Install TNG on a Synology NAS

steven
Posts: 133
Joined: Sun Oct 01, 2017 3:08 pm

Install TNG on a Synology NAS

Post by steven »

Requirements:
Synology Disk Station running DSM 6.0 or above (Manual permission instructions are included for older versions)
TNG (The Next Generation of Genealogy Sitebuilding) Version 11.0 or above
Terminal Emulator Software is optional unless your are setting permissions manually

Install the following Synology packages
Web Station
phpMyAdmin (Note phpMyAdmin will automatically install MariaDB)
After installing both packages start MariaDB.
When MariaDB starts you must create a password.
The MariaDB password is the same password you will use for phpMyAdmin.

Setup a MariaDB database
Login to phpMyAdmin using the username root and your MariaDB password.
When phpMyAdmin starts you will see a screen like the one below.

Image

Select the User Account tab and the following screen appears. Then select the Add User Account option shown at the red arrow below.

Image

On the user account page enter the user name, host name and password.
The user name is the name you want to give TNG to access the database.
In his example the database name will be the same as the username.
TNG uses a user name and a password to access the database.

Image

For the Host Name select local from the pull down menu.
Enter a password you want to use for your database and re-type to confirm. You can use special characters but avoid using the following characters: ampersand, single quotes, double quotes or slashes.
This is the password TNG will use to access the database. It IS NOT the MariaDB password. You can select Generate to have phpMyAdmin create a password as well. Make sure you copy and paste or write down the password somewhere safe. You will need it to connect TNG to the database.
Check the box Create database with same name and grant all privileges.

Image

You do not need to grant the TNG user global privileges however privileges can always be changed later if you want this user to access another database.

If you want to use SSL enable it on your Disk Station. Enabling SSL on the database may prevent TNG from connecting to the database correctly.
When finished select the Go button at the lower right of the screen.

To check the new user has the correct privileges, select the home button in phpMyAdmin and select the User accounts tab.
Locate the new user you just created and select edit privileges.

The line at the top should look something like:
User account 'tngusername'@'localhost' - Database tngdatabasename
Select the database button and select edit privileges again.
Verify all boxes are checked. You do not need to check the grant box, under administration. It is not necessary for TNG. It enables this user to add users and privileges without reloading the privilege tables.

Remember to select the go button if you make any changes so they are accepted.
The empty database is created and ready so Close phpMyAdmin.




Extract the TNG files to your Synology DSM
The installation of Web Station creates a shared folder called "web" on the Synology DSM. This folder is the "root" for all your web pages. If you are only going to run TNG, you can install it in the web or root folder. If you are going to run more than one website you must install each software package in a unique folder.

For example if you install the Synology version of WordPress, the installation creates a WordPress sub-folder inside the web folder automatically.
If you are not going to use WordPress or additional software you can install TNG in the "root" or web folder. The advantage of a "root" installation is you do not need to create any code or type a long URL to load TNG so when someone visits your site TNG starts automatically.

However, if you later decide to create additional pages you will have to either move TNG to a sub-folder, modify the TNG index file you are using so you can access those additional pages or use the folder name in your URL.
In this example we will explain both installation types.

Regardless of where you decide to install the TNG files, you must either use a virtual host or delete, rename or modify the Synology index.html file created when Web Station was installed. This is the same index file that welcomes you to Synology Web Station and tells you Web Station is not setup yet. TNG loads from an index.php file and browsers look for the index.html first. If TNG is in the web folder the TNG file will not load if the Synology index file is present and you will get the Synology Web Station message. None of the files or folders Synology creates in the web folder are necessary to run your website and can be moved or deleted. Keep in mind if you move or delete these files and try to access the root of your site with no index file, you will get a 404 error. Don't panic you get the error because you have nothing in the root folder for a browser to load.

If you install TNG in a sub-folder, the folder name will be used in your URL to access TNG unless you create a virtual host.
If you are using another front end, like WordPress, this won't apply because you create a link to TNG. In any case this information applies to any additional software or pages you add to your site. So if you name the folder “genealogy” your URL will be:
http://www.yourdomainname/genealogy/

If you install TNG in the folder "genealogy", and use a virtual host, your URL will be:
http://www.yourdomainname/

If you install TNG in the root your URL will be:
http://www.yourdomainname/

There are a couple of ways to extract the files to you Synology NAS. The BEST method is use DSM's File Station to create the TNG folder and extract the files. When you use this method permissions for web access are set by DSM, so you will not need to set file permissions. To use this method, log in to DSM and go to File Station. If you are going to use a sub-folder, use File Station to create the TNG folder inside the web folder, then copy the TNG ZIP file to the web or TNG folder you create inside the web folder. Using File Station, locate the TNG ZIP file and right click on it and select Extract.

