Question Snappass with https?

Currently reading
Question Snappass with https?

2,279
956
NAS
DS220+ : DS1019+ : DS920+ : DS118 : APC Back UPS ES 700 — Mac/iOS user
Since I managed to get snappass working, I thought I should have it on its own thread for discussion.

I’m only facing one problem. Currently it only works with http, I’m trying to make it work with https.

If I use
http://myds.synology.me:xyz
Where xyz is the Snappass container port, it works and I get the snappass screen.

If I try https instead. I get the
…couldn’t establish a secure connection to the server.

I believe it has something to do with it not seeing the LE certificate.

There’s this container environment variable that says:
No_ssl with a value of false. Does it have anything to do with that?
 
Have you considered posting a guide to setting this up? It looked easy to me, but the container falls short of running. Maybe I'm using a buggy image... but I doubt that's it.
Me posting a guide about something to do with Docker 🤣🤣🤣
Sure. Let me recall the steps and I’ll come back and jot them down here.

Until then. Snappass needs Redis, did you install it?
 
Have you tried to set it up via Reverse Proxy option in Application Portal (control panel)?
RP works. One caveat though is that the generated URL is http (expected). Just need to add an “s” to make it “https” and it works.

I’d like to see how Tornote compares. For instance, Snappass allows the user to generate a secret note after reveling the one I sent. Like if it’s a public website. I don’t want that. But for now, this is very good and at least I can use my DS to share brief info instead of the public ones.
 
Have you considered posting a guide to setting this up?


This is what I did and worked for me. I understand that there might be other (easier) ways.
  • First, go to package center and install Redis from SynoCommunity and start it. If you can’t find it, then you’ll need to add SynoCommunity to your package sources and it’ll appear. SynoCommunity
  • Now for Snappass, go to pinterest/snappass
  • Click on code (green button) and dload the zip file to your computer.
  • Using FileStation, upload it to your DiskStation under Docker’s directory.
  • While in FileStation, extract it.
  • Now SSH to your DS and elevate to root (sudo -i).
  • cd /volume1/docker/snappass-master (unless you uploaded to a different volume, then use that)
  • docker-compose up -d
  • I immediately went and changed the default port (5000) to something else. Done by stopping the container in Docker’s GUI and clicking edit > port settings tab.
  • Test it by going http://your-DS-ip:the-port
  • Now RP it with https. However, the generated url will be http. Just change it to https. You can use a url shortener too.
I hope it works :)
 
I’d like to see how Tornote compares.
Changes have been update a while ago for tornote. Still havent tested it, will later on and post back. What I see from the e-mail notification https access will be a mandatory step from now on, but I need to see if it works as intended.
 
Thank you @Rusty for following up on this. I appreciate the options you posted initially too, as it led me to discover (and install) SnapPass. Now I have both running. Two strikes in a row on Docker, I’m rolling here 🤣

I’ll play with both for a while before deciding on sticking with one.

Here’s my comments comparing the two solutions so far. I’ve only tried Tornote with http, didn’t try to configure https. Just wanted to see how it compares to SnapPass.
  • Both offer the recipient a chance to create an encrypted note. Not my preference. I was hoping that maybe Tornote has an option to disable this. I just want one way of passing information. However, this might be useful for someone who might need a secure reply back. So could be handy. Not for me though (for now at least).
  • SnapPass has expiry options which I like (hour, day, week, two weeks) So if the URL is not used, the note will self-destruct after the specified time.
  • SnapPass will warn the recipient before showing the secret note (that it can only be shown once), while Tornote shows the note immediately.
  • SnapPass has a copy button to copy the generated URL. One must manually highlight the URL and copy it in Tornote.
  • SnapPass uses AES-128 bit encryption (Fernet) while Tornote uses AES-256 bit encryption.
  • Associated databases. It seems that Redis (SnapPass) uses much less RAM than Postgres (Tornote), currently showing 21 MB vs. 251 MB.
 
Both offer the recipient a chance to create an encrypted note
I see where you are coming from with this one, but for me, I prefer to have it open, just so both parties can use the platform.

SnapPass has expiry options which I like (hour, day, week, two weeks) So if the URL is not used, the note will self-destruct after the specified time.
This would be a nice addition to TorNote considering that, unless you copy the url and click to go and make a new note, the old is "stuck" and unusable. Unless you have access to the DB and delete it from there (happened to me yesterday)

SnapPass will warn the recipient before showing the secret note (that it can only be shown once), while Tornote shows the note immediately.
On the fence with this one. I could go either way.

SnapPass has a copy button to copy the generated URL. One must manually highlight the URL and copy it in Tornote.
There is no need to select it. In TorNote as soon as you generate the URL it is already selected, just do cmd+c or ctrl+c and it is in your clipboard. I like it and prefer this way then having a button. On the other hand, not everyone is keen on using the keyboard so, again, +1 for the button as well.
 
BTW (and I’m sure this is very obvious) for SnapPass (and I believe the same for Tornote, but I didn’t check it), one can check if the shared URL was retrieved or not by checking the SnapPass log.
Just double-click the SnapPass container > log tab, and find the latest entries.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
https://bitwarden.dadsnas.i234.me:443 still directs to DSM login screen. I did not have "automatically...
Replies
11
Views
2,518
Setup of BW will take a few minutes then you will achieve free of charge full version of your own host for...
Replies
22
Views
21,801
You're a genius, doing what you said sorted my issue out. Here's a screenshot for anyone else who has the...
Replies
9
Views
7,145
traefik sounds intriguing, but I have a strict policy of not running programs that are smarter than I am.
Replies
9
Views
6,881

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top