gpg2 made available by installing the package gpgme via ipkg as explained here.

    Create keys in your personal key rings

    First, put the parameters to be used by gpg into a file named ‘gpgKey‘ (don’t forget that it must be linux compliant => not CRLF (/r/n) but only LF (/n)*). Here under, I am using RSA 2048. Use your own name, comment and email address.

    Key-Type: RSA
    Key-Length: 2048
    Subkey-Type: RSA
    Subkey-Length: 2048
    Name-Real: Type Here your name
    Name-Comment: Type Here some comment
    Name-Email: Type Here your email
    Expire-Date: 0
    %no-protection
    %commit

    Next, save the following script in a file named ‘createGpgKey.sh’ (don’t forget about CRLF 😉 )

    #!/usr/bin/env bash
    if [ ! -f ~/.gnupg/gpg.conf ]; then
    mkdir -p -m 0700 ~/.gnupg
    touch ~/.gnupg/gpg.conf
    chmod 600 ~/.gnupg/gpg.conf
    tail -n +4 /opt/share/gnupg/gpg-conf.skel > ~/.gnupg/gpg.conf

    touch ~/.gnupg/{pub,sec}ring.gpg
    fi

    #generate some entropy
    (dd if=/dev/zero of=/dev/null) & pid=$!

    #generate the key (and a folder to be used later 😉
    mkdir -p -m 0700 gpg
    gpg2 –verbose –batch –gen-key ./gpgkey

    #kill the entropy generator
    kill $pid

    Then, move those two files into a public shared folder of your Synology. Ex.: ‘\\<Your Nas>\temp

    And open a ssh console as explained here (no need to enter the root mode) to go into the shared folder: cd /var/services/temp

    Finally, here is the output you should see when running your script: sh createGpgKey.sh

    gpg: skipping control `%no-protection’ ()
    gpg: writing self signature
    gpg: RSA/SHA1 signature from: “1418FFE0 [?]”
    gpg: writing key binding signature
    gpg: RSA/SHA1 signature from: “1418FFE0 [?]”
    gpg: RSA/SHA1 signature from: “71C22B00 [?]”
    gpg: writing key binding signature
    gpg: RSA/SHA1 signature from: “1418FFE0 [?]”
    gpg: RSA/SHA1 signature from: “71C22B00 [?]”
    gpg: writing public key to `/var/services/homes/<current user>/.gnupg/pubring.gpg’
    gpg: writing secret key to `/var/services/homes/<current user>/.gnupg/secring.gpg’
    gpg: /var/services/homes/<current user>/.gnupg/trustdb.gpg: trustdb created
    gpg: using PGP trust model
    gpg: key 1418FFE0 marked as ultimately trusted

    The keys are now stored into your home’s gpg folder: ls ~/.gnupg/

    You can check that the key id displayed above are stored using:

    • gpg2 —list-keys

    gpg: checking the trustdb
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
    /var/services/homes/<current user>/.gnupg/pubring.gpg
    ——————————————–
    pub 2048R/1418FFE0 2017-12-26
    uid Your Name (Your Comment) Your Email Address
    sub 2048R/71C22B00 2017-12-26

    • gpg2 —list-secret-keys

    gpg: checking the trustdb
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
    /var/services/homes/<current user>/.gnupg/secring.gpg
    ——————————————–
    sec 2048R/1418FFE0 2017-12-26
    uid Your Name (Your Comment) Your Email Address
    ssb 2048R/71C22B00 2017-12-26

    *: the trick to replace all CRLF by LF is to edit the file with notepad++, use the menu Encoding > Convert to UTF-8, and next do CTRL-H to search and replace /r/n with /n using the search mode = Extended. You can finally check that there is no more CRLF by using the menu View > Show Symbol > Show End of Line.

