Install TNG on a Synology DSM

Post Reply
Steve
Posts: 63
Joined: Sun Oct 01, 2017 3:08 pm

Install TNG on a Synology DSM

Post by Steve » Mon Oct 16, 2017 1:21 am

Requirements:
Synology Disk Station running DSM 6.0 or above (Manual permission instructions are included for older versions)
TNG (The Next Generation) Version 11.0 or above
Terminal Emulator Software is optional unless your are setting permissions manually

Install the following Synology packages
Web Station
phpMyAdmin (Note phpMyAdmin will automatically install MariaDB)
After installing both packages start MariaDB.
When MariaDB starts you must create a password.
The MariaDB password is the same password you will use for phpMyAdmin.

Setup a MariaDB database
Login to phpMyAdmin using the username root and your MariaDB password.
When phpMyAdmin starts you will see a screen like the one below.

Image

Select the User Account tab and the following screen appears. Then select the Add User Account option shown at the red arrow below.

Image

On the user account page enter the user name, host name and password.
The user name is the name you want to give TNG to access the database.
In his example the database name will be the same as the username.
TNG uses a user name and a password to access the database.

Image

For the Host Name select local from the pull down menu.
Enter a password you want to use for your database and re-type to confirm.
This is the password TNG will use to access the database. It IS NOT the MariaDB password. You can select Generate to have phpMyAdmin create a password as well. Make sure you copy and paste or write down the password somewhere safe. You will need it to connect TNG to the database.
Check the box Create database with same name and grant all privileges.

Image

You do not need to grant the TNG user global privileges however privileges can always be changed later if you want this user to access another database.

If you want to use SSL enable it on your Disk Station. Enabling SSL on the database may prevent TNG from connecting to the database correctly.
When finished select the Go button at the lower right of the screen.

To check the new user has the correct privileges, select the home button in phpMyAdmin and select the User accounts tab.
Locate the new user you just created and select edit privileges.

The line at the top should look something like:
User account 'tngusername'@'localhost' - Database tngdatabasename
Select the database button and select edit privileges again.
Verify all boxes are checked. You do not need to check the grant box, under administration. It is not necessary for TNG. It enables this user to add users and privileges without reloading the privilege tables.

Remember to select the go button if you make any changes so they are accepted.
The empty database is created and ready so Close phpMyAdmin.




Extract the TNG files to your Synology DSM
Use your Windows or MAC to extract the files to your Synology. Hopefully you set up DSM so your computer has local access. If not login to DSM and select File Services. On the SMB/AFP/NFS tab enable the SMB service, then enable AFP if you are using a MAC or NFS if you are using WIndows. This allows you to access your NAS over the local network. You may get a warning to open the ports in the firewall but opening these ports will expose your folders to the internet, so ignore the warning. Once these services are enabled, run the security advisor from the main menu to ensure these services are not exposed to the internet. If they are exposed, disable the appropriate ports. Now use the Synology Assistant to map the web folder as a drive on your PC or MAC. If you do not enable these services, you will have to enable FTP and use FTP software to extract the files the same as using a host system on the internet.

The installation of Web Station creates a shared folder called "web" on the Synology DSM. This folder is the "root" for all your web pages. It is best but not required to keep each software package in a unique folder.
For example if you install the Synology version of WordPress, the installation creates a WordPress sub-folder inside the web folder automatically.
If you are not going to use WordPress or additional software you can install TNG in the "root" or web folder.
The advantage of a "root" installation is you do not need to create any code or type a long URL to load TNG so when someone visits your site TNG starts automatically.
However, if you later decide to create additional pages you will have to either move TNG to a sub-folder, modify the TNG index file you are using to so you can access those additional pages or use the folder name in your URL.
In this example we will explain both installation types.

