In this article I will show you how to install Gmvault on a Synology Diskstation and have it back up your Gmail accounts. This will eliminate the need for your computer to be on and also saves processing power on your system, since everything is handled by the Diskstation.

Installing Python 2.7

The first set of steps will have us install Python 2 on the DiskStation, since it’s needed for Gmvault to run.

1. Log into Synology NAS as an admin user (can be your own username if you are in the Administrators group) and go to Main Menu -> Package Center -> Settings and set Trust Level to Synology Inc. and trusted publishers.
2. In the Package Sources tab, click Add, type “SynoCommunity” as Name and “https://packages.synocommunity.com/” as Location and then press OK to validate.
3. Go back to the Package Center and install the Python 2.7 package (“Python”) in the Community tab. (Synology provides Python 3, so if a later version of GMVault is made compatible then you won’t need to do steps 1-4).
4. Remove the Package Source and reset the Trust Level to “Synology Inc.”

Set up Folders for Gmvault backups

We now have Python 2.7 installed. Nex,t we need to set up the folders to keep the backups in. Go to Control Panel -> Shared Folder. Create a new folder called Gmvault.

[Optional] You can also encrypt the contents of the folder by clicking the folder then clicking on the Edit button and then on the Encryption tab. Then click the checkbox next to Encrypt this shared folder and enter an encryption key.

Enabling SSH

Go to Control Panel -> Terminal & SNMP -> Enable SSH service.

If you have Security Advisor enabled it might complain about the SSH service not being secure if you use the default port of 22, which I didn’t bother changing as I was only logging in via my local network.

Installing Pip, the Python Virtual Environment and Gmvault

Open a Terminal window on your Mac and SSH into the Diskstation using a user with admin access.

Make sure you navigate your way to volume1 or whichever volume you will be using to set up Gmvault on and store the backups. In that volume, you should find the Gmvault folder we created earlier. Make sure you are in that directory then follow the next steps:

1. wget https://bootstrap.pypa.io/get-pip.py
2. sudo python get-pip.py
3. sudo pip install virtualenv
4. rm get-pip.py
5. virtualenv gmvault_env
6. cd gmvault_env
7. sudo pip install gmvault

What we did above is to install the pip utility that is needed to install Python packages/modules, followed by installing virtualenv. Virtualenv is a tool to create isolated Python environments. It creates a folder which contains all the necessary executables to use the packages that a Python project would need. More info about it and how it works can be found here.

With those in place we created an environment for Gmvault and installed it using pip.

Setting up Gmvault

We are now at the stage where we already have Gmvault and can start having some fun with it.

To make sure that Gmvault has installed correctly, type in the following command:

• gmvault -h

This should display the help for Gmvault, if it does, you’re good to go. Follow the next steps:

• gmvault sync -t full –db-dir /volume1/Gmvault/backups/YOUREMAILADDRESS/ –emails-only –no-compression my_email…@gmail.com

1. Gmvault will then prompt to open a web browser to grant OAuth2 access.
   Press Enter to open the browser – which won’t happen!
2. Highlight the web address that Gmvault displays.
3. Open a new window in your web browser and paste the web address into the address bar.
4. Login to Google Mail and grant access to Gmvault.
5. Copy the authentication token that Google will display and paste into the SSH session.

That’s it! Gmvault should now continue and download the emails.

If you’re curious about the parameters I used when executing gmvault, have a look at the in-depth guide on the Gmvault site which details all the possible parameters.

Note: For security purposes, you can now disable the SSH service. It is recommended to only activate this service whenever you need it, especially if you make your Diskstation available over the internet.

Encryption

While you can choose to encrypt using gmvault itself, however, I decided to use Synology’s own facility for encrypting folders. For more information about Synology’s encryption, you can refer to this article. The official Synology guide is also a handy reference, as is their page on managing keys.

Further Improvements

There are additional steps you can take to improve this workflow, for example setting a recurring automated task that runs, say, on a daily basis. This would make the backups work without your intervention.