Image

Move the mouse pointer to extract here and select that option.

Image

Once the files are extracted you can set up TNG, making sure you skip setting permissions as DSM will have set those automatically.
Once setup is complete you can delete the ZIP file and check permissions by going to the admin section, select Setup and then the Diagnostics Tab.

If you prefer setting permissions manually, use your Windows or MAC to extract the files to your Synology. Hopefully you set up DSM so your computer has local access. If not login to DSM and select File Services. On the SMB/AFP/NFS tab, enable the SMB service. Click the Advanced tab and enable WS-Discovery for Windows or Bonjour for MAC. This allows you to access your NAS over the local network. Run the security advisor, from the main menu, ensure file services are not exposed to the internet. If they are exposed, disable the appropriate ports. Now use the Synology Assistant, Windows Explorer or MAC Finder to map the web folder as a drive on your PC or MAC. If you do not enable these services, you will have to enable FTP and use FTP software to extract the files the same as using a host system on the internet.

Extract the TNG.zip file to the folder where you want to install the TNG program.
When finished there will be about 19 TNG folders and about 1604 files. This is why installing in a folder is easier if you are going to have additional web pages. The root can get pretty cluttered and hard to navigate with so many files and folders.




Setup PHP on your Synology DSM
Login to DSM and go to web station.
Select General Settings

Image

Select HTTP back-end server:
From the pull down select either Apache (2.2 or 2.4) or NGINX
Select PHP settings
From the pull down select the php version
Then select Apply

Select PHP settings
(You may have multiple versions of PHP installed)
From the pull down select the PHP version.
Make sure the Enable PHP cache and Enable display_errors to display PHP error message are checked
Scroll down the extensions and check all the boxes except dba, pdo_dblib, pdo_sqlite, pg_sql, soap, sqlite3, ssh2 and wddx then select Apply

Image

While TNG does not require every extension, other software may require extensions not used by TNG. When you uncheck a box that extension is disabled and if it is required by other software, it will no longer function.




Setup a Virtual Host on your Synology DSM (Optional)
The virtual host is optional because if you install TNG in the root directory you will not need a Virtual Host. The TNG program will start automatically.
If you install TNG in a sub-folder, you can create a link in the root folder index file, or in a front end program to point to the TNG program. Here is example code to create a link in an index file or WordPress text widget to point to your TNG page:
<a href="http://www.yourdomainname/TNGfoldername">Name you want displayed</a>;
However a Virtual host will point directly to your TNG program without the need for links.
To set up a Virtual Host login to DSM and select Web Station
Select Virtual Host
Select Create

Image

Enter the domain name using lower case letters.
Select which port you want to use otherwise leave the default.
Note you do not need to change the default port from 80/443 even if you decide to use SSL on your website.
Change this port only if you want to setup alternate ports to access your server.
Changing these ports may disable access to your web pages depending on your ISP.
Use the browse button and select the TNG folder you created.
Select HTTP back-end server: (Usually Apache but nginx is also available)
Select PHP: and select the version of PHP you want to use.
Select OK to save your changes when complete.




Changing File Permissions with DSM (more info can be found in the Synology Knowledge Base)
If you create the TNG folder and extract the TNG files using File Station, permissions are set automatically. Synology DSM allows you to change folder and file permissions manually using File Station. To change permissions using DSM, log in to your DSM and go to File Station. Move to the folder where you installed TNG.
Right click the TNG folder you created earlier and select properties.

Image

Select the permission tab and then select adavanced options.

Image

Select the Make inherited permissisons explicit option and select OK

Image

The permissions should appear in the window. Check the http permissions as they may be read only. (Note there may be two http users)
If the permissions are read only, highlight the first http user and check the Apply to this folder sub-folder and files check box then select edit.

Image

When the permission editor window opens, enable all read and write permissions and select OK.