Regardless of where you decide to install the TNG files, you must either use a virtual host or delete, rename or modify the Synology index.html file created when Web Station was installed. This is the same index file that welcomes you to Synology Web Station and tells you Web Station is not setup yet.
TNG loads from an index.php file and browsers look for the index.html first. If TNG is in the web folder the TNG file will not load if the Synology index file is present and you will get the Synology Web Station message. None of the files or folders Synology creates in the web folder are necessary to run your website and can be moved or deleted.
Keep in mind if you move or delete these files and try to access the root of your site with no index file, you will get a 404 error. Don't panic you get the error because you have nothing in the root folder for a browser to load.

If you install TNG in a sub-folder, the folder name will be used in your URL to access TNG unless you create a virtual host.
If you are using another front end, like WordPress, this won't apply because you create a link to TNG. In any case this information applies to any additional software or pages you add to your site. So if you name the folder “genealogy” your URL will be:

Code: Select all

http://www.yourdomainname/genealogy/
If you install TNG in the root your URL will be:

Code: Select all

http://www.yourdomainname/
Extract the TNG.zip file to the folder where you want to install the TNG program.
When finished there will be about 19 TNG folders and about 1604 files. This is why installing in a folder is easier if you are going to have additional web pages. The root can get pretty cluttered and hard to navigate with so many files and folders.




Setup PHP on your Synology DSM
Login to DSM and go to web station.
Select General Settings

Image

Select HTTP back-end server:
From the pull down select either Apache (2.2 or 2.4) or NGINX
Select PHP settings
From the pull down select php 7.0 if available or php 5.6
Then select Apply

Select PHP settings
(You may have two versions of PHP installed)
From the pull down select PHP version 5.6
Make sure the Enable PHP cache and Enable display_errors to display PHP error message are checked
Scroll down the extensions and check all the boxes except dba, libsodium pdo_sqlite, pssql, soap, sqlite3, ssh2 and wddx then select Apply

Image

From the pull down select PHP version 7.0 (if it is installed)
Make sure the Enable PHP cache and Enable display_errors to display PHP error message are checked
Scroll down the extensions and check all the boxes except dba, pdo_dblib, pdo_sqlite, pg_sql, soap, sqlite3, ssh2 and wddx then select Apply

Image

While TNG does not require every extension, software you may install at a later date might require options not used by TNG.




Setup a Virtual Host on your Synology DSM (Optional)
The virtual host is optional because if you install TNG in the root directory you will not need a Virtual Host. The TNG program will start automatically.
If you install TNG in a sub-folder, you can create a link in the root folder index file, or in a front end program to point to the TNG program. Here is example code to create a link in an index file or WordPress text widget to point to your TNG page:

Code: Select all

<a href="http://www.yourdomainname/TNGfoldername">Name you want displayed</a>;
However a Virtual host will point directly to your TNG program without the need for links.
To set up a Virtual Host login to DSM and select Web Station
Select Virtual Host
Select Create

Image

Enter the domain name you want to use.
Select which port you want to use otherwise leave the default.
Note you do not need to change the default port from 80/443 even if you decide to use SSL on your website.
Change this port only if you want to setup alternate ports to access your server.
Changing these ports may disable access to your web pages depending on your ISP.
Use the browse button and select the TNG folder you created.
Select HTTP back-end server: (Usually Apache but nginx is also available)
Select PHP: and select the version of PHP you want to use (5.6 or 7.0)
Select OK to save your changes when complete.




Changing File Permissions with DSM (more info can be found in the Synology Knowledge Base)

Newer versions of the Synology DSM allow you to change folder and file permissions using File Station.
Log in to your DSM and go to File Station. Move to the folder where you installed TNG.
Right click the TNG folder you created earlier and select properties.

Image


Select the permission tab and then select adavanced options.

Image


Select the Make inherited permissisons explicit option and select OK

Image


The permissions should appear in the window. Check the http permissions as they may be read only. (Note there may be two http users)
If the permissions are read only, highlight the first http user and check the Apply to this folder sub-folder and files check box then select edit.

Image


When the permission editor window opens, enable all read and write permissions and select OK.

Image


After you save your changes the http group will display custom permissions as shown below.

Image



To test your permissions return to the TNG readme file on your browser and select next twice to move to the folders page. Select the backup folder, change the name and select the rename button. If it renames the file your permissions change was successful.
You can change the name back or leave the new name and proceed with Finish the TNG installation.

