Although the DiskStation Manager (DSM) of Qunhui NAS is easy to operate, various tools can also be installed directly in the kit center. But if you already have some Linux systems, after you get used to using DSM, or understand what NAS is, you will find that for many operations, it is better to click commands directly in the shell (command line interface). Take the most frequently used shell operation on NAS: install the Docker container. What is worth buying In most articles on, besides teaching you to install containers with Docker panel, some tutorials also teach you to install containers with Docker CLI command line after connecting SSH. Docker CLI installation is certainly possible, but I think this posture is neither elegant nor convenient, so I wrote an article《 It turns out that Qunhui can also use Docker Compose! 》It is used to briefly introduce the use of Compose - of course, Compose also needs to execute the commands to pull images, start and close images in the shell. Later, DSM 7 updated the Docker panel (now called the Container Manager) and supported the Compose function, but it is still docker compose up -d
Better. This is more obvious when the NAS performance is weak. The Docker panel will crash due to the large number of containers.
In addition to deploying containers, other Linux commands can be executed in the shell, such as using tree
List directory tree, use kill
Command to kill the background program and so on. In other words, if you can make full use of the shell of DSM, you can give full play to its functions as Linux, so as to obtain a completely different use experience from the DSM web side.
But also because DSM is a magic Linux, the default shell is hard to use, even a package management tool like Debian or Ubuntu APT
None. Installing Zsh or even Git is a problem. However, don't be afraid. The task of this article is to lead you to clear your mind, optimize the DSM shell as much as possible under the existing conditions, so as to avoid some detours as much as possible.
Enable home directory
Before we start, we need to enable user folders. Because it is not safe to use the root user, it is necessary to develop the habit of using individual users with non root permissions to operate shells.
In Control Panel - Users and Groups - Advanced Settings, check Start Home Directory Service. Enabling this option will automatically create a personal "home" folder for each user. All users' personal folders are named "home" and located in the "homes" folder. In this way, in addition to root
When installing ohmyzsh, other users will not receive an error that the directory does not exist. Each user can also configure his own Zsh.
Login shell
I will not repeat the major premise of enabling SSH function.
Open the Windows terminal, and first use the command to confirm whether the SSH client is installed:
ssh -V
If you output the version number, you can continue. Otherwise, you need to install OpenSSH Client and OpenSSH Server in System Optional Functions Add Optional Functions.
Then enter ssh username@ip -p port
SSH connected to NAS. Suppose the NAS IP is 192.168.31.2, the SSH port is set to 1234, the user is your current user name, such as mikusa, and the specific commands to connect to SSH are:
ssh mikusa@192.168.31.2 -p 1234
This will pop up Are you sure you want to continue connecting (yes/no/[fingerprint])?
Prompt for, entering yes
Then enter your user password to connect to SSH. Since the password is invisible when entering, the password can be copied, pasted by right clicking in the terminal, and then entered.
Configure Shell
Install Zsh
Z Shell, also known as Zsh, is a very popular command interpreter in Linux systems. The function is much more powerful than the command interpreter provided by Groupware, and supports other functions such as automatic completion. and ohmyzsh It is a management tool of Zsh. You can install themes for Zsh and configure plug-ins developed by other communities. The main purpose of this article is to make Qunhui use Zsh.
Because Qunhui cannot be used sudo apt install zsh
To install Zsh, some communities have packaged it into a package. We just need to install the package.
Open the Crowd Light Kit Center, click Settings, select Kit Source, and click Add. The name is optional. In the " position ", fill in the following links:
https://packages.synocommunity.com
Wait a moment after application, or restart the Kit Center to see the new "Community" menu. Search for zsh and install Z shell (with modules).
Because DSM does not chsh
Command, so use another method to switch the shell to zsh.
After logging in to SSH, edit the .profile
File:
vim ~/.profile
If the file exists, add the following content at the bottom; If there is no such file, vim
This file will be created automatically, and the following contents will be pasted directly:
if [[ -x /usr/local/bin/zsh ]]; then export SHELL=/usr/local/bin/zsh exec /usr/local/bin/zsh fi
Some simple vim uses are: input i
Start editing, right-click to paste, press ESC
Key to exit editing, type :wq
Save, type :qa
Undo the edit and exit.
