Monthly Archives: August 2023

Install Tailscale on Synology DSM 7 via Quickconnect

Tech, ,

To keep this tutorial short, I'm assuming that the reader has the minimal level of knowledge to use upload file, launch a container on the NAS and use SSH.

This is a solution to configure Tailscale remotely when you only have a quickconnect access to your NAS.

Install Container Manager on the NAS

Click on 'Package Center' -> Search for 'Container Manager" -> and install it.
It'll create a docker volume that we are going to use next.

Enable SSH on the NAS

Click on 'Control Panel' -> 'Terminal & SNMP' -> 'Enable SSH service'.
Keep the default port to 22. If you modify it, modify also the port value in the ngrok.yml config file below.

Setup NGROK

https://ngrok.com/ is a tool to easily expose services behind NATs to public internet.

  1. Create a free account
  2. Retrieve your NGROK_AUTHTOKEN
  3. Create a file ngrok.yml with this content
version: 2
authtoken: NGROK_AUTHTOKEN
tunnels:
  dsm:
    proto: http
    addr: https://localhost:5001
  ssh:
    proto: tcp
    addr: 22

The first dsm service will expose the DSM web interface service.
The second ssh service will expose the SSH service

  1. Replace NGROK_AUTHTOKEN by the value you got from step 2.
  2. Upload the file in the docker volume.
  3. Open the 'Container Manager'
  4. From the Registry menu, download the ngrok/ngrok image for the release 3-alpine.
    (It's always better to fix the release version instead of taking latest for later compatibility)
  5. From the 'Container' menu, create a container
    • image: ngrok/ngrok:3-alpine
    • keep 'Enable auto-restart' disable. It's not needed.
    • 'Add File' in 'Volume settings' mapping '/docker/ngrok.yml' to '/ngrok.yml' in Read-Only
    • Select 'Host' in the 'Network'
    • Set start --config /ngrok.yml --all as 'Command' in the 'Execution Command'
  6. And run it

If ok, the container should be green and you will have two endpoints in your ngrok endpoints dashboard.

Setup Tailscale

Use the HTTPS endpoints to connect to your NAS and once connected, install Tailscale from the 'Package Center'.

From the NAS, click on 'Open' Tailscale, log in and add your devices to your account.

From the NAS, click again on 'Open' and activate the 'Advertise as Exit Node'

From that point on, I'm assuming you know how to configure and use Tailscale.

The last step is to advertise route. For this step, you'll need to use the TCP endpoint you configured with ngrok.
Use it to ssh to your NAS ssh -p <the port> <user>:<the tcp url without tcp://>
Once connected, configure the advertising route with this command
sudo tailscale up --advertise-routes 192.168.1.0/24 --advertise-exit-node --reset

Conclusion

Congrats, you're done !
For security, you can stop the ngrok container and even deactivate the SSH service.