Wireguard and Netmaker on Synology

This post is meant for people who already have Netmaker server set up- something that is covered pretty well in the documentation and also on Youtube.
If you want to add an Intel based Synology device to your existing Netmaker network with Netclient, read on!

First install Wireguard

There are some prebuilt binaries here, but not for DSM 7. I used the instructions to build a Docker container and leverage it to build the DSM 7 binaries, however it failed at the last step saying there ‘platform not available’. This hints that the script for my architecture was missing or wrong and I never got it sorted.

Luckily there is this fork, but that didn’t help much. What eventually did was finding that some kind soul had made the packages here.

Log in to your Synology, go to Control Panel/ Info and find your CPU.
For instance a DS1819+ has an INTEL Atom C3538, and when we google this, we find it’s a ‘Denverton’ CPU. So go to the link above and download the Denverton bundle. Unarchive it according to instructions (don’t just double click on a Mac, you’ll get a bunch of files and folders, not an installable .spk bundle
gzip -d  /Users/myaccount/Downloads/WireGuard-denverton-1.0.20210606.spk.gz
and upload it to your Synology device-
Package Centre/ Manual Install
Untick the ‘start after install’. It may show in DSM as needing ‘repair’ but what you have to do is this-

log in to your Synology with SSH and run
sudo /var/packages/WireGuard/scripts/start

Installing Netclient

Now we have to install the NetMaker Netclient. See correct version for your architecture here– we need the standard ‘netclient’ as it’s for most linux distros. SSH in,  create a directory inside /etc for netclient and download it directly-

mkdir etc/netclient && curl -L https://github.com/gravitl/netmaker/releases/download/v0.14.5/netclient --output /etc/netclient/netclient

Make it executable
chmod a+x etc/netclient/netclient
Now, either make sure you’re in the /netclient directory, or ‘cd /’ to go back to root directory so the next command will work…
Now you need to invoke the installer to create netclient.service set persistence etc.
netclient install
and run it with your join code
sudo netclient join -t <your_token>

You should see a bunch of text confirming your connection has come up!

Troubleshooting

To start manually

 systemctl start netclient.service

To stop manually

 systemctl stop netclient.service

To check the status of the service use

systemctl status netclient.service

Enable the service to start automatically every boot ( you won’t need to do this if installed correctly)

systemctl enable netclient.service

Upgrading an existing Install 

Not covered here- I deleted everything and started again to move from 0.9.4 to 0.14.5. it’s theoretically possible, but watch out for breaking changes that occurred in between the versions you are upgrading. It would be VERY difficult to go from 0.9.4 to 0.14.5 and still have a healthy install.

Re-installing v0.14.5

I deleted my networks and nodes before upgrading from 0.9.4 to 0.14.5, so the Synology node was probably calling the main node and unable to communicate. This means I really just needed to make it go quiet before replacing with the new binary. This is also the reason for the new join command- you shouldn’t need a new join command if simply upgrading.

Uninstall and re-Install

sudo netclient uninstall
cd /
mkdir etc/netclient && curl -L https://github.com/gravitl/netmaker/releases/download/v0.14.5/netclient --output /etc/netclient/netclient

chmod a+x etc/netclient/netclient

sudo etc/netclient/netclient join -t <your_token>

Recent posts