It will be used later git
Command, so install Git as well!
Install oh my zsh
Due to various network reasons, the success probability of automatically installing ohmyzsh using official scripts is too low, so it is changed to manual installation.
Open the terminal, log in to SSH, and clone the ohmyzsh repository:
git clone https://github.com/ohmyzsh/ohmyzsh.git ~/.oh-my-zsh
If the warehouse cannot be cloned due to network problems, please Using Mirrors , for example https://mirror.ghproxy.com/ 。 When used in https://github.com Add the link before.
Change the original command to:
git clone https://mirror.ghproxy.com/https://github.com/ohmyzsh/ohmyzsh.git ~/.oh-my-zsh
It will not be repeated below.
Create a new zsh configuration file:
cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc
Overload configuration:
source ~/.zshrc
If the root user is used to operate, the installation of Zsh and ohmyzsh is over. When non root users install to this step, they may be prompted as follows:
[oh-my-zsh] Insecure completion-dependent directories detected: drwxrwxrwx+ 1 mikusa users 388 Feb 12 18:39 /var/services/homes/mikusa/.oh-my-zsh [oh-my-zsh] For safety, we will not load completions from these directories until [oh-my-zsh] you fix their permissions and ownership and restart zsh. [oh-my-zsh] See the above list for directories with group or other writability. [oh-my-zsh] To fix your permissions you can do so by disabling [oh-my-zsh] the write permission of "group" and "others" and making sure that the [oh-my-zsh] owner of these directories is either root or your current user. [oh-my-zsh] The following command may help: [oh-my-zsh] compaudit | xargs chmod g-w,o-w [oh-my-zsh] If the above didn't help or you want to skip the verification of [oh-my-zsh] insecure directories you can set the variable ZSH_DISABLE_COMPFIX to [oh-my-zsh] "true" before oh-my-zsh is sourced in your zshrc file.
Follow the prompts and type the following command to repair:
compaudit | xargs chmod g-w,o-w
Install the Zsh plug-in
Zsh has a bunch of useful plug-ins, but I only use these two at present: zsh-syntax-highlighting
and zsh-autosuggestions
。
zsh-syntax-highlighting
As the name implies, it is a plug-in with highlighted code. Use the git command to install:
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
zsh-autosuggestions
It is a command completion plug-in:
git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
Install autojump
Here I also use a function to automatically jump to the history directory autojump , also manual installation:
git clone https://github.com/wting/autojump.git
Enter directory:
cd autojump
Execute the installation script on the premise that Zsh has been used as the shell, otherwise an error will be reported:
./install.py
After execution, the installation process will be output:
$ ./ install.py Installing autojump to /var/services/homes/mikusa/.autojump ... creating directory: /var/services/homes/mikusa/.autojump/bin creating directory: /var/services/homes/mikusa/.autojump/share/man/man1 creating directory: /var/services/homes/mikusa/.autojump/etc/profile.d creating directory: /var/services/homes/mikusa/.autojump/share/autojump copying file: ./ bin/autojump -> /var/services/homes/mikusa/.autojump/bin copying file: ./ bin/autojump_argparse.py -> /var/services/homes/mikusa/.autojump/bin copying file: ./ bin/autojump_data.py -> /var/services/homes/mikusa/.autojump/bin copying file: ./ bin/autojump_match.py -> /var/services/homes/mikusa/.autojump/bin copying file: ./ bin/autojump_utils.py -> /var/services/homes/mikusa/.autojump/bin copying file: ./ bin/icon.png -> /var/services/homes/mikusa/.autojump/share/autojump copying file: ./ docs/autojump.1 -> /var/services/homes/mikusa/.autojump/share/man/man1 creating directory: /var/services/homes/mikusa/.autojump/etc/profile.d creating directory: /var/services/homes/mikusa/.autojump/share/autojump creating directory: /var/services/homes/mikusa/.autojump/functions copying file: ./ bin/autojump.sh -> /var/services/homes/mikusa/.autojump/etc/profile.d copying file: ./ bin/autojump.bash -> /var/services/homes/mikusa/.autojump/share/autojump copying file: ./ bin/autojump.fish -> /var/services/homes/mikusa/.autojump/share/autojump copying file: ./ bin/autojump.zsh -> /var/services/homes/mikusa/.autojump/share/autojump copying file: ./ bin/_j -> /var/services/homes/mikusa/.autojump/functions Please manually add the following line(s) to ~/.zshrc: [[ -s /var/services/homes/mikusa/.autojump/etc/profile.d/autojump.sh ]] && source /var/services/homes/mikusa/.autojump/etc/profile.d/autojump.sh autoload -U compinit && compinit -u Please restart terminal(s) before running autojump.
