Instructions for setting up git server on Synology Diskstation

Synology-Diskstation-Git.md

Configure Synology NAS as Git Server

Instructions for setting up a git server on a Synology NAS with Diskstation. Specifically, I am using a DS414 with DSM 5.0.

Set Up User and Folder

• Create user gituser via Diskstation interface (with File Station and WebDAV privilages)
• Add new shared folder called git (located at /volume1/git) with read/write access for gituser and admin. This folder will hold all the repos.
• Install Git Server package via Diskstation
• Open Git Server and allow gituser permissions
• Enable SSH access on Diskstation (Control Panel > Terminal & SNMP > Enable SSH Service)

Configure SSH Access

• create ~/.ssh folder for gituser on server

ssh [email protected]
mkdir /volume1/homes/gituser/.ssh

• copy public rsa key from local computer to gituser account on server

scp ~/.ssh/id_rsa.pub [email protected]:/volume1/homes/gituser/.ssh

• connect via SSH as root and rename id_rsa.pub to authorized_keys on NAS (or append if already exists, cat id_rsa.pub >> authorized_keys)

ssh [email protected]
mv /volume1/homes/gituser/.ssh/id_rsa.pub /volume1/homes/gituser/.ssh/authorized_keys

• change permissions while logged in as root

cd /volume1/homes/gituser/
chown -R gituser:users .ssh
chmod 700 .ssh
chmod 644 .ssh/authorized_keys

Set Up New Repo on NAS

• create bare repo as root

ssh [email protected]
cd /volume1/git/
git --bare init <repo-name>.git
chown -R gituser:users <repo-name>.git
cd <repo-name>.git
git update-server-info

NOTE: I'm not entirely sure if git update-server-info must be run for each repo or just initially. It seems to work without running this command, but I'm suspcicious that it might cause problems later.

Add NAS as Remote for Local Repo

• Clone repo from NAS

git clone ssh://[email protected]/volume1/git/<repo-name>.git

References

http://blog.osdev.org/git/2014/02/13/using-git-on-a-synology-nas.html http://stackoverflow.com/questions/20074692/set-up-git-on-a-nas-with-synologys-official-package http://www.heidilux.com/2014/02/setup-git-server-synology-nas/

Hi there! As far as I understood this thread, there is no way to use Synilogy Git server when your NAS not in local network. Is there any way to use QuickConnect Id or something else?

I don't think there is anything in this thread that means it only ever works on local networks - but that would be how most people use it.

I don't know anything about quick-connnect, except that I don't use it.

I don't think there is anything totally blocking access via port forwarding, but you would need to be really careful exposing it to the internet, especially port 22 which will get flooded with brute force attacks.
The only way I would do it would be to create a vpn between the two sites - that way the client appears to be local. It does require at least one side to have static, or at least stable IP address.
There are possibly firewall rules that you might have to relax.

Hi @AllNickNamesAreBusySoITakenThis and @CameronD73

It's been a while since I have been on this thread and currently I am in another country to my Synology.

There are several ways to achieve this:

• Use a Mesh VPN to connect to your Synology and create a secure Tunnel for your git traffic
• Site-to-site VPN and effectively make your Synology appear on your local network
• Port forwarding off your router (not a great idea)

Mesh VPN (e.g. TailScale)
Using a Mesh VPN like TailScale (merely an example but a version is available for Synology) you can install a client on your Synology which will create an outbound tunnel from your Synology machine. This can either expose services in this case SSH via Port 22 or one or more systems on the local network with the Synology.

A client machine running the Mesh VPN client and logged into your network can then see this as though it is on the local network.

This is probably the easiest answer and depending on the security of the individual VPNs and your VPN credentials the most secure.

Site-to-site VPN
Either using your router or running the VPN software on the Synology system you can join different networks together.

You will need to manage IP address lookup either with /etc/hosts or DNS but all your Synology services become visible and unfortunately are also open to remote compromise if the remote site is hacked or malware/viruses etc attack there.

Port forwarding at the router
Either using the the Dynamic address of the QuickConnect or simply using a Dynamic Address from the local internet router where the Synology is located you can achieve a remote connection.

I would not open Port 22 and forward this to your Synology unless you really desire a miserable existence. Instead I would port forward another higher port on your router to the appropriate port on your Synology. You will also need something like the following

echo "Host diskstation.local
    Hostname easytofindgitserver.dyndns.com
    Port 8721
    User git" >> ~/.ssh/config

If you use "diskstation.local" as your git address then this would use a Dyndns entry called "easytofindgitserver.dyndns.com" to access it via port 8721. Remember that easytofindgitserver is public information so calling it "myhiddensshtunnel" would be another really bad name.

However using this method would give you a quick and dirty method if you only want to do this for a very short time. Tuning off port forwarding at the router stops this.

On the router Internet Port 8721 would be mapped to the port 22 (e.g. 192.168.0.12 port 22).

I hope this gives you some ideas.