Skip to main content

How to Install RustDesk on Your Synology NAS

RustDesk is a remote desktop software, the open source TeamViewer / AnyDesk alternative. You have full control of your data, with no concerns about security since it only sends data to a server that you setup. You can use a public rendezvous/relay server or self-host one. In this step by step guide I will show you how to install RustDesk on your Synology NAS using Docker and DSM 7.2 I've based a significant amount of this guide on guides. First, Follow the following 4 guides: Step 0: Docker, Memory Recommendations and Limitations Step 1: Directory Setup Guide Step 2: Setting up a restricted Docker user Step 3: Setting up a Docker Bridge Network Following these guides will give you a nice Docker folder structure, a restricted user to run your containers on (this is more secure) and a dedicated network for your containers. Lets Begin First we need to set up some folders for RustDesk to save its configuration files and also where the Project will save th

Oxidized Quickstart

Oxidized is a "RANCID replacement" that has taken on a life of it's own.  Designed to automatically store, compare, and log configuration files from network based equipment.

I've never used RANCID, or rConfig, or Sweet, but I wanted to more than a fileshare of all the latest configs of our devices, which is what we were doing.

Oxidized the seemed the easiest to setup.

Here is how I setup one up from scratch.


  1. Setup an Ubuntu server.  I used 16.04.2, the LTS version available at the time.
    • When asked to create a user, make it oxidized
    • Set the timezone as UTC
    • Run apt-get update and get everything current.
  2. Install dependancies
    sudo apt-get install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake libssh2-1-dev
  3. Install oxidized.
    sudo gem install oxidized
  4. Install oxidized web front endsudo gem install oxidized-script oxidized-web
  5. run oxidized with no args.  This will create all the required directories, with a sample config in it.


  1. Edit the /home/oxidized/.config/oxidized/config to customize your system.
I've inserted comments with the // before them.  This is not a valid operator, so don't attempt to use them. This is more to identify the places that you need to replace the defaults.  I'm not pretending to know what all of these settings mean, but I'm identifying the ones to change.  I don't recommend changing the other defaults unless you have a good reason. (for example, the thread counts)

  1. Copy the file from extras to /lib/systemd/system/
    sudo cp /var/lib/gems/2.3.0/gems/oxidized-0.19.0/extra/oxidized.service /lib/systemd/system
  2. Set the service to start at boot
    sudo systemctl enable oxidized.service
That should give you a fully functional Oxidized instance running. You can only access it from localhost.

Wait...  What?  You want authentication?  HTTPS?  Oxidized doesn't support that natively.  The preferred suggestion seems to be:
  • Run an NGINX instance on the same host, configured for HTTPS and authentication
  • Configure Oxidized to only answer queries. (This is Oxidized's default configuration)

Setup a NGINX forward proxy to enable SSL

  1. Add nginx-extras
    apt-get install nginx-extras
  2. Remove the default site, and copy the example oxidized configuration to NGINX
    sudo rm /etc/nginx/sites-enabled/default
    sudo cp /var/lib/gems/2.3.0/gems/oxidized-0.19.0/extra/oxidized.nginx /etc/nginx/sites-enabled/default
  3. Edit the site config, and enable SSL
    sudo vi  /etc/nginx/sites-enabled/default
  4. Create the directory to hold the SSL certs
    sudo mkdir /etc/nginx/ssl
  5. Create the SSL certificates
    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
  6. sudo systemctl reload nginx
Your site show be available to both http and https connections now.

Configure NGINX to enable LDAP auth

  1. Install Prereq's
    sudo apt-get install nodejs npm
    sudo apt install nodejs-legacy
  2. Create unprivelged user
    useradd --shell /sbin/nologin -m nginx-auth
  3. Clone the nginx-auth repository
     sudo -u nginx-auth -H git clone
  4. Installing NPM Packages
    cd /home/nginx-auth/nginx-auth
    sudo -u nginx-auth -H npm install
    (Note, i had issues with NPM, had it install it twice)
  5. Copy and edit the configuration file
    sudo -u nginx-auth -H cp config/default.json.dist config/default.json
    sudo -u nginx-auth -H vi config/default.json

  1. Install the LDAP Pam module
    sudo apt-get install libpam-ldapd
  2. Create the LDAP config File
    sudo vi /etc/pam.d/nginx_restricted

    auth    required     /lib/x86_64-linux-gnu/security/ onerr=fail item=user \                     sense=allow file=/etc/nginx/restricted_users
    auth    required     /lib/x86_64-linux-gnu/security/
    account required     /lib/x86_64-linux-gnu/security/
  3. Create the list of allowed groups
    sudo vi /etc/nginx/restricted_users


  1. Hi Michael,

    Just wanted to say big thank you for your tutorial here! On a side note. Steps 6 and 7 are missing for nginx ldap auth. Can you update it? THANKS again!


Post a Comment

Most Popular Posts

First Post!

In August 1999, I bought my own domain name, .  This domain name. Over the years I've used a variety of blogging software. Initially I did all the website design myself, hand crafting the HTML myself. I even had one of those *Designed by Notepad* buttons. I still have one of the custom drop cap letters I made. Yea, it's really hard to see, because it's White text.  My first website, like most all bad websites of the early 2000, was black theme.  I ran the website off my computer in my room. I quickly tired of this, and moved onto a Blog software platform.  You used an actual program program, (I don't remember it's name) and you would type up your entry, then upload it to the website.  That tired quickly, as the software was at home, and most entries, then as now, revolved around work. Then I discovered FreeGuppy .  It was online CMS platform, and it was nearly perfect, for almost five years.I even developed some plugin's for the product. A