Image

After you save your changes the http group will display custom permissions as shown below.

Image


To test your permissions return to the TNG readme file on your browser and select next twice to move to the folders page. Select the backup folder, change the name and select the rename button. If it renames the file your permissions change was successful.
You can change the name back or leave the new name and proceed with Finish the TNG installation.

Note: a second http group may appear especially if you manually changed permissions or used advanced permissions for a user or group. In most cases you you will not need to change the second http user but always test permissions and if needed, you can enable permissions for the second http group.




Changing File Permissions Manually
Some older versions of DSM may not allow you to change permissions. In this case you must change permissions manually.
Changing file permissions is not difficult but you should be careful. You must use additional software to make the changes.
There are a number of software options but PuTTY works well so I will use PuTTY for this example.
Download PuTTY and install on your computer.

The free download can be found at PuTTY for Windows
MAC users can find alternatives to PuTTY at 28 Alternatives to MAC Putty or MAC Best Alternatives to PuTTY

Now you need to know where to go to change your file permissions, so login to your disk station. Open the control panel and select Shared Folder.
Locate the folder web and under this folder is the volume on which it is located. (This info will be used later)
Although it is not a requirement you should check your router and make sure internet access to your SSH port is disabled. If a mischievous person gets on your SSH port, they can wreak havoc on your system up to the point of denying you access or disabling your machine.

Login to your Synology Disk Station and go to control panel.
At the bottom of the tree (left side) select Terminal & SNMP.
Check Enable SSH service.
Change the port to something above 1024 (I do not use 22 as it is the default port) and then select apply.
Enabling SSH allows access to the internal workings of your Synology DSM. It is important to restrict access to the SSH port to prevent intrusions while it is enabled on your NAS. To secure DSM you should enable Auto Block. To enable this feature goto Control Panel -> Security -> Account. Set the permitted number of login attempts and the time period before blocking access. You can also enable block expiration to unblock an IP address automatically. If this feature is not enabled, the IP is blocked forever.

Image

Prevent locking yourself out by selecting the Allow/Block List.

Image

Select IP range and enter the IP address range for your LAN (Local Area Network) and select OK.

Image

Adding your LAN IP address range will prevent you from being blocked if you login incorrectly.

Image

Start PuTTY on your local computer. When PuTTY starts you will see the configuration screen. Do not worry about or change the categories on the left.
Enter the IP of your NAS on your local network. Which will probably something similar to 192.168.1.xx
Change the PuTTY port to the port you selected above to match your DSM port.
Make sure the connection type is SSH.
You do not need to make any other changes to PuTTY.
Select the Open button at the bottom.
If you connect, you will see the PuTTY screen which displays “login as:”
You must login with your Synology administrator account name and password.
Once you are logged in you will not have enough access so type sudo –i
And it will ask for your password again so re-type your administrator password. Now you have the correct access to make changes.

Go to the correct folder by typing: cd /volumename/web/tngfoldername
(the volumename will be the same name you looked up using the Shared Folder instructions above)
The command will look something like “cd /volume1/web/tngfoldername”
Note it is all lower case and there is a space between cd and /volume.
If you do not leave a space you won't change directories and you will get a “no such folder” error message. (Syntax is very important here)

If you have done this correctly PuTTY will display something like
“root@diskstationname:/volumename/web/tngfoldername”.
Now you are in the right place to change file permissions. You must give the following files read/write permissions:
adminlog.txt, config.php, genlog.txt, importconfig.php, logconfig.php, mapconfig.php, pedconfig.php, subroot.php, templateconfig.php and whatsnew.txt

Enter the following commands and press enter after each entry: (If you make a mistake PuTTY will display an error and you can re-enter the command. When Putty accepts the command the cursor moves to the next line)
chmod 666 adminlog.txt
chmod 666 config.php
chmod 666 genlog.txt
chmod 666 importconfig.php
chmod 666 logconfig.php
chmod 666 mapconfig.php
chmod 666 pedconfig.php
chmod 666 subroot.php
chmod 666 templateconfig.php
chmod 666 whatsnew.txt

The next set of files photos, histories, documents, headstones, media, gedcom, gendex and backups folders requires additional permissions.
Note that TNG states 755 may work on some sites but it does not work on a Synology DSM correctly so use the settings below.
Enter the following commands and press enter after each entry:
chmod 767 photos
chmod 767 histories
chmod 767 documents
chmod 767 headstones
chmod 767 media
chmod 767 gedcom
chmod 767 gendex
chmod 767 backups

If PuTTY excepted all your commands correctly type exit and press enter to get out of the admin mode.
Enter exit again and press enter again to close PuTTY.