Note: a second http group may appear especially if you manually changed permissions or used advanced permissions for a user or group. In most cases you you will not need the change second http user but always test permissions and if needed, you can enable permissions for the second http group.

Changing File Permissions Manually
Some older versions of DSM may not allow you to change permissions. In this case you must change permissions manually.
Changing file permissions is not difficult but you should be careful. You must use additional software to make the changes.
There are a number of software options but PuTTY works well so I will use PuTTY for this example.
Download PuTTY and install on your computer.

The free download can be found at PuTTY for Windows
MAC users can find alternatives to PuTTY at 28 Alternatives to MAC Putty or MAC Best Alternatives to PuTTY

Now you need to know where to go to change your file permissions, so login to your disk station. Open the control panel and select Shared Folder.
Locate the folder web and under this folder is the volume on which it is located. (This info will be used later)
Although it is not a requirement you should check your router and make sure internet access to your SSH port is disabled. If a mischievous person gets on your SSH port, they can wreak havoc on your system up to the point of denying you access or disabling your machine.

Login to your Synology Disk Station and go to control panel.
At the bottom of the tree (left side) select Terminal & SNMP.
Check Enable SSH service.
Change the port to something above 1024 (I do not use 22 as it is the default port) and then select apply.
Enabling SSH allows access to the internal workings of your Synology DSM. It is important to restrict access to the SSH port to prevent intrusions while it is enabled on your NAS. To secure DSM you should enable Auto Block. To enable this feature goto Control Panel -> Security -> Account. Set the permitted number of login attempt and the time period before blocking access.

Image


Prevent locking yourself out by selecting the Allow/Block List.

Image


Select IP range and enter the IP address range for your LAN (Local Area Network) and select OK.

Image


Adding your LAN IP address range will prevent you from being blocked if you login incorrectly.

Image



Start PuTTY on your local computer. When PuTTY starts you will see the configuration screen. Do not worry about or change the categories on the left.
Enter the IP of your NAS on your local network. Which will probably something similar to 192.168.1.xx
Change the PuTTY port to the port you selected above to match your DSM port.
Make sure the connection type is SSH.
You do not need to make any other changes to PuTTY.
Select the Open button at the bottom.
If you connect, you will see the PuTTY screen which displays “login as:”
You must login with your Synology administrator account name and password.
Once you are logged in you will not have enough access so type sudo –i
And it will ask for your password again so re-type your administrator password. Now you have the correct access to make changes.

Go to the correct folder by typing: cd /volumename/web/tngfoldername
(the volumename will be the same name you looked up using the Shared Folder instructions above)
The command will look something like “cd /volume1/web/tngfoldername”
Note it is all lower case and there is a space between cd and /volume.
If you do not leave a space you won't change directories and you will get a “no such folder” error message. (Syntax is very important here)

If you have done this correctly PuTTY will display something like
“root@diskstationname:/volumename/web/tngfoldername”.
Now you are in the right place to change file permissions. You must give the following files read/write permissions:
adminlog.txt, config.php, genlog.txt, importconfig.php, logconfig.php, mapconfig.php, pedconfig.php, subroot.php, templateconfig.php and whatsnew.txt

Enter the following commands and press enter after each entry: (If you make a mistake PuTTY will display an error and you can re-enter the command. When Putty accepts the command the cursor moves to the next line)
chmod 666 adminlog.txt
chmod 666 config.php
chmod 666 genlog.txt
chmod 666 importconfig.php
chmod 666 logconfig.php
chmod 666 mapconfig.php
chmod 666 pedconfig.php
chmod 666 subroot.php
chmod 666 templateconfig.php
chmod 666 whatsnew.txt

The next set of files photos, histories, documents, headstones, media, gedcom, gendex and backups folders requires additional permissions.
Note that TNG states 755 may work on some sites but it does not work on a Synology DSM correctly so use the settings below.
Enter the following commands and press enter after each entry:
chmod 767 photos
chmod 767 histories
chmod 767 documents
chmod 767 headstones
chmod 767 media
chmod 767 gedcom
chmod 767 gendex
chmod 767 backups

If PuTTY excepted all your commands correctly type exit and press enter to get out of the admin mode.
Enter exit again and press enter again to close PuTTY.

