Setting up Teddycloud on Synology, probably macvlan needed

tiwercs · October 20, 2025, 2:20pm

Hi there,

my little son just got a Toniebox 2 - to be honest, it’s only a few months since I heard from Toniesboxes the first time. Being interested in how it all works, I searched the internet a bit and quickly discovered a whole community is dedicated to Toniebox hacking. Now, besides my sons Toniebox 2, I have 2 Tonieboxes 1 (ESP32) for personal experiments

On a 0-10 scale for tech-savvyness, I would say I’m around 7. But using containers, playing with ports and trying to hack a device, first time I try this. (actually, I am still not very sure to have understood what a container conceptually is). Anyway, I’m on my way to set up Teddycloud on my Synology NAS, using this video as a guideline: https://www.youtube.com/watch?app=desktop&v=JpMRyshgy9o

Here are the steps I performed until now:

Installing docker (or container manager, as it is called now) on the NAS: easy
adding portainer: also worked quite quickly, but it’s not like in the video, where portainer has a dedicated IP-address - I can access it via the IP of my NAS on port 9000. I guess this does not make any difference?
setting up Teddycloud: here the problems begin. I tried the docker-compose.yaml referenced in the tonies wiki, but then it says:

Failed to deploy a stack: compose up operation failed: Error response from daemon: driver failed programming external connectivity on endpoint teddycloud (891a711651da3e3072fac9fd151b6db6dac61170c4aa9c43b81f5aeb2e3ad005): Error starting userland proxy: listen tcp4 0.0.0.0:443: bind: address already in use

Well, I guess this means another app is already using port 443 and blocking it, I need to change it. At some point in the video, @0xbadbee says “keyword: macvlan” (never heard that before), so I tried to look for that. I found this discussion and tried to adapt the compose-file posted there to my situation, but I’m not quite sure if this is a good approach and where I need to change the IP-adresses. With my current version, I can “deploy the stack” , but the logs show that it is actually empty:

Running teddycloud…

AddressSanitizer: CHECK failed: sanitizer_allocator_primary64.h:131 “((kSpaceBeg)) == ((address_range.Init(TotalSpaceSize, PrimaryAllocatorName, kSpaceBeg)))” (0x500000000000, 0xfffffffffffffff4) (tid=8)

I would appreciate some guidance from you and would love to start dismantling the toniebox once Teddycloud setup is correctly implemented

Thanks a lot!

0xbadbee · October 20, 2025, 4:29pm

github.com/toniebox-reverse-engineering/teddycloud

Ubuntu Build fails AARCH64 - armv8/64 - CHECK failed: sanitizer_allocator_primary64.h:131 "((kSpaceBeg)) == ((address_range.Init(TotalSpaceSize, PrimaryAllocatorName, kSpaceBeg)))" (0x500000000000, 0xfffffffffffffff4) (tid=8)

opened 11:16AM - 26 Feb 25 UTC

SciLor

bug help wanted prio

The build of the AARCH64 ubuntu docker container fails, when running the docker …test or try to run tc ` CHECK failed: sanitizer_allocator_primary64.h:131 "((kSpaceBeg)) == ((address_range.Init(TotalSpaceSize, PrimaryAllocatorName, kSpaceBeg)))" (0x500000000000, 0xfffffffffffffff4) (tid=8)` SANITIZER_CAN_USE_ALLOCATOR64=0 doesn't solve this **Debian variant is working fine.**

Try using the Debian variant

tiwercs · October 20, 2025, 5:57pm

Thank you for the quick reply, that worked!
So if I understand it well, I can just use any random IP-adress in my network that is not already taken by another device (NAS, printer,…)?

Just to understand how it works: My local network is a street. The IP-address on the devices in my network are like the houses in that street. One of these houses, number 122, is my NAS. When I enter it, I see it has quite a few rooms. Only specific people ( → applications) can enter specific rooms. In my case, room 9000 is reserved for portainer. But it is kind of a magic room: entering it will beam me (“macvlan me”) to another house of the street (→ teddycloud). Does this analogy make sense?

abandenfels · November 8, 2025, 9:20pm

If you still need help look at my pull request

github.com/toniebox-reverse-engineering/toniebox-reverse-engineering.github.io

content/docs/tools/teddyCloud/setup/synology-nas-setup/_index.md

3595baf55

---
title: Synology NAS setup
description: Create a teddy cloud docker image and run it on Synology NAS
weight: 30
bookCollapseSection: true
---
# Synology NAS setup

Example for Synology NAS DS 923+
I don’t recommend you to host a docker image on Synology. ;-) On your Synology NAS there are lots of Services running and lots of the ports like 80 and 443 are already used. This means whenever you want to host a docker image, you have to make sure there are no port conflicts. You have the possibility to run (you must run) your docker with network macvlan, but you will never be able to follow a step by step description and you must always modify the docker compose file, before you can create the image on your NAS. This following description is an example for this problem.

I would recommend installing docker and teddyCloud on a separate device.  
But if the step it’s to big to setup a new device and you want to run only one docker image, teddyCloud (are you sure it’s only this 1 image? ;-)), then follow the following steps.

I installed Container Manager to host my docker images on my NAS. I think with a different application it will be similar.

As mentioned in my introduction port 443 and port 80 is already used by Synology. The Toniebox uses port 443 to communicate with the cloud. We have to use macvlan to be connected directly to the physical network and to act as a standalone container in order to provide port 443 for the modded Toniebox.

1.  Create the following folders. This will be the location for all data of teddycloud.
	- /volume1/docker/teddycloud/certs (certificates of the server)

This file has been truncated. show original

nonko · November 16, 2025, 9:51am

For the record. If you use Portainer on Synology, you could create a macvlan in Portainer.

That worked for me.