DevOps
Terraform for TrueNAS Scale: ZFS NAS Automation
Automate TrueNAS Scale (Linux ZFS) with Terraform: dariusbakunas/truenas provider, datasets, NFS / SMB shares, snapshots, and replication.
1 min read
DevOps
Terraform for Synology DSM NAS
Manage Synology DSM NAS appliances with Terraform: provisioning surrounding cloud backups (S3 / B2), DNS, and CI patterns for Synology homelabs.
LLuca Berton1 min read
Synology DSM has no official Terraform provider in 2026. The realistic pattern: Terraform manages the cloud and network around the Synology — DNS, S3 / B2 backup buckets, ACME certificates, VPN — and Synology's own UI / DSM API handles share-level config. For full lifecycle, wrap the DSM API with null_resource calls or restapi provider.
Cloud Backup Bucket (S3)
#resource "aws_s3_bucket" "syno_backup" {
bucket = "syno-${var.hostname}-backup"
}
resource "aws_s3_bucket_versioning" "syno_backup" {
bucket = aws_s3_bucket.syno_backup.id
versioning_configuration { status = "Enabled" }
}
resource "aws_s3_bucket_lifecycle_configuration" "syno_backup" {
bucket = aws_s3_bucket.syno_backup.id
rule {
id = "tier-cold"
status = "Enabled"
transition {
days = 30
storage_class = "GLACIER_IR"
}
}
}
resource "aws_iam_user" "syno_backup" {
name = "syno-backup"
}
resource "aws_iam_access_key" "syno_backup" {
user = aws_iam_user.syno_backup.name
}Configure Synology Hyper Backup → S3 with the access key.
DSM API via restapi Provider
#terraform {
required_providers {
restapi = { source = "Mastercard/restapi", version = "~> 1.19" }
}
}
provider "restapi" {
alias = "dsm"
uri = "https://${var.dsm_host}:5001"
insecure = false
write_returns_object = true
username = var.dsm_user
password = var.dsm_password
}DSM uses a session-token auth flow — wrap login in a Lambda or a null_resource helper if going deep.
Best Practices
#- Don't fight DSM — manage shares in DSM, manage cloud around it in Terraform.
- Hyper Backup → S3 with versioning + Object Lock for ransomware resistance.
- DSM 7.x admin behind 2FA — Terraform should never store the admin password.
- DDNS via Terraform (Cloudflare / Route 53) — DSM's built-in DDNS is fine but not auditable.
Related
##Terraform#Synology#DSM#NAS#Hyper Backup
Related articles
DevOps
Terraform for Unraid Homelab and Docker Apps
Surround an Unraid homelab with Terraform-managed cloud infrastructure: backup buckets, DNS, VPN, and reverse-proxy automation.
1 min read
DevOps
Deploy OpenClaw AI on AWS EC2 with Terraform and EBS Storage
Deploy OpenClaw AI on AWS EC2 with Terraform: Ubuntu 24.04, gp3 EBS for persistent agent data, SSH key pair, security group, and user-data bootstrap.
3 min read
DevOps
Terraform for AIX on IBM Power Systems Virtual Server
Provision AIX on IBM Power Systems Virtual Server with Terraform: PowerVS instances, NIM-style image management, SAN volumes, and hybrid VPN.
1 min read