Logan's Nest

Googled this and realised DS918+ is not supported for this.

Reddit users talking about install docker DSM inside DSM to bypass the restriction and I thought if it runs on Docker then it’s not CPU arch type issue, just some config level restriction. Which turns out to be true.

To bypass it, download the docker package from below URL and get a hex editor.

https://archive.synology.com/download/Package/spk/AcronisTrueImage/1.0.0000/AcronisTrueImage-dockerx64-1.0.0000.spk

Open the file and edit archtype dockerx64 to x86_64 then ensure backfill the reduced characters into places like description as it does have size check.

Manually install the package file from the package manager. It will prompt for crc check error, but you can ignore and continue.

When you need to print out YAML build step for multiple environments.

DEPLOY_ENVS=(staging:account1 staging2:account2)

build_pipeline_step() {
  yaml_orig=$1
  for DEPLOY_ENV in "${DEPLOY_ENVS[@]}"
    do
      IFS=':' read -r -a DEPLOY_ENV_ARRAY <<< "$DEPLOY_ENV"
      DEPLOY_ENV=${DEPLOY_ENV_ARRAY[0]}
      DEPLOY_ACCOUNT=${DEPLOY_ENV_ARRAY[1]}
      yaml="$(sed "s/DEPLOY_ENV/${DEPLOY_ENV}/g" <<< "$yaml_orig")"
      yaml="$(sed "s/DEPLOY_ACCOUNT/${DEPLOY_ACCOUNT}/g" <<< "$yaml")"
      echo "$yaml"
    done
   echo "  - wait"
}

build_pipeline_step "$(cat <<EOF
  - label: 'DEPLOY_ENV - DEPLOY_ACCOUNT'
    commands: "echo hello DEPLOY_ENV"
EOF
)"

1. Get the Zone ID
   Select domain name from the dashboard then zone ID will show on bottom right corner.
2. Get the API Key
   Select log search template to give minimum privilege
3. (Optional) Look up the fields available
   

curl -s -H "X-Auth-Email: <EMAIL>" -H "Authorization: Bearer <API KEY>" "https://api.cloudflare.com/client/v4/zones/<Zone ID>/logs/received/fields" | jq .

4. Run Log Search (modify date & time bit as you need)

curl -s \
    -H "X-Auth-Email: <EMAIL>" \
    -H "Authorization: Bearer <API KEY>" \
    "https://api.cloudflare.com/client/v4/zones/<ZONE ID>/logs/received?start=2020-06-18T17:21:37Z&amp;end=2020-06-18T17:38:01Z&amp;fields=ClientRequestPath,ClientIP,ClientRequestUserAgent,EdgeResponseStatus,OriginResponseStatus,EdgeStartTimestamp,EdgeEndTimestamp" > temp.txt

5. Filter Logs (Adjust the condition as you need)

cat temp.txt | jq 'select(.ClientIP == "<IP>" and .ClientRequestPath == "<ENDPOINT>") | .EdgeStartTimestamp |= (. / 1000000000 | strftime("%Y-%m-%d %H:%M:%S UTC")) | .EdgeEndTimestamp |= (. / 1000000000 | strftime("%Y-%m-%d %H:%M:%S UTC"))'

Transit Gateway (TGW) is a managed cloud router service provided by AWS and it supports direct VPN attachment.

The setup is little bit tricky as UDM doesn’t support BGP.

1. Create a Customer Gateway
Select Dynamic routing and enter your router public IP

2. Create VPN Profile
Select your local transit gateway & customer gateway just created.
Routing options need to be static for this one.

3. Add UDM IP ranges into VPC routing table
Set the target as local transit gateway

4. Also add UDM IP ranges into transit gateway routing table
attachments are two VPN endpoints created above

5. Add VPN profile in UDM
Ensure ‘Dynamic Routing’ is enabled in advance option
It seems like remote subnets defined here is for routing table so if you try to make 2nd tunnel with the same remote subnets then it will reject it.

6. Test
Your VPN profile will now show up as “UP” and traffic should be routable for both directions. Check your security group if it doesn’t work.
In Network Manager, your VPN status will show up as impaired as 2nd tunnel is not set.

Was looking at https://docs.aws.amazon.com/ses/latest/DeveloperGuide/postfix.html but it’s not really working as it’s missing some key commands.

1. Install packages

apt install -y postfix libsasl2-modules

* select ‘no configuration’

2. Config files

cp /usr/share/postfix/main.cf.debian /etc/postfix/main.cf

in /etc/postfix/main.cf

smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = encrypt
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
relayhost = [email-smtp.us-west-2.amazonaws.com]:587
smtp_sasl_auth_enable = yes
smtp_use_tls = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
mydestination =

/etc/postfix/sasl_passwd

[email-smtp.us-west-2.amazonaws.com]:587 USERNAME:PASSWORD

3.Apply configs and restart the service

newaliases
postmap hash:/etc/postfix/sasl_passwd
systemctl restart postfix

4. (optional) Test

sendmail -f EMAIL@FROM.com EMAIL@TO.com
From: test <email@from.com>
Subject: test
.</email@from.com>

then in /var/log/mail.log
-snip- status=sent (250 Ok -snip-