- 12
- 7
- NAS
- DS923+
- Operating system
- Linux
- macOS
- Mobile operating system
- iOS
Last edited:
When I first setup my NAS to host a website, it started a massive search. Every time I figured something out, it unearthed more questions. I recall having wished I could get all that info in one place. To that end, I will share it all here, and continue to, when I find something helpful. That said, some is repeat info, but handy that it’s all in one post. I work on a Mac, I’m not sure the windows equivalent to some of this post.
I won’t bore you with setting up SSH access, it’s pretty straight forward. While it’s not the most secure method, I recommend changing the default SSH port, make it something in the 50,000s. While is not solely a security measure to rely on, it is security through obscurity. Once you’ve set it up, run the first cmd to login via ssh.
Basic SSH login
LOCAL:
To create authentication keys, run the following commands.
NAS:
This creates and applies perms to a .ssh dir on your NAS.
LOCAL:
This creates keys with the default name of 'id_rsa' on the .ssh dir and copies the public key to NAS user's .ssh dir in the NAS.
NAS:
Uncomment line that says: #PubkeyAuthentication yes
Uncomment the line that says: #AuthorizedKeyFiles .ssh/authorized_keys
Make sure that line is uncommented that says: ChallengeResponseAuthentication no
Optionally, if you want to disable password-based logins, add/change a line: PasswordAuthentication no
'A' key to modify a line save the file and exit the editor (ESC, :wq, return)
KEYS MUST HAVE 600 ON NEW LOCAL MACHINE (optional)
Create a config file (optional)
This will create an SSH config file
LOCAL:
The config file looks like this:
I like to add debugging when im first setting things up.As well I like to clear the terminal on connect. More info can be found here.
Now you can SSH in with
GIT Setup
You can find GIT in the package center. Create a shared folder (mine’s called git), and give access to the user you created the key for. To create your first repo run the following commands
NAS:
Clone the newly created repo to your local dev machine
LOCAL:
This will create a dir/folder called <repo-name>, and set your commit email and name.
Web Station setup
There are a few packages to install, depending on what you dev, at the least you’ll want the Web Station package. I can’t remember if it creates the DIR for you, but if not, create a shared folder (mine’s called web), and give access to the user you created the key for. You can access it at: http://<nas-local-ip>/index.html. I like to build a simple page to list all the sites that I have hosted.
GIT repo in Web Station && Auto Pull (Optional)
This next piece is a two parter, both are debated between devs. The first is putting your repo on your web server, as a means to deploy.
If your git server && web host are on different devices, you'll have to setup an ssh key for use between those machines.
NAS:
OR IF GIT SERVER AND WEB SERVER ARE SAME MACHINE
To deploy run the following commands.
NAS:
The second is auto deploy on push. If someone pushes something funky to the repo, It will automatically push it live. This can be troublesome, but it’s a huge time saver.
Your post-receive file looks like this:
OR IF GIT SERVER AND WEB SERVER ARE SAME MACHINE
After you created the file move it to /volume1/git/<repo-name>.git/hooks on your NAS, and run the following commands. You are also making it executable.
NAS:
I personally wouldn’t use either on a prod server, but it’s fine for a dev server. I personally wouldn’t run a prod server on a NAS connected to my residential network either.
I hope you found my first tut helpful. Reach out if you want some help. Feel free to comment corrections, or an ideal way of doing something.
to be continued...
I won’t bore you with setting up SSH access, it’s pretty straight forward. While it’s not the most secure method, I recommend changing the default SSH port, make it something in the 50,000s. While is not solely a security measure to rely on, it is security through obscurity. Once you’ve set it up, run the first cmd to login via ssh.
Basic SSH login
LOCAL:
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
To create authentication keys, run the following commands.