Prompt that .zshrc
Add a command in:
[[ -s /root/.autojump/etc/profile.d/autojump.sh ]] && source /root/.autojump/etc/profile.d/autojump.sh autoload -U compinit && compinit -u
You don't need to add it. After the subsequent installation of ohmyzsh, you can directly use the plug-in to configure autojump.
After the installation, you can delete the files you just cloned.
cd .. rm -rf autojump
The disadvantage is that the git clone needs to be uninstalled and returned later.
Configure oh my zsh
Edit the .zshrc
File, you can modify the configuration of oh my zsh. I don't have many functions that I can use personally, so I will modify the theme, add some plug-ins, and configure some command maps.
use vim
edit .zshrc
File:
vim .zshrc
find ZSH_THEME
modify theme , e.g. change to ys
。
ZSH_THEME="ys"
Then, find plugins
increase plug-in unit 。 In addition to the self installed zsh-syntax-highlighting
and zsh-autosuggestions
In addition, oh my zsh has many built-in plug-ins, such as docker
and docker-compose
, can be ~/.oh-my-zsh/plugins
These plug-ins can be found in the folder, which contains specific plug-in explanations. In addition, add the previously installed autojump
。
plugins=(git zsh-autosuggestions zsh-syntax-highlighting autojump docker docker-compose z extract sudo cp aliases)
Finally, on .zshrc
Add some at the bottom of the file Command Mapping , such as acme.sh.
Alias dcl="docker system prune - a" # Clear the docker cache completely Alias dcu="docker compose up - d -- remove orphans" # Clear orphaned containers while starting containers alias acme.sh="docker exec acme.sh acme.sh" #acme.sh
After saving, execute the command to refresh .zshrc
File:
source .zshrc
demonstration
Simple demonstration of the final effect, using TAB
Key to automatically prompt or complete the command.
One click installation and configuration
Of course, these tedious steps are just a few lines of commands. If you have used Zsh as the shell, you can package and install it directly:
git clone https://github.com/ohmyzsh/ohmyzsh.git ~/.oh-my-zsh cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc git clone https://github.com/wting/autojump.git && ./ autojump/install.py git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions sed -i.bak 's/plugins=(\(.*\))/plugins=(\1 autojump zsh-autosuggestions zsh-syntax-highlighting z extract sudo cp aliases docker docker-compose)/' ~/.zshrc source ~/.zshrc
Optimize Shell
After all this trouble, Qunhui's shell is barely usable. We can also perform some additional operations to facilitate the use of subsequent shells.
Sudo security free
After using a non root user, you need to add sudo
Instruction. This requires adding the user to the sudo user group first. The first user created by Qunhui is already in the sudo user group, but executes sudo
It is still necessary to enter the password of the current user, which is very troublesome, so we need to avoid using it sudo
The phase when the password is entered.
Because Qunhui's shell is a whole bunch, it can't be used visudo
edit /etc/sudoers
, so use vim
Operation.
Confirm your user name first:
id
The output is as follows, mikusa
It is the user name of the current user.
$ id uid=1026(mikusa) gid=100(users) groups=100(users),101(administrators),65537(docker)
Then edit /etc/sudoers
:
sudo vim /etc/sudoers
You will be asked to enter the password of the current user, and then i
Type to edit, then skip to the end with the arrow key, and insert:
mikusa ALL=(ALL) NOPASSWD: ALL
Among them, mikusa
For users who want to be password free. Do not delete or fill in incorrectly!