Login to your disk station and go to control panel and select Terminal & SNMP and uncheck the SSH box and select apply.
This stops access to your SSH port.




Finish the TNG installation

Your permissions are set, so use your web browser to return to the Readme instructions to complete your TNG installation. To start the TNG installation you must load your new web page in a browser. DO NOT use a Windows or MAC explorer type program and DO NOT use the Synology QuickConnect feature because it connects to DSM not your web pages. You MUST use a browser.

To run locally type your local server IP address followed by /readme.html or /tngfoldername/readme.html
So it looks something like 192.168.1.15/readme.html or 192.168.1.15/tngfoldername/readme.html
To run or check web access, start your browser and enter: http://yourdomainname/readme.html or
http://yourdomainname/tngfoldername/readme.html depending on how you setup your web access.
The TNG readme page should appear. If the page does not appear check the spelling and IP address.
If you used a web address try checking the virtual host port and make sure your firewall or router does not block access to the port.

When the TNG readme page appears select Express Installation as shown below.

Image

Item 3 - Do not select the set permissions button because this will generate an error and the correct permissions were set earlier. (TNG cannot change file permissions on a Synology DSM.)

Item 4 - You should change the folder names per the TNG recomendations.

Item 5 - Select the default language and character set from the pull down menu.

Item 6 - The database connection settings are simple if you are using MariaDB 5.

Image

Enter the TNG. DATABASE NAME you created.
Then enter the TNG database USER NAME and PASSWORD you created earlier.

Select the Save and Verify Button. If you entered the information correctly TNG will display a message about the TNG connection status. If TNG does not connect, check your spelling for typos and verify the information used to create your MariaDB database.

If you want to use MariaDB 10, you must change the Host Name setting.

Image

You must change the Host Name to localhost:3307 or TNG will not connect to MariaDB 10. Changing the TNG Database Port and/or Database Socket will not work correctly on a Synology DSM.

Now there are only 3 more steps so you are nearly finished.

Image

Item 7 - Do not change the database collation unless you changed the default collation when the database was created. Select the Save and Create tables button. TNG will create all the necessary tables in the MariaDB database. TNG will display a status message when table creation is complete.

Item 8 - Create a user name and password for your access to TNG. You can use special characters but avoid using the following characters: ampersand, single quotes, double quotes or slashes. This should be different from all the other user names and passwords you have created. The first user you create will be the administrator. In the email field, enter the TNG admin email you want to use for user contact and select the Create User button. TNG should display a success status message.

Item 9 - If you like, you can enter another ID and the name for your tree. Select the Create Tree button. TNG should display a success status message.

When the installation is complete close and restart your web browser.

Enter http://www.yourdomainname or http://www.yourdomainname/tngfoldername and the TNG page should appear. Complete any additional TNG instructions.
When the TNG install is complete go to the admin home page, select setup and then the diagnostics tab.
Scroll down and check the status of each line.
If any lines show a yellow or red warning, check the warning information to determine the corrective action.
If you entered the permissions correctly you should not see any warnings.

Image

At this point you can enter people manually or import a GEDCOM.
Keep in mind if you import a very large GEDCOM it may take a while.
My GEDCOM is 80.86GB and it takes about twenty minutes to import.
TNG has a progress bar which works great in version 11.0.2 on the Synology DSM unless you are using SSL.

If you have questions about your TNG software contact TNG or check the TNG WIKI pages for help and information.

If you have technical questions about your Synology DSM contact Synology Tech Support or check the Synology Forums for help and additional information.

Last edited by steven on Sat Apr 04, 2020 4:36 pm, edited 6 times in total.
Paul Barrett
Posts: 82
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology NAS

Post by Paul Barrett »

There seems to be a conundrum with permissions.

