Skip to main content

Synology

DSM 6

Synology's DSM 6 will enter EOL status sometime in 2023. ZeroTier will support the latest patched versions of DSM 6.2 until that point. If you are on DSM 6 you can skip all of the below steps and simply: Download DSM 6 packages. Please note that the latest packages will delete your existing identities upon install. Back up these identities if you wish to preserve them.

DSM 7

Synology's DSM 7 doesn't allow third-party applications to run as root. Therefore, we now recommend using Docker to run ZeroTier. While this is somewhat inconvenient at first it is undeniably a safer way to run third-party applications on your NAS. This configuration will be persistent across reboots and DSM upgrades.

The GUI for the Synology Docker package is unreliable at best so it is suggested that all operations performed on your container be done through the Docker CLI. If you choose to use the GUI you do so at your own peril. If you have any issues or questions please create a ticket and we'll try to help out.

If your NAS does not support Docker or if you wish to downgrade to DSM 6 you can still use the older DSM 6 packages or follow our bridging tutorial.

To install via Docker there are four steps that need to be performed only once:

Create a persistent TUN

SSH into your NAS

ssh user@local-ip

The following setup steps must be run as root

sudo -i

Write script to /usr/local/etc/rc.d/tun.sh that will setup /dev/net/tun on startup

echo -e '#!/bin/sh -e \ninsmod /lib/modules/tun.ko' > /usr/local/etc/rc.d/tun.sh

Set executable permissions on script

chmod a+x /usr/local/etc/rc.d/tun.sh

Run script once to create a TUN

/usr/local/etc/rc.d/tun.sh

Check for the TUN

ls /dev/net/tun
/dev/net/tun

If you experience trouble getting the TUN to work check out Rui Marinho's guide

Install docker on your NAS

Package Center -> Search "Docker" -> Install

Set up container

Make directory to store ZeroTier's identity and config

mkdir /var/lib/zerotier-one
caution

In the next step we bind mount to the host's /var/lib/zerotier-one created above in order to store ZeroTier's identity. This is not guaranteed to survive DSM updates. I would suggest placing this on an automatically-mounted volume where your other private user data resides. The location you choose to store your identities should be kept secure and never placed on a shared volume that others can access.

Make Docker container called zt (Repo: zerotier/zerotier-synology)

docker run -d           \
--name zt \
--restart=always \
--device=/dev/net/tun \
--net=host \
--cap-add=NET_ADMIN \
--cap-add=SYS_ADMIN \
-v /var/lib/zerotier-one:/var/lib/zerotier-one zerotier/zerotier-synology:latest

Usage

Previous versions of our package contained a GUI, however this is no longer the case and it is for the better. The CLI can be used as follows:

View node status

docker exec -it zt zerotier-cli status

Join your network

docker exec -it zt zerotier-cli join e5cd7a9e1cae134f

Authorize the NAS on your network. Then view the network status:

docker exec -it zt zerotier-cli listnetworks

Show running container (optional)

docker ps

Enter the container (optional)

docker exec -it zt bash

Upgrading ZeroTier

To upgrade ZeroTier you'll need to stop and remove the container, then pull latest and start a new container:

docker ps

Example output:

CONTAINER ID   IMAGE                               COMMAND          CREATED       STATUS      PORTS     NAMES
52c7cb58a1dd zerotier/zerotier-synology:latest "zerotier-one" 5 weeks ago Up 9 days zt

Stop the container

docker stop 52c7cb58a1dd

Remove the container

docker container rm 52c7cb58a1dd

Pull latest updates

docker pull zerotier/zerotier-synology:latest

Now, re-run the commands from the Set up container section.

Next steps

Click here to create your network and start adding devices.