Have you set up automated backups for your Gmail accounts? What’s your take on the subject?

Youtube-dl is an awesome tool that lets you download videos from the most popular video platforms. When we combine it with Mac’s Automator we can set a keyboard shortcut to download the video we currently have open in our browser tab.

Requirements:

• homebrew – a nice packet manager
• youtube-dl – to download videos
• ffmpeg – to transcode files
• recommended: nodejs, osx-notifier*

*used for nice notifications in user interface

In Terminal, run:

brew install youtube-dl ffmpeg node; npm install -g osx-notifier

Next, open the Automator app on Mac and create a new service. Then from the Actions library choose Utilities and Run Applescript.

Change Service receives dropdown to no input and paste the script below into the Run AppleScript area.

on run {input, parameters}
	
	tell application "Safari" to set currentTab to current tab of window 1
	tell application "Safari" to set currentURL to URL of currentTab
	tell application "Safari" to set currentTitle to name of currentTab
	tell application "Finder" to set homeFolder to path to home folder
	do shell script "/usr/local/bin/node /usr/local/lib/node_modules/osx-notifier/bin/osx-notifier.js --type info --title \"Video Download\" --subtitle \"New video download started\" --message " & quoted form of currentTitle
	do shell script "/usr/local/bin/youtube-dl -o \"" & POSIX path of homeFolder & "Desktop/%(title)s.%(ext)s\" --ffmpeg-location /usr/local/bin/ffmpeg --recode-video mp4 " & currentURL
	do shell script "/usr/local/bin/node /usr/local/lib/node_modules/osx-notifier/bin/osx-notifier.js --type pass --title \"Video Download\" --subtitle \"Video download successful\" --message " & quoted form of currentTitle
	
	return input
end run

Once you’re done you can save the service, I chose Download video using youtube-dl as the name.

Next we need to bind the service to a keyboard shortcut. This is very handy as we’ll just need to hit the keyboard shortcut in the browser with a YouTube video open to kickstart the download service.

Open up System Preferences then Keyboard.

Within the keyboard preferences pane click the Shortcuts tab. Then select Services from the left pane and make sure the service you created earlier is checked in the right pane. All that’s left is to select a preferred keyboard shortcut, which is entirely up to your preference. I chose [ctrl] + [alt] + [cmd] + [D].

Hope you found that useful. Automator really is a nifty tool and I look forward to experimenting with it in other ways in the future.

Other Video Sites

You can also use youtube-dl for downloading videos from other sites like Vimeo and Wistia.

For Wistia, you need to use this URL and replace the ending with the code of the file you want:

https://fast.wistia.net/embed/iframe/o1kvat5mfb

Searching for a web hosting company to host your blog or site can be a really time-consuming, frustrating, and draining task. That’s a fact. I know people who have been publishing sites for years and who have still not found a hosting solution that they are completely satisfied with.

Today I am sharing my experience to help you find a perfect host for your needs.

Yes, we need to focus on your needs in order to find the best web hosting solution for you. The biggest mistake you can make is to read page upon page of reviews on web hosting forums, without first carefully analysing your particular use-case. Sure, some web hosts are more reliable than others, some of them have great customer service and others seem hell bent on making their customers lives miserable, but that is not the most important thing to start from.

I started my adventure with web hosting many years back, and my first web hosting experience was far from positive. In fact, the first company I had chosen suddenly disappeared, taking with it all its clients’ data. Can you believe that? That cost me much grief as in those times I used to rely on backups provided by the hosting company itself. Which means that I had no access to my data and neither to the backups.

After that traumatic experience, I decided that I was going to change my strategy with hosting completely.

Here’s what I did.

First of all at that time I switched over to WordPress, and have been using this CMS for any website I build since then. If you’re building sites and haven’t used WordPress, you’re really missing out, go check it out immediately!

Anyway, the first step of my strategy was to take responsibility for my own backups. After much research, I decided to use BlogVault.

