Sometimes, regardless of the possibilities offered by “the cloud”, you want to host important services yourself. For me as a software and DevOp engineer, this applies to my source code. For this reason, I host my GitLab instance myself. Since the GitLab package for DSM provided by Synology is outdated, I will explain here how to install the latest version of GitLab on a DiskStation using Docker.Read More
There are a lot of instructions available on how to connect your FritzBox to a server via VPN. But since it took me a long time to find a working tutorial myself, here again a post describing how to set up a FritzBox LAN 2 LAN VPN with StrongSwan (based on the site https://seffner-schlesier.de/news/ipsec-zwischen-avm-fritzbox-und-strongswan/).Read More
It’s happened to me several times now that an application I run on my DS 1817+ has problems with websockets. This is because I use the reverse proxy built into DSM, which does not support websockets by default. For this reason, here’s a little tutorial on how to enable Websockets for Synology DSM reverse proxy.
Enable Websockets in DSM Reverse Proxy
Actually, it is extremely easy to enable Websockets for Synology DSM reverse proxy:
- Open Control Panel > Application Portal
- Change to the Reverse Proxy tab
- Select the proxy rule for which you want to enable Websockets and click on Edit
- Change to the Custom Headers tab
- Add two entries in the list:
- Name: “Upgrade”, Value: “$http_upgrade”
- Name: “Connection”, Value: “$connection_upgrade”
Repeat these steps for every rule where you want to enable Websockets.
An essential part of PGP is the mutual validation of key pairs. This confirms that the information about the owner stored in the key corresponds to reality (e.g. ownership of this key). This post describes the process of signing PGP keys with GnuPG. Read More
If you want to use Docker on servers or virtual machines, technical limitations can sometimes lead to a situation in which – even without intentional limitation – it is not possible to access the outer world from a docker container. Read More
In order to gain experience with a Kubernetes cluster or to be able to experiment with it, a functioning cluster is required. Since most conceptual challenges do not require a high performance test cluster, it is also sufficient to build a smaller and therefore more cost-effective one. For this reason I decided to set up a Raspberry Pi Kubernetes Cluster for testing purposes.
- 4x Raspberry Pi 3 Model B+
- 4x microSD Card (I’m using SanDisk Ultra 64GB)
- Power supply unit for the Raspberry Pi devices. You can also use any other 5V power source which provides enough current.
- 4 Micro USB cables for connecting the power suppy unit
- 4 Layer Acrylic Cluster Case
If the Raspberry Pis are not to be connected via WLAN but cable, the corresponding network components are also required:
- 5 Port Switch
- 4 short ethernet cables
The website of Hypriot has a very good tutorial how to set up a Kubernetes cluster with Raspberry Pi boards: https://blog.hypriot.com/post/setup-kubernetes-raspberry-pi-cluster/. If you need some configuration examples (executable on a Raspberry Pi Kubernetes Cluster) please check out my GitHub repository with configuration examples: https://github.com/MatthiasLohr/kubernetes-rpi-examples.
In How to set up your YubiKey NEO I already mentioned that you can also use your YubiKey as SSH key. In GPG Agent Forwarding I show how to forward your GPG agent to remote machines for decryption/signing. What’s missing is a tutorial on how to make it all work together, how to use your GPG Agent for SSH in Gnome. Read More