How to Install Hemmelig on Your Synology NAS

How to Install Hemmelig on Your Synology NAS

The Hemmelig application is to be used to share encrypted secrets across organizations, or as private users. Hemmelig truly cares about your privacy, and will do everything to stay that way. In this step by step guide I will show you how to install Hemmelig on your Synology NAS using Docker.

💡Note: This guide works perfectly with the latest Hemmelig v5.19.6 release.

  • STEP 1

Please Support My work by Making a Donation.

  • STEP 2

Install Portainer using my step by step guide. If you already have Portainer installed on your Synology NAS, skip this STEP. Attention: Make sure you have installed the latest Portainer version.

  • STEP 3

Make sure you have a synology.me Wildcard Certificate. Follow my guide to get a Wildcard Certificate. If you already have a synology.me Wildcard certificate, skip this STEP.

  • STEP 4

Go to Control Panel / Login Portal / Advanced Tab / click Reverse Proxy. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 1 new 2024

  • STEP 5

Now click the “Create” button. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 2 new 2024

  • STEP 6

After you click the Create button, the window below will open. Follow the instructions in the image below.

On the General area, set the Reverse Proxy Name description: type in hemmelig. After that, add the following instructions:

Source:
Protocol: HTTPS
Hostname: hemmelig.yourname.synology.me
Port: 443

Check Enable HSTS

Destination:
Protocol: HTTP
Hostname: localhost
Port: 3510

Hemmelig Synology NAS Set up 3 new 2024

  • STEP 7

On the Reverse Proxy Rules click the Custom Header tab. Click Create and then, from the drop-down menu, click WebSocket. After you click on WebSocket, two Header Names and two Values will be automatically added. Click Save. Follow the instructions in the image below.

Synology Proxy WebSocket

  • STEP 8

Go to Control Panel / Network / Connectivity tab/ Check Enable HTTP/2 then click Apply. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 4 new 2024

  • STEP 9

Go to Control Panel / Security / Advanced tab/ Check Enable HTTP Compression then click Apply. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 5 new 2024

  • STEP 10

Go to File Station and open the docker folder. Inside the docker folder, create one new folder and name it hemmelig. Follow the instructions in the image below.
Note: Be careful to enter only lowercase, not uppercase letters.

Hemmelig Synology NAS Set up 6 new 2024

  • STEP 11

Now create two new folders inside the hemmelig folder that you created at STEP 10 and name them db and upload. Follow the instructions in the image below.
Note: Be careful to enter only lowercase, not uppercase letters.

Hemmelig Synology NAS Set up 7 new 2024

  • STEP 12

Right click on the hemmelig folder that you have previously created at STEP 10 then click Properties. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 8 new 2024

  • STEP 13

Go to the Permission tab then click Advanced options. From the drop-down menu choose “Make inherited permissions explicit“. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 9 new 2024

  • STEP 14

Select Everyone then click the Edit tab. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 10 new 2024

  • STEP 15

Check all Read and Write Permissions. Click Done. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 11 new 2024

  • STEP 16

After you click Done on STEP 15, check “Apply to this folder, sub-folders and files“. Click Save. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 12 new 2024

  • STEP 17

Log into Portainer using your username and password. On the left sidebar in Portainer, click on Stacks then + Add stack. Follow the instructions in the image below.

1 Synology Portainer Add Stack

  • STEP 18

In the Name field type in hemmelig. Follow the instructions in the image below.

Note: Copy Paste the code below in the Portainer Stacks Web editor.

version: "3.9"
services:
    hemmelig:
        image: hemmeligapp/hemmelig:latest
        container_name: Hemmelig
        hostname: hemmelig
        init: true
        volumes:
            - /volume1/docker/hemmelig/upload:/var/tmp/hemmelig/upload/files
            - /volume1/docker/hemmelig/db:/home/node/hemmelig/database/
        environment:
            - SECRET_LOCAL_HOSTNAME=0.0.0.0
            - SECRET_PORT=3000
            - SECRET_HOST=hemmelig.yourname.synology.me
            - SECRET_ROOT_USER=marius
            - SECRET_ROOT_PASSWORD=iamroot # The admin user password (Change this only after the first sign in! Do NOT change now!!!)
            - SECRET_ROOT_EMAIL=yourown@email
            - SECRET_FILE_SIZE=4 # Set the total allowed upload file size in mb
            - SECRET_FORCED_LANGUAGE=en # Set the default language for the application. de for German, it for Italian, fr for French.
            - SECRET_JWT_SECRET=MariushostingMariushostingMari13
            - SECRET_MAX_TEXT_SIZE=1024 # The max text size for the secret. Is set in kb. i.e. 1024 for 1024kb
        ports:
            - 3510:3000
        stop_grace_period: 1m
        restart: on-failure:5