Login to your disk station and go to control panel and select Terminal & SNMP and uncheck the SSH box and select apply.
This stops access to your SSH port.




Finish the TNG installation

Your permissions are set, so use your web browser to return to the Readme instructions to complete your TNG installation. To start the TNG installation you must load your new web page in a browser. DO NOT use a Windows or MAC explorer type program and DO NOT use the Synology QuickConnect feature because it connects to DSM not your web pages. You MUST use a browser.

To run locally type your local server IP address followed by /readme.html or /tngfoldername/readme.html
So it looks something like 192.168.1.15/readme.html or 192.168.1.15/tngfoldername/readme.html
To run or check web access, start your browser and enter:

Code: Select all

http://yourdomainname/readme.html
or

Code: Select all

http://yourdomainname/tngfoldername/readme.html
depending on how you setup your web access.
The TNG readme page should appear. If the page does not appear check the spelling and IP address.
If you used a web address try checking the virtual host port and make sure your firewall or router does not block access to the port.

When the TNG readme page appears select Express Installation as shown below.

Image

Item 3 - Do not select the set permissions button because this will generate an error and the correct permissions were set earlier. (TNG cannot change file permissions on a Synology DSM.)

Item 4 - You should change the folder names per the TNG recomendations.

Item 5 - Select the default language and character set from the pull down menu.

Item 6 - The database connection settings are simple if you are using MariaDB 5.

Image

Enter the TNG. DATABASE NAME you created.
Then enter the TNG database USER NAME and PASSWORD you created earlier.

Select the Save and Verify Button. If you entered the information correctly TNG will display a message about the TNG connection status. If TNG does not connect, check your spelling for typos and verify the information used to create your MariaDB database.

If you want to use MariaDB 10, you must change the Host Name setting.

Image

You must change the Host Name to localhost:3307 or TNG will not connect to MariaDB 10. Changing the TNG Database Port and/or Database Socket will not work correctly on a Synology DSM.

Now there are only 3 more steps so you are nearly finished.

Image

Item 7 - Do not change the database collation unless you changed the default collation when the database was created. Select the Save and Create tables button. TNG will create all the necessary tables in the MariaDB database. TNG will display a status message when table creation is complete.

Item 8 - Create a user name and password for your access to TNG. This should be different from all the other user names and passwords you have created. The first user you create will be the administrator. In the email field, enter the TNG admin email you want to use for user contact and select the Create User button. TNG should display a success status message.

Item 9 - If you like, you can enter another ID and the name for your tree. Select the Create Tree button. TNG should display a success status message.

When the installation is complete close and restart your web browser.

Enter

Code: Select all

http://www.yourdomainname
or

Code: Select all

http://www.yourdomainname/tngfoldername
and the TNG page should appear. Complete any additional TNG instructions.
When the TNG install is complete go to the admin home page, select setup and then the diagnostics tab.
Scroll down and check the status of each line.
If any lines show a yellow or red warning, check the warning information to determine the corrective action.
If you entered the permissions correctly you should not see any warnings.

Image

At this point you can enter people manually or import a GEDCOM.
Keep in mind if you import a very large GEDCOM it may take a while.
My GEDCOM is 80.86GB and it takes about twenty minutes to import.
TNG has a progress bar which works great in version 11.0.2 on the Synology DSM unless you are using SSL.

If you have questions about your TNG software contact TNG or check the TNG WIKI pages for help and information.

If you have technical questions about your Synology DSM contact Synology Tech Support or check the Synology Forums for help and additional information.

Last edited by Steve on Mon Apr 16, 2018 9:51 pm, edited 3 times in total.

Paul Barrett
Posts: 38
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology DSM

Post by Paul Barrett » Mon Apr 09, 2018 1:27 pm

There seems to be a conundrum with permissions.

