Sunday, 8 August 2021

Some Bits to Remember About Synology Standard Operating Procedures

Since running the Synology at home for a while now, there's a few things that I wanted to note which aren't really intuitive and I don't do often enough to remember. 

Encrypted folders are setup in a couple ways which I touched on in Home NAS Encryption 

One uses a key file stored on a removable USB drive. I have it setup to mount automatically so that's okay... But I used a really old USB key because obviously I didn't need an 32GB key to store a 32KB file but it's flaky so sometimes the USB key isn't available and it doesn't mount until I wiggle the key and re-mount.

Second uses a passphrase so there's no way to mount automatically and whenever I reboot like after a DSM update I have to go back in.

To mount the encrypted share manually, whatever the case it isn't mounted automatically, it is found in control panel.
  1. Open Control Panel
  2. Navigate to Shared Folder
  3. Select the share with the closed lock
  4. Encryption menu
  5. Mount
  6. Provide passphrase (if applicable)
The other part of the S.O.P. is updating the DSM and package software, i.e. the most common cause for reboot :) It's all been really smooth so I try to do it all the time.

DSM 7.0 was released a little while ago and I left the major version upgrade just so that I wasn't among the earliest adopters. Ran the upgrade today and it was seamless so far and Synology provided some clear prompts on cleanup items like removing obsolete packages (like Python now part of DSM).



Friday, 23 April 2021

Now Certified

Passed my Microsoft Azure Fundamentals certification this week and this is my first Microsoft exam. My primary resource was Microsoft Learn where there is a lot of material broken up into 30-60 minute lessons including some labs. Also used the practice tests and did those many times before writing the cert exam itself. 

Tuesday, 30 March 2021

Passwords Passwords Everywhere

I seem to need passwords more and more often. They're so convenient! Couple methods I've been using depending on the lazy-vs-security trade-offs. 

Registering for websites online, Chrome or any browser can generate passwords. 

 For secure passwords I use KeePass

There's the old dummy password only used for the real junky junk that isn't worth protecting. password generator. "pwgen" with or without "strong". Also for bonus lazy, I changed the search engine in Chrome to be "duck" for short so in the title bar I can type "duck pwgen 10". 

 Stay Safe!

 - Dom617B

Monday, 8 March 2021

Azure Fundamentals, PowerShell, and More

We have a big push at #dayjob to transition from traditional server operations to automation and Cloud so I've been learning new things and trying as best as possible to sweep out the cobwebs upstairs. Really want to be able to competently support my colleagues as it is going to be a very hard time for many. 

PowerShell was really what got me moving. I've been doing odds and ends scripts and finally got a couple books as to take things further. "Learn Windows PowerShell in a Month of Lunches" was really just to get a passable foundation to get into "Learn PowerShell Scripting in a Month of Lunches". By the time I got through those two books, I was using VS Code and GitHub and will definitely re-read some of those chapters to get a more professional level of coding practice. After reading those I wanted to learn more and starting using Microsoft Learn with a goal to get Azure Fundamentals certification and go from there. The material available so far has been great. Mostly in about 30 minute chunks. Lots of references available, some labs are available, and all free. I'm still on pretty basic stuff though feel like I'll plow through a lot. Azure is crazy huge - there are so many services and the global environment is absolutely gigantic. 

The Azure Fundamentals learning path lead me into another tangent to go through the learning path to build a .Net application with C#. The Azure path got to a point that one of the sessions was recommending as pre-requisites to have knowledge of API and WebAPI in C# and .Net and I do want to be able to get the best use out of labs that I can. My programming is really rusty, but having done so much in school, the pace of the early lessons are more frustratingly slow. My expectations are out of whack - like I'm learning basic syntax like variable declaration but then also what's a container anyways? 

It's been refreshing to be learning and be re-aligning my skills with the current world. 



Sunday, 22 November 2020

New Website Name: Dom617b

Welcome to Dom617b! 

At least if I've setup all the new names, redirects, and certificates. Otherwise, you're not seeing this for which I have only myself to blame. The process I think could have been simple and I'll add a few notes about where Google is tying in services.

  1. Go to Blogger Settings and change the name 
    1. Disabling HTTPS first may have made things a little easier as it was initially hard to follow the redirects while that was still changing
    2. Change the Custom Domain to the new name
  2. Update DNS and with Google Domains this is at least partially integrated
    1. In Google Domains, verify that the "synthetic record" is registered
    2. OR setup DNS CNAME pointing to 
  3. Redirect old name to new and in Google Domains there is a forwarding feature 
    1. Remove the old CNAME
    2. Add a forwarding entry with settings as applicable
      1. 301 Permanent redirect
      2. Redirect full path (i.e. oldsite/page.html -> newsite/page.html vs to newsite/)
      3. Enable HTTPS redirection
  4. Wait - like a day or two
    1. New name was resolving fine within a few minutes really
    2. Redirects were almost instant
    3. HTTPS was the slowest part
  5. In Blogger Settings turn on HTTPS and redirect to HTTPS if not already done

Its long past time to move on from the online handle I was using in high school so here I am Dom617b! The 617b is what I use when I can't get my own name or handle when registering for some site so that ties in to the old part, plus "617" kinda looks like "bit" in 1337 and "b" for binary, so it all comes together as a Nibble handle. 