Note: Before you paste the code above in the Web editor area below, change the value for SECRET_HOST and type in your own synology.me DDNS without https:// at the beginning that you have previously created at STEP 6.
Note: Before you paste the code above in the Web editor area below, change the value for SECRET_ROOT_USER and type in your own username. marius is an example for an username you should use your own username.
Note: Before you paste the code above in the Web editor area below, change the value for SECRET_ROOT_EMAIL and type in your own email address.
Note: Before you paste the code above in the Web editor area below, change the value for SECRET_FORCED_LANGUAGE and set your default language. en is for English, de is for German, fr is for French etc.
Note: Before you paste the code above in the Web editor area below, change the value for SECRET_JWT_SECRET and add your own JWT SECRET. MariushostingMariushostingMari13 is an example for a JWT SECRET. You should invent your own Value. Add 32 random characters, both letters and numbers.

Hemmelig Synology NAS Set up 13 new 2024

  • STEP 19

Scroll down on the page until you see a button named Deploy the stack. Click on it. Follow the instructions in the image below. The installation process can take up to a few minutes. It will depend on your Internet speed connection.

Hemmelig Synology NAS Set up 14 new 2024

  • STEP 20

If everything goes right, you will see the following message at the top right of your screen: “Success Stack successfully deployed“.

Hemmelig Synology NAS Set up 15 new 2024

  • STEP 21

Go back to STEP 1 or you will deal with karma 🙂.

  • STEP 22

Now open your browser and type in your HTTPS/SSL certificate like this https://hemmelig.yourname.synology.me that you have previously created at STEP 6. In my case it’s https://hemmeligh.mariushosting.synology.me If everything goes right, you will see the Hemmelig page. At the top right of the page click on the 3 horizontal lines. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 16 new 2024

  • STEP 23

Click Sign in. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 17 new 2024

  • STEP 24

Type in your own username that you have previously created at STEP 18 and the default password which is iamroot. Click Sign in. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 18 new 2024

  • STEP 25

On the left sidebar click Account settings. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 19 new 2024

  • STEP 26

Type in your current default password which is iamroot then type in your new password, then click Update details. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 20 new 2024

  • STEP 27

Disable user registration. On the left sidebar click Instance settings. Check Disable user account creation then click Update settings. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 21 new 2024

  • STEP 28

Add your own message, title, upload files, choose max views, add a password, restrict an IP or entire CIDR. Choose the Lifetime message. Click Create a secret link. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 22 new 2024

  • STEP 29

Copy your own link then share the link with your public. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 23 new 2024

  • STEP 30

Click View the secret to view the secret message if you have previously created a password at STEP 28. Follow the instructions in the image below.

Hemmelig Synology NAS Set up 24 new 2024

  • STEP 31

Your secret page at a glance!

Hemmelig Synology NAS Set up 25 new 2024

Enjoy Hemmelig!

🆘TROUBLESHOOTING

If you encounter issues by using this container, make sure to check out the Common Docker issues article.

Note: Find out how to update the Hemmelig container with the latest image.
Note: Can I run Docker on my Synology NAS? See the supported models.
Note: How to Back Up Docker Containers on your Synology NAS.
Note: How to Free Disk Space on Your NAS if You Run Docker.
Note: How to Schedule Start & Stop For Docker Containers.
Note: How to Activate Email Notifications.
Note: How to Add Access Control Profile on Your NAS.
Note: How to Change Docker Containers Restart Policy.
Note: How to Use Docker Containers With VPN.
Note: Convert Docker Run Into Docker Compose.
Note: How to Clean Docker.
Note: How to Clean Docker Automatically.
Note: Best Practices When Using Docker and DDNS.
Note: Some Docker Containers Need WebSocket.
Note: Find out the Best NAS Models For Docker.
Note: Activate Gmail SMTP For Docker Containers.

This post was updated on Saturday / February 24th, 2024 at 6:40 AM