Synology ZeroTier Setup

Create a persistent TUN

SSH into your NAS

ssh user@local-ip

The following setup steps must be run as root

sudo -i

Write script to /usr/local/etc/rc.d/tun.sh that will setup /dev/net/tun on startup

echo -e '#!/bin/sh -e \ninsmod /lib/modules/tun.ko' > /usr/local/etc/rc.d/tun.sh

Set executable permissions on script

chmod a+x /usr/local/etc/rc.d/tun.sh

Run script once to create a TUN

/usr/local/etc/rc.d/tun.sh

Check for the TUN

ls /dev/net/tun
/dev/net/tun

If you experience trouble getting the TUN to work check out Rui Marinho’s guide

Install docker on your NAS

Package Center -> Search “Docker” -> Install

Set up container

Make directory to store ZeroTier’s identity and config

mkdir /var/lib/zerotier-one
CAUTION
In the next step we bind mount to the host's /var/lib/zerotier-one created above in order to store ZeroTier's identity. This is not guaranteed to survive DSM updates. I would suggest placing this on an automatically-mounted volume where your other private user data resides. The location you choose to store your identities should be kept secure and never placed on a shared volume that others can access. 

Make Docker container called zt (Repo: zerotier/zerotier-synology)

docker run -d          \
 --name zt             \
 --restart=always      \
 --device=/dev/net/tun \
 --net=host            \
 --cap-add=NET_ADMIN   \
 --cap-add=SYS_ADMIN   \
 -v /var/lib/zerotier-one:/var/lib/zerotier-one zerotier/zerotier-synology:latest

Usage

Previous versions of our package contained a GUI, however this is no longer the case and it is for the better. The CLI can be used as follows:

View node status

docker exec -it zt zerotier-cli status

Join your network

docker exec -it zt zerotier-cli join <network id>

Authorize the NAS on your network. Then view the network status:

docker exec -it zt zerotier-cli listnetworks

Show running container (optional)

docker ps

Enter the container (optional)

docker exec -it zt bash

Upgrading ZeroTier

To upgrade ZeroTier you’ll need to stop and remove the container, then pull latest and start a new container:

docker ps

Example output:

CONTAINER ID   IMAGE                               COMMAND          CREATED          STATUS   PORTS NAMES
52c7cb58a1dd   zerotier/zerotier-synology:latest   "zerotier-one"   5 weeks ago Up   9 days   zt

Stop the container

docker stop 52c7cb58a1dd

Remove the container

docker container rm 52c7cb58a1dd

Pull latest updates

docker pull zerotier/zerotier-synology:latest

Now, re-run the commands from the Set up container section.


Stolen word-for-word, command-for-command from Synology NAS

Leave a Comment