With backups taken care of, I proceeded to take a good look at the websites I needed to host. I had a whole range of sites, some of them my own, and others of friends of mine. Not all of them had the same requirements, a few would do with basic hosting while others like WP Mayor needed specialized hosting to handle a large number of visitors.

By now I’m sure you’re realising that you cannot go searching for the cheapest web hosting, the fastest web host, etc. because there ain’t no such thing.

There is no best web hosting provider.

But…

There is a best hosting solution for each of your sites.

What are we saying here? We’re simply saying that your search for web hosting needs to start from the needs of each and every website you want to host, and once you know what you want, it’s relatively easy to find a good web host.

I told you that for a site like WP Mayor I needed specialised hosting. Why is that? Well, that particular site has a global audience, so the site must be loading fast from any corner of the world. That suggests the need for a Content Delivery Network (CDN) so anyone can get the page elements loaded from a location closest to him.

What about server power? That site receives thousands of monthly visitors, and so I needed a server which packed a punch in its setup, and was able to handle sudden spikes of traffic. Caching was definitely on the cards here, together with raw computing power. Besides, I don’t have the time or knowledge to tweak a hosting setup for these specialised requirements.

A quick look around and it was fairly evident what the solution for WPMayor’s hosting was: a WordPress managed-hosting solution. I needed someone to host my site, someone who I could rely on and who had experience working with WordPress and tweaking the hosting environment to be perfectly optimised for this CMS. Turns out there is a hosting company which provides just that, and everyone who works there is knowledgeable at WordPress + Hosting. Just perfect!

Specialized Managed WordPress Hosting: WP Engine or Kinsta

WP Engine and Kinsta are in my opinion the most reliable WordPress hosting solutions out there, with an equally reliable support staff who are always ready to help you out with any issue you might have.

If you have specialised requirements for your blog, or run a high-traffic blog, look no further because both WP Engine and Kinsta will give you all you need.

The cheapest plan at WP Engine, which caters for 1 site and up to 25,000 visits/month, is available at $35/month with a CDN included. This is especially great if your target audience is a global one.

If you want to host more than one site at WP Engine you can step up to the next package which will set you back $115/month but includes a CDN and hosting for up to 5 websites, with a maximum of 100,000 visits/month.

Since I have many websites that I manage or am involved with in some way, I get to use several good WordPress managed hosts. Several of my bigger sites are hosted on either Kinsta or WP Engine, so I took some notes that I will update as I go along on the experience with both of these highly ranked hosts.

Support

Ease of connecting to support is a hands-down win for Kinsta. With WP Engine, you have to select what’s the issue, then wait to get connected. It’s an older and cumbersome chat system when compared to Kinsta, which uses Intercom.

WP Engine staff are excellent at handling the basic questions, but might need to ask a higher-tier support person for more complicated questions. The chat system for Kinsta feels a bit more personal and the first level staff feels more knowledgeable to me. Nevertheless, both offer great support and this shouldn’t be something that sways you one way or the other.

Transactional emails

WP Engine – Password reset emails can be sent from our servers but these other emails would be considered bulk email use that you would need to setup a 3rd party email service for.

Backups

With Kinsta backups are taken every 6 hours or every hour.

Analytics

Kinsta has some cool analytics that WP Engine doesn’t provide. Not a deal-breaker but it’s cool to have that extra tool to play with.

Blog and Knowledgeable Base

Another clear win for Kinsta. They have an excellent blog and publish lots of performance-related content that’s not easily found on other WordPress blogs. The knowledge base seems to anticipate what I need. WP Engine’s is good, but Kinsta just seems to know exactly what I need, I guess I just prefer their style of content production.

Content Delivery Networks (CDN)

WP Engine allows custom URLs and Kinsta does not. WP Engine uses MaxCDN and Kinsta integrates with KeyCDN.

After testing jeangalea.com with both the Kinsta CDN and the Cloudflare CDN activated, I found that the combination doesn’t work very well. I tried using just the Kinsta CDN, and then switched to the Cloudflare CDN, with the latter proving to be clearly superior, perhaps also due to the other goodies that come with Cloudflare such as image optimization and file minimization.