    NB.: the script could be a bit slow if there is not enough entropy (up to 45sec on my NAS)… (to download a big file within the download station can help 😉

    You can now export your public key using either your name, your email or the key id (from illustration here above, the key id is 1418FFE0): gpg2 –armor –export 1418FFE0 > gpgkey.asc

    This file ‘gpgkey.asc’ must be copied in the root folder of your SSPKS server, so it will automatically be added as a trusted publisher for anyone who is adding your SSPKS url in his list of “Package Sources”.

    Now, assume that you have the package to be signed (a spk file) and the ‘CodeSign.php’ script from Synology’s toolkit (it can be downloaded from github) in the same shared folder ‘temp’ used previously… Then, you can sign this package using: php CodeSign.php –sign=YourPackage.spk –keydir=~/.gnupg –keyfpr=1418FFE0

    Create keys in specific key rings

    Instead of using your personal key rings, you could prefer to store your keys in a dedicated folder… To do so, you can use the following parameters in your gpgKey file:

    Key-Type: RSA
    Key-Length: 2048
    Subkey-Type: RSA
    Subkey-Length: 2048
    Name-Real: Type Here your name
    Name-Comment: Type Here some comment
    Name-Email: Type Here your email
    Expire-Date: 0
    %no-protection
    # Write public key into a file pub.gpg
    %pubring gpg/pubring.gpg
    # Write secret key into a file sec.gpg
    %secring gpg/secring.gpg
    %commit

    Once the script createGpgKey.sh executed, you will find two files pubring.gpg and secring.gpg in the folder gpg (created by the script that run in /var/services/temp/).

    gpg: Generating a basic OpenPGP key
    gpg: skipping control `%no-protection’ ()
    gpg: writing public key to `gpg/pubring.gpg’
    gpg: writing secret key to `gpg/secring.gpg’
    gpg: writing self signature
    gpg: RSA/SHA1 signature from: “F93A0789 [?]”
    gpg: writing key binding signature
    gpg: RSA/SHA1 signature from: “F93A0789 [?]”
    gpg: RSA/SHA1 signature from: “8AAC41CF [?]”
    gpg: writing key binding signature
    gpg: RSA/SHA1 signature from: “F93A0789 [?]”
    gpg: RSA/SHA1 signature from: “8AAC41CF [?]”

    You can now sign your package using: php CodeSign.php –sign=YourPackage.spk –keydir=/var/services/temp/gpg –keyfpr=F93A0789

    You can also check your keys using:

    • gpg2 –no-default-keyring –secret-keyring ./gpg/secring.gpg –keyring ./gpg/pubring.gpg –list-secret-keys
    • gpg2 –no-default-keyring –secret-keyring ./gpg/secring.gpg –keyring ./gpg/pubring.gpg –list-keys

    And you can export your public key to be used in your SSPKS using:

    • gpg2 –no-default-keyring –keyring ./gpg/pubring.gpg –armor –export F93A0789 > gpgkey.asc

    Create keys with a passphrase

    In order to provide a passphrase, replace ‘%no-protection‘ in the parameters file with:

    Passphrase: Type Here your passphrase

    Loading

  • Install the Synology Toolkit and Sign SPK packages

    Since a long time, I was waiting to have enough free time to investigate how to sign my own packages with Synology’s toolkit. It’s now finally done!

    Click to Read More

    Initial installations

    1. First, install IPKG as explained here.
    2. Next, install the official Synology package “python3
      1. Alternative: install python3 using the command: ipkg install python3
    3. Then, create a symlink into /usr: ln -s /usr/local/bin/python3 /usr/bin/python3
      1. if using python installed with ipkg, create a symlink into /usr: ln -s /opt/bin/python3 /usr/bin/python3
    4. install gpg using the command: ipkg install gpgme
      1. This was needed as gpg was installed on my NAS without gpg-agent (? to be investigated later)…
    5. Now, install GIT as explained here.
    6. Finally run:
      1. cd /volume1/
        1. There was not enough free space in the system partition to install the toolkit!!
      2. mkdir -p toolkit
      3. cd toolkit/
      4. git clone https://github.com/SynologyOpenSource/pkgscripts-ng pkgscripts
      5. cd pkgscripts/

