From 5bcb7273059dce9c09025fefb680c4391de70fce Mon Sep 17 00:00:00 2001 From: jokob-sk Date: Thu, 4 Dec 2025 16:09:38 +1100 Subject: [PATCH] DOCS: SYNOLOGY permissions guide #1310 Signed-off-by: jokob-sk --- docs/REVERSE_DNS.md | 1 - docs/SYNOLOGY_GUIDE.md | 91 +++++++++++++++++++++--------------------- 2 files changed, 45 insertions(+), 47 deletions(-) diff --git a/docs/REVERSE_DNS.md b/docs/REVERSE_DNS.md index 69e6a2bc..9ca3a24f 100755 --- a/docs/REVERSE_DNS.md +++ b/docs/REVERSE_DNS.md @@ -53,7 +53,6 @@ You can configure a custom **/etc/resolv.conf** file in **docker-compose.yml** a #### docker-compose.yml: ```yaml -version: "3" services: netalertx: container_name: netalertx diff --git a/docs/SYNOLOGY_GUIDE.md b/docs/SYNOLOGY_GUIDE.md index a90a91d6..e2983e29 100755 --- a/docs/SYNOLOGY_GUIDE.md +++ b/docs/SYNOLOGY_GUIDE.md @@ -9,18 +9,18 @@ The folders you are creating below will contain the configuration and the databa 1. Create a parent folder named `netalertx` 2. Create a `db` sub-folder -![Folder structure](./img/SYNOLOGY/01_Create_folder_structure.png) -![Folder structure](./img/SYNOLOGY/02_Create_folder_structure_db.png) -![Folder structure](./img/SYNOLOGY/03_Create_folder_structure_db.png) + ![Folder structure](./img/SYNOLOGY/01_Create_folder_structure.png) + ![Folder structure](./img/SYNOLOGY/02_Create_folder_structure_db.png) + ![Folder structure](./img/SYNOLOGY/03_Create_folder_structure_db.png) 3. Create a `config` sub-folder -![Folder structure](./img/SYNOLOGY/04_Create_folder_structure_config.png) + ![Folder structure](./img/SYNOLOGY/04_Create_folder_structure_config.png) 4. Note down the folders Locations: -![Getting the location](./img/SYNOLOGY/05_Access_folder_properties.png) -![Getting the location](./img/SYNOLOGY/06_Note_location.png) + ![Getting the location](./img/SYNOLOGY/05_Access_folder_properties.png) + ![Getting the location](./img/SYNOLOGY/06_Note_location.png) ## Creating the Project @@ -32,57 +32,56 @@ The folders you are creating below will contain the configuration and the databa - Paste in the following template: -```yaml -version: "3" -services: - netalertx: - container_name: netalertx - # use the below line if you want to test the latest dev image - # image: "ghcr.io/jokob-sk/netalertx-dev:latest" - image: "ghcr.io/jokob-sk/netalertx:latest" - network_mode: "host" - restart: unless-stopped - cap_drop: # Drop all capabilities for enhanced security - - ALL - cap_add: # Re-add necessary capabilities - - NET_RAW - - NET_ADMIN - - NET_BIND_SERVICE - volumes: - - /app_storage/netalertx:/data - # to sync with system time - - /etc/localtime:/etc/localtime:ro - tmpfs: - # All writable runtime state resides under /tmp; comment out to persist logs between restarts - - "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" - environment: - - PORT=20211 -``` + ```yaml + services: + netalertx: + container_name: netalertx + # use the below line if you want to test the latest dev image + # image: "ghcr.io/jokob-sk/netalertx-dev:latest" + image: "ghcr.io/jokob-sk/netalertx:latest" + network_mode: "host" + restart: unless-stopped + cap_drop: # Drop all capabilities for enhanced security + - ALL + cap_add: # Re-add necessary capabilities + - NET_RAW + - NET_ADMIN + - NET_BIND_SERVICE + volumes: + - /app_storage/netalertx:/data + # to sync with system time + - /etc/localtime:/etc/localtime:ro + tmpfs: + # All writable runtime state resides under /tmp; comment out to persist logs between restarts + - "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" + environment: + - PORT=20211 + ``` -![Project settings](./img/SYNOLOGY/07_Create_project.png) + ![Project settings](./img/SYNOLOGY/07_Create_project.png) 3. Replace the paths to your volume and comment out unnecessary line(s): -- This is only an example, your paths will differ. + - This is only an example, your paths will differ. -```yaml - volumes: - - /volume1/app_storage/netalertx:/data -``` + ```yaml + volumes: + - /volume1/app_storage/netalertx:/data + ``` -![Adjusting docker-compose](./img/SYNOLOGY/08_Adjust_docker_compose_volumes.png) + ![Adjusting docker-compose](./img/SYNOLOGY/08_Adjust_docker_compose_volumes.png) 4. (optional) Change the port number from `20211` to an unused port if this port is already used. 5. Build the project: -![Build](./img/SYNOLOGY/09_Run_and_build.png) + ![Build](./img/SYNOLOGY/09_Run_and_build.png) 10. Navigate to `:20211` (or your custom port). 11. Read the [Subnets](./SUBNETS.md) and [Plugins](/docs/PLUGINS.md) docs to complete your setup. ## Solving permission issues -See also the [Permission overview guide](./FILE_PERMISSIONS.md). + See also the [Permission overview guide](./FILE_PERMISSIONS.md). ### Configuring the permissions via SSH @@ -101,23 +100,23 @@ You can also execute the above bash commands via the UI by creating a one-off sc 1. Control panel -> Task Scheduler 2. Create -> Scheduled Task -> User-defined Script -![User-defined Script](./img/SYNOLOGY/11_permissions_create_scheduled_task.png) + ![User-defined Script](./img/SYNOLOGY/11_permissions_create_scheduled_task.png) 3. Give your task a name. -![User-defined task_general](./img/SYNOLOGY/12_permissions_task_general.png) + ![User-defined task_general](./img/SYNOLOGY/12_permissions_task_general.png) 4. Specify one-off execution time (e.g. 5 minutes from now). -![task_schedule](./img/SYNOLOGY/13_permissions_task_schedule.png) + ![task_schedule](./img/SYNOLOGY/13_permissions_task_schedule.png) 5. Paste the commands from the above SSH section and replace the `/local_data_dir` with the parent fodler of your `/db` and `/config` folders. -![task_settings](./img/SYNOLOGY/14_permissions_task_settings.png) + ![task_settings](./img/SYNOLOGY/14_permissions_task_settings.png) 6. Wait until the execution time passes and verify the new ownership. -![permissions_after](./img/SYNOLOGY/15_permissions_after.png) + ![permissions_after](./img/SYNOLOGY/15_permissions_after.png) In case of issues, double-check the [Permission overview guide](./FILE_PERMISSIONS.md).