Then force save:
wq!
This allows the user to use sudo
There is no need to enter the password when the command is given.
Log in to SSH using the key
The password is usually used to log in to SSH on Qunhui. This is actually very unsafe and troublesome. The operation of comparing geeks is to configure the key for the current user and log in with the key.
You can enter the following command on the computer terminal first, and then use ed25519
The algorithm generates a key:
ssh-keygen -t ed25519 -C "mynas"
After returning all the way, the following contents will be output:
$ ssh-keygen -t ed25519 -C "mynas" Generating public/private ed25519 key pair. Enter file in which to save the key (/c/Users/mikusa/.ssh/id_ed25519): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /c/Users/mikusa/.ssh/id_ed25519 Your public key has been saved in /c/Users/mikusa/.ssh/id_ed25519.pub The key fingerprint is: SHA256:QIQ2zmTjGZWXnF80/nfqRhe28UKLIdnt8cHIfuov/dI mynas The key's randomart image is: +--[ED25519 256]--+ | ++o o .o | | O.. = ... | | B =.. . + o.o | | = . + o++* | | S ..= o+O| | ..===| | .=+ | | +o.E| | .o+oo| +----[SHA256]-----+
It prompts that the public and private keys are saved in the /Users/mikusa/.ssh
Folder. I.e C:\Users\mikusa\.ssh
, where mikusa
Is your computer user name. Open this folder, find the id_ed25519.pub public key file, copy the public key, and install it in the NAS.
First, we create the. ssh folder in the NAS and grant permissions:
mkdir -p ~/.ssh && chmod 700 ~/.ssh && cd ~/.ssh
Install public key:
echo 'ssh-ed25519 XXXXXXXXXXXXXXXXX' > authorized_keys
Don't quit in a hurry. You need to further modify the file permissions:
chmod 600 ~/.ssh/authorized_keys
Edit SSH profile:
sudo vim /etc/ssh/sshd_config
Open the key login function and find the corresponding configuration. If there is #
You need to delete and modify the following no
by yes
:
PubkeyAuthentication yes
Overload sshd:
systemctl restart sshd
In the. ssh folder on the computer, the name of the private key we just generated is id_ed25519
, rename it to a name that is easy to remember, such as mynas
。
Then, create a new one named config
And fill in the following contents:
Host NAS HostName 192.168.31.2 Port 22 User mikusa IdentityFile ~/.ssh/mynas
Don't I have to explain the meaning one by one?
After saving, use the following command in the terminal to connect:
SSH NAS
After you confirm that you have successfully logged in with the key, you can /etc/ssh/sshd_config
Disable password login in configuration:
PasswordAuthentication no
Finally, confirm whether the configuration has been modified successfully:
sudo cat /etc/ssh/sshd_config | grep -E '^PasswordAuthentication|PubkeyAuthentication'
output
PubkeyAuthentication yes PasswordAuthentication no
No problem, you can use it systemctl restart sshd
Restart the SSH service.
Using Docker
Non root users cannot directly use the Docker command. We can create a docker user group:
sudo synogroup --add docker
Add the current user to the docker user group:
sudo synogroup --member docker $USER
And then docker.sock
The user permissions of are modified to Docker User Group:
sudo chown root:docker /var/run/docker.sock
You can use the Docker command normally.
Or use DSM to manually create a docker user group in "Control Panel - Users and Groups - User Groups", add the target user to the group, and finally perform the modification in SSH docker.sock
The command with user permission of is also available.
last
After a series of operations, Qunhui's shell should be more comfortable than the original version. Even though the shell of Qunhui NAS is optimized, the DSM system is not suitable for learning Linux. In order to focus on storage, the DSM lacks too many functions and imposes many restrictions. If you want to learn Linux in depth, you'd rather use the WSL function of Windows than directly perform operations on DSM that may damage the system.
Last Last
I'm not a professional programmer. I don't have many opportunities to use Linux every day. So far are the functions I can show. If there are any technical errors in this article, please do not hesitate to correct them.
reference resources
]]>