    If you want to use the toolkit for other purpose than signing

    You can check the available platform for your DSM version in the toolkit (e.g. here for 6.1). Run : ./EnvDeploy -v 6.1 --list

    It should display a list like this one:

    Available platforms: 6281 alpine alpine4k armada370 armada375 armada38x armadaxp avoton braswell broadwell bromolow cedarview comcerto2k dockerx64 evansport grantley hi3535 kvmx64 monaco qoriq x64 rtd1296 denverton apollolake

    • N.B.: The major and minor version (E.g. 6.1 for major=6 and minor =1) of your DSM can be found using: cat /etc.defaults/VERSION
    • N.B.: the platform of your Synology can be found in this list based on your model (See the column “Package Arch”). The model of your Synology can be found running the command:  cat /etc.defaults/synoinfo.conf | grep -m 1 ‘upnpmodelname’ | cut -d “=” -f 2
    • N.B.: You can also check the CPU of your Synology using: cat /proc/cpuinfo | grep -m 1 ‘model name’ | cut -d “:” -f 2 | cut -d “@” -f 1

    And you can configure the toolkit by running the following command with your DSM version (E.g.: 6.1) and platform (E.g.: avoton) as parameter: ./EnvDeploy -v 6.1 -p avoton

    • NB: the platform must be in lower case !!!

    In order to sign packages

    You have to create a GPG key. Type: /opt/bin/gpg2 --gen-key

    Once prompted, choose:

    • RSA and RSA (default)
    • key size 1024, 2048 or 4096
    • key does not expire
    • And do not type any passphrase. Just press ‘Enter’ without typing any character until it accepts to not make your key secure.

    gpg (GnuPG) 2.0.18; Copyright (C) 2011 Free Software Foundation, Inc.
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.

    Please select what kind of key you want:
    (1) RSA and RSA (default)
    (2) DSA and Elgamal
    (3) DSA (sign only)
    (4) RSA (sign only)
    Your selection? 1
    RSA keys may be between 1024 and 4096 bits long.
    What keysize do you want? (2048) 2048
    Requested keysize is 2048 bits
    Please specify how long the key should be valid.
    0 = key does not expire
    <n> = key expires in n days
    <n>w = key expires in n weeks
    <n>m = key expires in n months
    <n>y = key expires in n years
    Key is valid for? (0) 0
    Key does not expire at all
    Is this correct? (y/N) y

    GnuPG needs to construct a user ID to identify your key.

    Real name: vletroye
    Email address: <obfuscated>
    Comment: BeatificaBytes’ Packages
    You selected this USER-ID:
    “vletroye <obfuscated>”

    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
    You need a Passphrase to protect your secret key.

    You don’t want a passphrase – this is probably a *bad* idea!
    I will do it anyway. You can change your passphrase at any time,
    using this program with the option “--edit-key”.

    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    gpg: key 9ABC9981 marked as ultimately trusted
    public and secret key created and signed.

    gpg: checking the trustdb
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
    pub 2048R/9C293482 2017-12-23
    Key fingerprint = 4AB4 051C EF8D 009D 4BF3 D78F EEBC 5B44 9C29 3481
    uid vletroye (BeatificaBytes’ Packages) <obfuscated>
    sub 2048R/4C18D693 2017-12-23

    You can now:

    • view public keys using: gpg2 --list-keys
    • view private keys using: gpg2 --list-secret-keys
    • delete a private key: gpg2 --delete-secret-key <user name> (you can also use the <email> or <key id>, displayed after pub xxxxR/ where xxxx is the keysize, e.g.: 1024)
      • Ex.: gpg2 --delete-secret-key vletroye
      • Ex.: gpg2 --delete-secret-key 9C293482
    • delete a public key: gpg2 --delete-key <user name>
    • You can also use specific rings (Ex.: if you did copy them somewhere else than the default user’s home folder : ~/.gnupg)
      • gpg2 --no-default-keyring --secret-keyring /root/.gnupg/secring.gpg --list-keys
      • gpg2 --no-default-keyring --secret-keyring /root/.gnupg/secring.gpg --list-secret-keys
      • gpg2 --no-default-keyring --keyring /root/.gnupg/secring.gpg --list-keys
      • gpg2 --no-default-keyring --keyring /root/.gnupg/secring.gpg --list-secret-keys