After some experimentation it seems TNG won't install unless it has Full Control (i.e. incl admin rights) to certain folders, while phpMyAdmin throws a hissy fit and won't let you in if certain permissions aren't locked down to read only. These are incompatible views. I think the solution may be to flush full control down through the TNG folders whilst limiting the phpMyAdmin folder to read only. But with permissions being inherited from the \web root, it is not immediately apparent how to do this
Paul Barrett
pfbarrett.uk

Steve
Posts: 63
Joined: Sun Oct 01, 2017 3:08 pm

Re: Install TNG on a Synology DSM

Post by Steve » Mon Apr 09, 2018 2:55 pm

DO NOT change permissions on the web folder. Additionally the TNG folder should never use inherited permissions from the web folder. So you should make inherited permissions explicit on the TNG folder and sub-folders. However, media folders inside the TNG folder can use inherited permissions. Using this permission structure phpMyAdmin is left as is and you are only working on the TNG folder and it’s sub-folders.

To change inherited permissions on the TNG parent login to DSM and select File Station. Navigate to the web folder then right click the TNG folder and select properties. Select the permissions tab and check the Apply to this folder, sub-folders and files box. Then the advanced tab and select the make inherited permissions explicit line. Then give all read and write rights to http. Then select administrators and select all rights for this group.
Last edited by Steve on Fri Jul 06, 2018 10:02 am, edited 1 time in total.
Reason: Added selecting sub-folders and corrected sequence

Paul Barrett
Posts: 38
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology DSM

Post by Paul Barrett » Tue Apr 10, 2018 12:58 pm

Steve wrote:
Mon Apr 09, 2018 2:55 pm
Then select the permission inspector and give read and write rights to system, http and users. Do not grant delete rights to these groups. Then give all rights to administrators.
Just to the web root folder? If I cascade these permissions down, we'll be back to inherited permissions?
Paul Barrett
pfbarrett.uk

Steve
Posts: 63
Joined: Sun Oct 01, 2017 3:08 pm

Re: Install TNG on a Synology DSM

Post by Steve » Tue Apr 10, 2018 3:09 pm

DO NOT change permissions on the web folder. Additionally the TNG folder should never inherit permissions from the web folder. So you should remove inherited permissions from the TNG folder. However, media folders inside the TNG folder can use inherited permissions. Using this permission structure phpMyAdmin is left as is and you are only working on the TNG folder and it’s sub-folders.
Change permissions on the TNG folder. Do not change permissions on the web folder.

Paul Barrett
Posts: 38
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology DSM

Post by Paul Barrett » Wed Apr 11, 2018 2:51 am

OK.

I found that Permissions Inspector would not let me apply any permissions. To set the correct permissions for TNG, I had to go to Advanced Options and select the option to Exclude Inherited Permissions, then create the permissions in the normal way.
Paul Barrett
pfbarrett.uk

Steve
Posts: 63
Joined: Sun Oct 01, 2017 3:08 pm

Re: Install TNG on a Synology DSM

Post by Steve » Wed Apr 11, 2018 9:07 am

This is the reason I use the chmod command to change permissions instead of DSM. Since the latest upgrade I started using DSM to change permissions. When you create a new folder inside the web folder permissions are automatically inherited. The inherited permissions give administrators full control and http read/write but the remaining groups and users have no permissions. These settings do not work for some programs. This is why I included a link to Synology for setting permissions using DSM. When you manually set permissions using chmod, it overrides the Synology settings.

Users should be careful when changing permissions they are unsure about. Incorrect entries can disable web station, phpMyAdmin or programs located in the web folder..

Paul Barrett
Posts: 38
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology DSM

Post by Paul Barrett » Wed Apr 11, 2018 11:18 am

Understood.

I'm uncomfortable with CLI solutions though - they are not for the faint-hearted or the relative novice. Like me. I could do untold damage with the best of intentions. So, whilst it may be more limiting, I prefer the constraints of DSM and the relative protections it provides. :)
Paul Barrett
pfbarrett.uk

Post Reply