Saturday, 26 September 2020

Home NAS Part 3: Encryption

 The Synology DSM supports creating encrypted file shares and I want to use this for backups as these can contain personal files. Initial setup seems pretty flexible as you can create a share with encryption or enable encryption on an existing share and you can use key files or pass phrases and there's a feature called a Key Manager with good documentation for DSM for all of these.

My setup is to use a removable device as a key store. 

It starts with setting up the Key Manager from the Control Panel under Shared Folders. From here you initialize the Key Manager and pick the USB device (otherwise internal) and set a passphrase for the Key Manager. 

Then start creating shared folders that use encryption and you can pick the key manager. This also lets you pick if you want encrypted folders to be enabled automatically on boot which would require leaving your external key manager device connected.

After that, you need to keep copies of your key store and keys somewhere safe in case you lose key store device.

Once all setup you can start using that file share and it is pretty much seamless. In Windows I removed the old file history backup target and re-added the new encrypted share. On the Synology I removed the cloud backup targets, moving the files to the new location, and re-adding the cloud targets using the new location. 

Stay safe 🔐

Saturday, 5 September 2020

Home NAS part 2: No Regrets? Let's Get Setup

 Following actually picking and buying a NAS in Home NAS Part 1 the initial setup of the Synology is of course very easy. If you don't get distracted by all the buttons and spend days and days with "what's it do? what's this do? what's this do?" 

First of all I should have gotten one of these 2 bay NAS *ages* ago and even the cheapest model would be fine. So I'll start with the list of things that are overkill in my setup.

  • Dual-LAN. I just don't have enough concurrent devices to ever possibly saturate my network and since everything is WiFi even if I did, that would still be below 1 Gb that a single link would do. But it does afford a backup in case of failing cable or network port so I'm still using it.
  • NVMe cache. If I can't even fill up the WiFis how could I possibly saturate the drives? I at least held back from the 2xNVMe which would add write caching as well as read caching. Current reported cache usage on the 500 GB NVMe? ~350 MB. While theoretically possible I might one day get a performance boost, does seem unlikely, don't it? It does reduce drive activity so I'll keep it in the theory that maybe the drives themselves will last longer.

  • 4 TB drives. Okay so I just went with a drive size I had in budget. After copying all the data I wanted on there, usage is ~450 GB (are we seeing a pattern yet?). Truthfully, the bottom-end purchase price isn't that far off and it does forestall having to ever buy new drives except as replacements. Of all the overkill things, this is the least controversial under the heading "storage is cheap"

  • Memory upgrade. Basically like the storage, I was building the spec and saw "oh, can upgrade memory, that sounds cool" and bought a DIMM for it. I think in theory I might eventually use some of that memory and the computing power in the device if I run Plex from there. Mostly I was paranoid that I wouldn't be able to get a compatible part in the future.
  • The DS720+ itself comes with a 4 core CPU. I... Well it's just faster okay? We are not taking any further questions at this time. 
This is to say this NAS is a miniature powerhouse relative to its task and purpose. I setup a couple initial shares, a couple accounts, and transferred all my files over. 

Right away file share was far more stable than either the USB drive I'd tried attached to the ASUS router and far more reasonable than running a full sized desktop to be running all the time. Also really so much better to consolidate storage from many places.

The DS Finder app on mobile is used during initial setup and for general admin. Its been great so far, which I kind of expect for modern devices (like ASUS routers). One tidbit is that during setup you setup an account and the first account is a general admin which I went back in later to add a separated admin user and demoted my own "normal" account. 

One awesome app on the Synology is Cloud Sync basically to pull down files from OneDrive and Google drive, and any number of accounts which gives me a real backup of all that data.

The photos stuff I'm not 100% keen on as it looks like Synology has been trying different things over the years and that's the one thing that's really long term retention so not too confident there yet. It's not like the files go away so I am trying the Moments app which is scooping pictures from my phone and uploading them to the NAS. I went through the Google Takeout process to harvest all my photos that are up there and copy them to the NAS, plus the computer, plus the laptop, etc. 

That's about as far as I've gotten so once I do start setting more up on there whether external access like to get files from mobile device while remote or Plex Server and dumping more multimedia on there, all kinds of cool stuff on there eventually.


Popular Posts