Using Docker on a Synology NAS has become really easy. It’s a bit harder to install Jenkins in a container and let it use the Docker installation it’s part of. But we are living in exciting times: bringing a fully functioning CI/CD-pipeline to your home automation has never been easier! This blog is sort of a “this is how I did it, because I won’t remember how I did it in a few months”-blog. Not sure if it fits your case, but please comment if you feel like I’ve forgotten something.
What I’ll be using in this blog:
- A Synology DS218+ NAS
- DSM 6.1.5-15254 Update 1
- Jenkins docker image: jenkinsci/blueocean:latest
- Jenkins CI will use the “host” Docker of the Synology.
To prepare we need to install Docker on our NAS. We also need SSH access, because some actions cannot be done from the Synology interface.
- Install Docker
- Open up Package Center.
- Search for “Docker” and install the package.
- Get SSH access
- Open up Control Panel.
- Search for “ssh” and click the “Terminal & SNMP” item.
- Click the Enable SSH service checkbox.
- Click the Apply button.
SSH into your Synology NAS. (New to SSH? Check this) Give your user rights to use Docker without sudo:
ls -alh /var/run/docker.sock
Let’s configure a few things. Jenkins will need to persist its information, so I’m going to create a directory where it can store the data. The container user need to access the information as well, that’s why I’ll make sure it can be accessed. It also needs access to Docker.
# create folder for Jenkins mkdir -p /volume1/docker/jenkins # grant container user rights sudo chown -R 1000:1000 /volume1/docker/jenkins # grant rights to "host" docker sudo chown -R 1000:1000 /var/run/docker.sock
Now we are ready to bring the container up. We’ll bring it up under the name “blueocean”.
docker run -v /volume1/docker/jenkins:/var/jenkins_home -v /volume1/docker/docker.sock:/var/run/docker.sock -p 8080:8080 -p 50000:50000 --restart always --name blueocean jenkinsci/blueocean:latest
When the container runs for the first time, it will install Jenkins. During the installation a temporary admin key will be shown. Please copy this key. We’ll need it in the next step. Make sure the container runs successful and then terminate it with CTRL+C. Now restart the container in the background using the following script:
docker start blueocean
This step is optional, but I think it’s an important one. Let’s configure an HTTPS to HTTP proxy and secure it with a Let’s Encrypt security certificate. This only make sense if your NAS needs to be accessed outside of your home. This is my setup:
- I’ve added an A-record to the DNS-record of my domain and pointed it to the IP of my home. This allows me to access Jenkins on something like https://jenkins.keestalkstech.com.
- I’ve used port-forwarding on my router to forward 443 needs to the Synology NAS.
First let’s create the reverse proxy:
- Login to your NAS.
- Open up Control Panel.
- Search for “reverse” and open up the “Application Portal” item.
- Click on the second tab named Reverse Proxy.
- Click the Create button.
- Use the following settings:
- Click OK and you’re done with the proxy.
Next item on the list is adding a security certificate:
- Go back to the Control Panel.
- Search for “certificate” and open up the “Security” item.
- Click on the Certificate tab.
- Add a certificate for the domain you just created. (I used a new Let’s Encrypt certificate)
- Next click on the configure button.
- Now link the reverse proxy you’ve created in the previous step to the right certificate.
If you’ve setup the sub domain you can access Jenkins through it, otherwise just use the IP of the NAS and port 8080. Now we need to do some the following steps:
- Login using the temp admin key, complete the setup by creating a user.
- Login to Jenkins with the user.
- If you use a domain, let’s setup the domain:
- Go to Manage Jenkins (in the menu).
- Click Configure System.
- Navigate to the Jenkins Location section.
- Add your domain here (in my case: https://jenkins.keestalkstech.com).
- Hit the save button.
You probably have an update waiting for you. Let’s install the update. First click on the notifications and copy the download URL. We’ll need this one. Go back to your SSH session and bash into the container using the root user:
docker exec -u 0 -it blueocean bash
Now we’re going to download the update. The following downloads an update to the latest version.
# download URL wget http://updates.jenkins-ci.org/latest/jenkins.war # move it mv ./jenkins.war /usr/share/jenkins # give the right permissions chmod 777 /usr/share/jenkins/jenkins.war # close the bash session exit
Restart Jenkins by doing a:
docker container restart blueocean
So that’s the update for Jenkins itself. Now you’ll need to update the plugins.
Make sure you visit the /pluginManager/ to update all plugins.
And… that’s it!
So everything works. We have a working and updated Jenkins / Blue Ocean installation behind an HTTPS reversed proxy that can access Docker. Hope you’ve enjoyed the setup.
Some sources I used: