Using Docker on a Synology NAS has become really easy. It’s a bit harder to install Jenkins in a container and let it use the Docker installation it’s part of. But we are living in exciting times: bringing a fully functioning CI/CD-pipeline to your home automation has never been easier! This blog is sort of a “this is how I did it, because I won’t remember how I did it in a few months”-blog. Not sure if it fits your case, but please comment if you feel like I’ve forgotten something.

Synology + Jenkins + Docker = a match made in heaven. Ideal for getting you CI/CD going at home.

What I’ll be using in this blog:

  • A Synology DS218+ NAS
  • DSM 6.1.5-15254 Update 1
  • Jenkins docker image: jenkinsci/blueocean:latest
  • Jenkins CI will use the “host” Docker of the Synology.

Preparation

To prepare we need to install Docker on our NAS. We also need SSH access, because some actions cannot be done from the Synology interface.

  1. Install Docker
    • Open up Package Center.
    • Search for “Docker” and install the package.
  2. Get SSH access
    • Open up Control Panel.
    • Search for “ssh” and click the “Terminal & SNMP” item.
    • Click the Enable SSH service checkbox.
    • Click the Apply button.

Container me!

SSH into your Synology NAS. (New to SSH? Check this) Give your user rights to use Docker without sudo:

ls -alh /var/run/docker.sock

Let’s configure a few things. Jenkins will need to persist its information, so I’m going to create a directory where it can store the data. The container user need to access the information as well, that’s why I’ll make sure it can be accessed. It also needs access to Docker.

# create folder for Jenkins
mkdir -p /volume1/docker/jenkins
# grant container user rights
sudo chown -R 1000:1000 /volume1/docker/jenkins
# grant rights to "host" docker
sudo chown -R 1000:1000 /var/run/docker.sock

Now we are ready to bring the container up. We’ll bring it up under the name “blueocean”.

docker run -v /volume1/docker/jenkins:/var/jenkins_home -v /volume1/docker/docker.sock:/var/run/docker.sock -p 8080:8080 -p 50000:50000 --restart always --name blueocean jenkinsci/blueocean:latest

When the container runs for the first time, it will install Jenkins. During the installation a temporary admin key will be shown. Please copy this key. We’ll need it in the next step. Make sure the container runs successful and then terminate it with CTRL+C. Now restart the container in the background using the following script:

docker start blueocean

Outside access

This step is optional, but I think it’s an important one. Let’s configure an HTTPS to HTTP proxy and secure it with a Let’s Encrypt security certificate. This only make sense if your NAS needs to be accessed outside of your home. This is my setup:

  • I’ve added an A-record to the DNS-record of my domain and pointed it to the IP of my home. This allows me to access Jenkins on something like https://jenkins.keestalkstech.com.
  • I’ve used port-forwarding on my router to forward 443 needs to the Synology NAS.

Reverse Proxy

First let’s create the reverse proxy:

  1. Login to your NAS.
  2. Open up Control Panel.
  3. Search for “reverse” and open up the “Application Portal” item.
  4. Click on the second tab named Reverse Proxy.
  5. Click the Create button.
  6. Use the following settings:
  7. Click OK and you’re done with the proxy.

Certificate

Next item on the list is adding a security certificate:

  1. Go back to the Control Panel.
  2. Search for “certificate” and open up the “Security” item.
  3. Click on the Certificate tab.
  4. Add a certificate for the domain you just created. (I used a new Let’s Encrypt certificate)
  5. Next click on the configure button.
  6. Now link the reverse proxy you’ve created in the previous step to the right certificate.

Setup Jenkins

If you’ve setup the sub domain you can access Jenkins through it, otherwise just use the IP of the NAS and port 8080. Now we need to do some the following steps:

  1. Login using the temp admin key, complete the setup by creating a user.
  2. Login to Jenkins with the user.
  3. If you use a domain, let’s setup the domain:
    • Go to Manage Jenkins (in the menu).
    • Click Configure System.
    • Navigate to the Jenkins Location section.
    • Add your domain here (in my case: https://jenkins.keestalkstech.com).
    • Hit the save button.
  4. Done!

Update Jenkins

You probably have an update waiting for you. Let’s install the update. First click on the notifications and copy the download URL. We’ll need this one. Go back to your SSH session and bash into the container using the root user:

docker exec -u 0 -it blueocean bash

Now we’re going to download the update. The following downloads update 2.107.1:

# download URL
wget http://updates.jenkins-ci.org/download/war/2.107.1/jenkins.war
# move it
mv ./jenkins.war /usr/share/jenkins
# give the right permissions
chmod 777 /usr/share/jenkins/jenkins.war
# close the bash session
exit

Restart Jenkins by doing a:

docker container restart blueocean

And… that’s it!

So everything works. We have a working and updated Jenkins / Blue Ocean installation behind an HTTPS reversed proxy that can access Docker. Hope you’ve enjoyed the setup.

Some sources I used: