Synology and Tailscale

synology, tailscale

I bought an old Synology DS115j recently, because I was putting off configuring an old laptop as server for a long time, and I needed something that could host 3.5" drives. First thing was to discover that all my TVs can stream from the DNLA service without setup (i.e. gathering telemetry), so that’s great! Also saves me from syncing the various USB drives I had pluggid into the TVs all over the house.

Some other things I wanted it to do was host photos in a way I could share a link with friends and family, without relying on Big Tech services. Well, Synology has got you covered, but the builtin photo app is both quite heavy (and I have 100k+ photos), and requires an app. I use Resilion Sync, but that was too much for the 256MB RAM. No way that would work.

I prefer to generate a (static) website myself and use the Synology to host. Well, you can! Although the docs tell you to install Web Station and then PHP or Python, you can actually leave the latter out. Just Web Station is enough for you to be able to access /web on the 80 and 443 ports. Just overwrite the index.html Synology put there.

You can forward ports on your router and then access by IP-address, but that kind of exposure isn’t a great idea. I saw Tailscale available in the Synology ‘store’, and turns out they have a funnel service. My first thought was to use Cloudflare Tunnel (I use Cloudflare for my websites already), but the advised way to get that running is to run a docker image, which again is too much for this old little thing. Turns out there is a third party package, but I decided to go with the officially provided Tailscale package first.

It works! After installation it requires a boot script as of DSM7. That left a hint as how to setup the rest:

sleep 120; /var/packages/Tailscale/target/bin/tailscale funnel 80

Sleep because Tailscale needs some time to restart (certainly on this machine), port 80 because the https certificate that Synology uses is self-signed which Tailscale doesn’t accept.

Lastly, the Synology didn’t show up as being able to configure as exit node. A second script was needed:

/var/packages/Tailscale/target/bin/tailscale up --reset --advertise-exit-node

After this you must enable the capability on the Tailscale website, and select on your other devices the machine as exit node. Nice, a safe tunnel home from anywhere in the world.

So far, no resource issues; RAM consumption is about 50%, idle CPU usage <5%.