    And last but not least… you can finally sign a package located e.g. under /web/packages, using: php CodeSign.php --sign=/volume1/web/packages/YourPackage.spk --keydir=/root/.gnupg --keyfpr=9C293482

    Now that this package is signed, add your certificate into the list of trusted publishers within your Synology’s Package Center.

    1. First, run: gpg2 --armor --export <user name> > YourCertificate.asc
    2. Next copy this one into a public shared folder. E.g.: cp YourCertificate.asc /volume1/web/packages/
    3. Finally:
      1. import it: Package Center > Settings > Certificate > Import > Browse >
      2. and only trust Synology Inc. and trusted publishers: Package Center > Settings > General
    Import Certificate
    Import Certificate
    Trusted Publishers
    Trusted Publishers

     

    Instead of manually importing your certificate as illustrated above, if you are using SSPKS to distribute your packages, you can copy it there: cp YourCertificate.asc /var/services/web/sspks/gpgkey.asc

    Doing so, it will automatically be added as a trusted publisher for anyone who is adding your SSPKS url in his list of “Package Sources”.

     

    Loading

  • Find Synology information using Shell commands

    The model of your Synology can be found running the command:  cat /etc.defaults/synoinfo.conf | grep -m 1 ‘upnpmodelname’ | cut -d “=” -f 2

    The CPU of your Synology can be found using: cat /proc/cpuinfo | grep -m 1 ‘model name’ | cut -d “:” -f 2 | cut -d “@” -f 1

    The version of your DSM can be found using: cat /etc.defaults/VERSION

    Loading

  • Plex Server not found after Synology update to DSM 1.10.1.4602

    After updating DSM on my Synology, Plex Media Player was not able to find the Plex Server running there.

    Plex Server Not Found

    Click to Read More

    Plex Server was clearly running as I was able to connect via http://<My Synology>:32400/web/index.html

    But it was not responding to any request to display Libraries or to play any Movies… To solve this, I had to :

    1. Stop the package Plex via the DSM Package Center
    2. Log in my NAS as an administrator, in a SSH console, via Putty and enter root mode.
    3. Find Plex process still running via the command: ps -gaceux | grep plex
      1. This command displayed: plex 13150 0.2 0.2 677640 17832 ? Sl Dec17 7:41 Plex Media Server
    4. Kill plex’s remaining process: kill -9 13150
    5. Possibly do also delete the Plex’s Plugin Service as done here.
    6. Start the package Plex via the DSM Package Center

    Et voilà.

    IMO, the problem was that I didn’t stop properly Plex Package before updating my DSM. The Plex instance running at that time apparently didn’t completely shutdown. But it was not really running fine anymore either. Unfortunately, that instance was preventing a new one to start (as it was still using the port 32400).

    Loading

  • Plex Media Server not matching/downloading metadata anymore

    Since a few days, My Plex Media Server, hosted on my Synology, was not able to match movies anymore. And when matching movies manually, it was sometimes downloading the covers but never the metadata. Deleting the Service plugin solved the problem.

    Click to Read More

    I read that IPV6 could be the cause of such a problem, and that turning it off on the Synloloy was the solution. I tried that but without success.

    Was solved my problem was to:

    1. Stop Plex via the DSM’s Package Manager
    2. Log in my NAS as an administrator, in a SSH console, via Putty and enter root mode.
    3. Enter Plex’s Plugin folder using a command like: cd /volume1/Plex/Library/Application\ Support/Plex\ Media\ Server/Plug-ins/
    4. Delete the service plugin:  rm -R Services.bundle
    5. Restart Plex via the DSM’s Package Manager

    Loading