NAS:
Code:
mkdir ~/.ssh
chmod 700 ~/.ssh
LOCAL:
Code:
mkdir ~/.ssh
chmod 700 ~/.ssh
cd ~/.ssh
ssh-keygen -t rsa -b 4096
eval `ssh-agent`
ssh-add --apple-use-keychain ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub | ssh <nas-user>@<nas-local-ip> -p <ssh-port> 'cat >> /volume1/homes/<nas-user>/.ssh/id_rsa.pub'
NAS:
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
cd ~/.ssh
cp id_rsa.pub authorized_keys
chmod 0644 authorized_keys
sudo vi /etc/ssh/sshd_config
Uncomment the line that says: #AuthorizedKeyFiles .ssh/authorized_keys
Make sure that line is uncommented that says: ChallengeResponseAuthentication no
Optionally, if you want to disable password-based logins, add/change a line: PasswordAuthentication no
'A' key to modify a line save the file and exit the editor (ESC, :wq, return)
KEYS MUST HAVE 600 ON NEW LOCAL MACHINE (optional)
Code:
mkdir ~/.ssh
chmod 700 ~/.ssh
cd ~/.ssh
chmod 600 id_rsa
Create a config file (optional)
This will create an SSH config file
LOCAL:
Code:
cd ~/.ssh
touch config
The config file looks like this:
Code:
Host <whatever>
HostName <nas-local-ip>
User <nas-user>
Port <ssh-port>
IdentityFile /Users/<local-user>/.ssh/id_rsa
AddKeysToAgent yes
UseKeychain yes
PermitLocalCommand yes
LocalCommand clear
Host *
LogLevel DEBUG
Now you can SSH in with
Code:
ssh <whatever>
GIT Setup
You can find GIT in the package center. Create a shared folder (mine’s called git), and give access to the user you created the key for. To create your first repo run the following commands
NAS:
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
cd /volume1/git/
git --bare init <repo-name>.git
chown -R <nas-user>:users <repo-name>.git
cd <repo-name>.git
git update-server-info
Clone the newly created repo to your local dev machine
LOCAL:
Code:
cd ~/Documents/<working-dir>
git clone ssh://<nas-user>@<nas-local-ip>:<ssh-port>/volume1/git/<repo-name>.git
git config --global user.email “<email>@<address>”
git config --global user.name “Tyler Durden”
Web Station setup
There are a few packages to install, depending on what you dev, at the least you’ll want the Web Station package. I can’t remember if it creates the DIR for you, but if not, create a shared folder (mine’s called web), and give access to the user you created the key for. You can access it at: http://<nas-local-ip>/index.html. I like to build a simple page to list all the sites that I have hosted.
GIT repo in Web Station && Auto Pull (Optional)
This next piece is a two parter, both are debated between devs. The first is putting your repo on your web server, as a means to deploy.
If your git server && web host are on different devices, you'll have to setup an ssh key for use between those machines.
NAS:
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
cd /volume1/web/
git clone ssh://<nas-user>@<nas-local-ip>:<ssh-port>/volume1/git/<repo-name>.git
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
cd /volume1/web/
git clone /volume1/git/<repo-name>.git
NAS:
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
cd /volume1/web/<repo-name>
git pull
Your post-receive file looks like this:
Code:
#!/usr/bin/env bash
TARGET="/volume1/web/<repo-name>"
GIT_DIR="/volume1/git/<repo-name>.git"
BRANCH="master"
while read oldrev newrev ref
do
# only checking out the master (or whatever branch you would like to deploy)
if [[ $ref = refs/heads/$BRANCH ]];
then
echo "Ref $ref received. Deploying ${BRANCH} branch to production..."
git --work-tree=$TARGET --git-dir=$GIT_DIR checkout -f
else
echo "Ref $ref received. Doing nothing: only the ${BRANCH} branch may be deployed on this server."
fi
echo "<repo-name> is now on web/<repo-name>”
done
OR IF GIT SERVER AND WEB SERVER ARE SAME MACHINE
Code:
#!/usr/bin/env bash
TARGET="/volume1/web/<repo-name>"
GIT_DIR="/volume1/git/<repo-name>.git"
BRANCH="master"
cd $TARGET && git --git-dir=$TARGET/.git pull
NAS:
Code:
ssh <nas-user>@<nas-local-ip> -p <ssh-port>
cd /volume1/git/<repo-name>.git/hooks
chmod +x post-receive
I hope you found my first tut helpful. Reach out if you want some help. Feel free to comment corrections, or an ideal way of doing something.
to be continued...