Skip to main content

Synology NAS Setup

Synology NAS Setup

Last Updated: 2025-12-26
Status: Production
Source: infrastructure-migration-nas-gpu.md + network inventory

Overview

Synology DS224+ NAS provides network-attached storage and services for the BlueFly Agent Platform. Currently accessible via Cloudflare Tunnel for public access, with potential Tailscale integration for private access.

Hardware Specifications

Synology DS224+

  • CPU: Intel Celeron J4125 4-Core 2.0 GHz
  • RAM: 2GB DDR4 (upgradeable to 6GB)
  • Network: 2x RJ-45 1GbE LAN Ports
  • Storage: 12TB total (2x 6TB WD Red Plus drives)
  • RAID: Synology Hybrid RAID (SHR) - 1 disk redundancy
  • Expected Capacity: ~5.4TB usable (after RAID overhead)

Current Configuration

Network Configuration

  • Local IP: 192.168.68.60
  • Port: 5001 (HTTPS - Web interface)
  • Network: 192.168.68.0/24 (different from agent network 192.168.8.0/24)
  • Access Method: Cloudflare Tunnel
  • Public Route: nas.blueflyagents.com https://192.168.68.60:5001
  • Tailscale: NOT currently on Tailscale network

Cloudflare Tunnel Route

DomainServiceStatus
nas.blueflyagents.comSynology NAS (192.168.68.60:5001)Active

Network Integration

Current Setup

The NAS is on a different subnet (192.168.68.x) than the agent network (192.168.8.x). This may be intentional for network segmentation or may need to be moved to the agent network.

Tailscale Integration (Planned)

Status: Not yet implemented

Planned Configuration:

  • Install Tailscale on Synology DSM
  • Assign Tailscale IP (e.g., 100.116.110.124)
  • Tag: tag:nas-storage
  • Enable subnet routing for NAS IP range (if needed)

Benefits:

  • Private access via Tailscale mesh
  • No public exposure required
  • Secure access from anywhere on Tailscale network

GL-iNet Router Configuration

Current: NAS on 192.168.68.x network Recommended: Move to Bluefly-Agents network (192.168.8.0/24)

If Moving to Agent Network:

  • Connect NAS to Bluefly-Agents network
  • Static IP assignment: 192.168.8.10 (recommended)
  • Ensure NAS is accessible via Tailscale mesh

Storage Configuration

Volume Setup

  1. Create Storage Pool (SHR with 1 disk redundancy)
  2. Create Volume: k8s-storage (~4TB)
  3. Create Shared Folders:
    • k8s-pv - Kubernetes persistent volumes (NFS)
    • k8s-backups - Backup storage
    • docker-registry - Container image storage
    • model-cache - ML model cache

NFS Configuration (For Kubernetes)

Status: Planned (not yet implemented)

Configuration:

  • Enable NFS v4.1
  • Create NFS shares for Kubernetes
  • Configure access control:
    • Allow: 192.168.8.0/24 (Bluefly-Agents network)
    • Allow: 100.108.129.7 (Mac M4 Tailscale IP)
    • Allow: 100.108.180.36 (Mac M3 Tailscale IP)
    • Root squash: Enabled
    • Async: Enabled (performance)

Kubernetes StorageClass:

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: synology-nfs
provisioner: nfs.csi.k8s.io
parameters:
  server: 192.168.8.10  # After moving to agent network
  share: /k8s-pv
  mountOptions: "nfsvers=4.1,async"
volumeBindingMode: Immediate
allowVolumeExpansion: true

SMB Configuration (Optional)

  • Enable SMB for direct file access
  • Create shares for development files
  • Access via Tailscale mesh network

Services Running on NAS

Status: To be documented

Planned Services:

  • Web interface (port 5001)
  • NFS server (for Kubernetes)
  • SMB server (for file access)
  • Backup services
  • Additional services TBD

Migration Plan

Phase 1: Network Integration

  1. Determine Network Location:

    • Why is NAS on 192.168.68.x instead of 192.168.8.x?
    • Should NAS be moved to agent network?
    • Document decision

  2. Tailscale Integration:

    • Install Tailscale on Synology DSM
    • Configure with appropriate tags
    • Test connectivity via Tailscale

Phase 2: Storage Migration

  1. NFS Setup:

    • Configure NFS shares
    • Install NFS CSI driver in Kubernetes
    • Create StorageClass
    • Test connectivity

  2. Data Migration:

    • Migrate Kubernetes persistent volumes to NAS
    • Services to migrate:
      • PostgreSQL (10Gi)
      • MongoDB (10Gi)
      • Qdrant (20Gi)
      • MinIO (20Gi)
      • Neo4j (10Gi)
      • ClickHouse (10Gi)
      • Redis persistence (5Gi)
    • Total: ~85Gi NAS

Phase 3: Backup Configuration

  1. Synology Hyper Backup:

    • Configure to cloud storage (S3, Backblaze, etc.)
    • Schedule daily backups
    • Retention: 30 days daily, 12 months monthly

  2. Kubernetes Backup:

    • Use Velero or similar
    • Store backups on NAS
    • Automated daily backups

Current Status

  • Accessible via Cloudflare Tunnel (nas.blueflyagents.com)
  • Not on Tailscale network (determine if private access needed)
  • Different subnet (192.168.68.x vs 192.168.8.x) - document why
  • Services running on NAS - document all services
  • NFS not yet configured for Kubernetes

Questions to Answer

  1. Network Location: Why is NAS on 192.168.68.x instead of 192.168.8.x?
  2. Tailscale Integration: Should NAS be on Tailscale for private access?
  3. Services: What services are currently running on the NAS?
  4. Storage Migration: When should Kubernetes volumes be migrated to NAS?
  5. Additional Routes: What other services can be exposed via Cloudflare Tunnel?

Related Documentation