I can highly recommend both WP Engine and Kinsta. They are very well managed companies who have been involved with WordPress for years, and your website will be safe with any one of them. Right now I would give the edge to Kinsta, unless you have low traffic, simple sites, in which case WP Engine will work out to be cheaper for you.

Over to You, Go Get Your Perfect Hosting Solution!

That’s my web hosting story with a happy ending. Nowadays I have my mind at rest hosting all my sites between WP Engine and Kinsta, and having them backed up via BlogVault. I’ve found this to be an absolutely fantastic setup that can be adopted by many of you out there, which prompted me to share my experience. Hope you can benefit from my experience.

Do you have any questions about hosting which I haven’t answered in this post? Please leave a comment and I’ll do my best to help you out.

It’s important that before you start you understand the concept of volumes on Synology Diskstations, because that’s the first thing you will need to set up before you set up Time Machine backups.

Volumes on the Synology Diskstation

You can use the Synology RAID calculator to help determine how you want to set up volumes. That being said, in this case you want to just make one, and then create shares to logically organize things.

The advantage to creating multiple volumes comes when you are using different size drives, want different levels of redundancy, or have significantly different uses .Let’s take an example a NAS with 4 x 6TBb drives. The only advantage you would gain would be less loss of data if an array fails, but at the cost of a higher risk of array failure.

[Read more…]

When you enable SSL on a Synology Diskstation, accessing it over the local network will throw up a selection of security warnings on browsers.

There are 3 choices here for the LAN user:

1. Ignore the warnings and click through
2. Register an Internet FQDN to your local IP
3. Create a self-signed SSL and root CA to sign the SSL

Choice 1 is the easiest but it gets annoying after a while. If you are using the NAS locally in your house only and you’re not making it available over the internet, you might as well disable SSL altogether as you won’t be getting much benefit out of it. If you’re the geeky type and want to do things the right way, however, keep reading.

Out of the three choices, choice 2 is the most proper way to do it if, especially if you’re making the NAS available over the internet. You will need a public domain name to so you can create a fully qualified domain name (FQDN) for your Diskstation (something like https://ds.mydomain.com). Next you can generate a valid Certificate Signing Request (CSR) for the FQDN and configure DNS to point back to your local LAN and setup whatever routing is required.  This is best if you need to secure a local LAN asset where you do not control all devices accessing the Diskstation.

Choice 3 is in my opinion the best option for those who are only using the NAS locally.

It has two prerequisites:

• Your Diskstation must have a fixed IP address on your LAN.
• You must be able to add or assign certificates to devices you want to approve your SSL.

If you can satisfy those conditions, proceed with the following steps:

In DSM 6.0 -> Control Panel -> Security -> Certificate

Click “Add” to start the process and choose “Create self-signed certificate”

First you create a Certificate Authority (CA) which is the master key that will sign the site usable SSL.

You will need to supply the certificate details. What you fill in is not very important, you can use dummy data if you want.

Creating the self-signed certificate from the Synology control panel has a key step that you must complete or the certificate will be invalid.  The Subject Alternative Name (SAN) in the second step must contain BOTH the name of the Disktation on your network (“myDSname”) and its local fixed IP (192.168.1.10)

Once your certificate has been generated click “Configure” in DSM to set the new certificate to be the default for the system (The internal web server will restart) so that when you attempt to load the Diskstation site the correct SSL certificate will be presented to your browser.

Now you need to export the newly generated certificates from your Diskstation and import the root CA [and the SSL certificate] into your local machine’s certificate store so that they will be recognised as valid.

Check this page to understand how to install certificates system-wide as well as in specific browsers that handle their own certificates. It also includes details on installing the certificates on your mobile devices (iOS and Android).

Further resources: If you are making the NAS publicly accessibly over the internet, you can follow Mike Tabor’s guide on using Let’s Encrypt SSL certificates as they are completely free and work perfectly.