After some experimentation it seems TNG won't install unless it has Full Control (i.e. incl admin rights) to certain folders, while phpMyAdmin throws a hissy fit and won't let you in if certain permissions aren't locked down to read only. These are incompatible views. I think the solution may be to flush full control down through the TNG folders whilst limiting the phpMyAdmin folder to read only. But with permissions being inherited from the \web root, it is not immediately apparent how to do this
steven
Posts: 133
Joined: Sun Oct 01, 2017 3:08 pm

Re: Install TNG on a Synology NAS

Post by steven »

DO NOT change permissions on the web folder. Additionally the TNG folder should never use inherited permissions from the web folder. So you should make inherited permissions explicit on the TNG folder and sub-folders. However, media folders inside the TNG folder can use inherited permissions. Using this permission structure phpMyAdmin is left as is and you are only working on the TNG folder and it’s sub-folders.

To change inherited permissions on the TNG parent login to DSM and select File Station. Navigate to the web folder then right click the TNG folder and select properties. Select the permissions tab and check the Apply to this folder, sub-folders and files box. Then the advanced tab and select the make inherited permissions explicit line. Then give all read and write rights to http. Then select administrators and select all rights for this group.
Last edited by steven on Fri Jul 06, 2018 10:02 am, edited 1 time in total.
Reason: Added selecting sub-folders and corrected sequence
Paul Barrett
Posts: 82
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology NAS

Post by Paul Barrett »

Steve wrote: Mon Apr 09, 2018 2:55 pm Then select the permission inspector and give read and write rights to system, http and users. Do not grant delete rights to these groups. Then give all rights to administrators.
Just to the web root folder? If I cascade these permissions down, we'll be back to inherited permissions?
steven
Posts: 133
Joined: Sun Oct 01, 2017 3:08 pm

Re: Install TNG on a Synology NAS

Post by steven »

DO NOT change permissions on the web folder. Additionally the TNG folder should never inherit permissions from the web folder. So you should remove inherited permissions from the TNG folder. However, media folders inside the TNG folder can use inherited permissions. Using this permission structure phpMyAdmin is left as is and you are only working on the TNG folder and it’s sub-folders.
Change permissions on the TNG folder. Do not change permissions on the web folder.
Paul Barrett
Posts: 82
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology NAS

Post by Paul Barrett »

OK.

I found that Permissions Inspector would not let me apply any permissions. To set the correct permissions for TNG, I had to go to Advanced Options and select the option to Exclude Inherited Permissions, then create the permissions in the normal way.
steven
Posts: 133
Joined: Sun Oct 01, 2017 3:08 pm

Re: Install TNG on a Synology NAS

Post by steven »

This is the reason I use the chmod command to change permissions instead of DSM. Since the latest upgrade I started using DSM to change permissions. When you create a new folder inside the web folder, using File Station, permissions are automatically inherited. The inherited permissions give administrators full control and http read/write but the remaining groups and users have no permissions. These settings may not work for some programs, although I have not found one yet. This is why I included a link to Synology for setting permissions using DSM. When you manually set permissions using chmod, it overrides the Synology settings.

Users should be careful when changing permissions they are unsure about. Incorrect entries can disable web station, phpMyAdmin or programs located in the web folder..
Paul Barrett
Posts: 82
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology NAS

Post by Paul Barrett »

Understood.

I'm uncomfortable with CLI solutions though - they are not for the faint-hearted or the relative novice. Like me. I could do untold damage with the best of intentions. So, whilst it may be more limiting, I prefer the constraints of DSM and the relative protections it provides. :)
Paul Barrett
Posts: 82
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology NAS

Post by Paul Barrett »

I am attempting a new, non wordpress, TNG installation.

I have followed the permissions in File Station process, but when I run the TNG installation I fall at step 3 with this error:

Snag_234e20b.png
Snag_234e20b.png (39.29 KiB) Viewed 133032 times
Any suggestions please? Shall I use PuTTY
Paul Barrett
Posts: 82
Joined: Sun Apr 08, 2018 6:52 pm

Re: Install TNG on a Synology NAS

Post by Paul Barrett »

It turns out that message was sourious. I ignored it an carried on and all the subsequent steps worked.

But the site would not run. Error 403

I repeated the installation. No dice.

On a hunch, i changed the php version back to php5.6

It worked. The site could now be accessed.

Then I went back into Web Station and reset php to php7.0

And the site continues to work

Snag_34bd712.png
Snag_34bd712.png (37.91 KiB) Viewed 133030 times
Post Reply