Put the phone down

First, a brief detour into my browsing and reading habits. I subscribe to a lot of feeds (check out my blogroll!) and going through my RSS reader gives me a similar dopamine hit to scrolling on social media - except I’m mostly learning something new rather than just being entertained. But it also means I spend a lot of time staring at my phone and reading articles on it, which is definitely not a good way to read anything, and it does not feel great either. Besides, you’re one notification away from being pulled out of your reading.

The allure of the phone is strong: everything is at hand and frictionless. If I want to replace it with something else, it has to be similarly easy to use. This rules out using a computer, since I don’t always have one with me and the startup time is considerable even on modern machines. I guess that leaves me with the only option: printing everything on paper and reading that way.

Okay, I’m kidding, but the solution is a bit like paper: it’s an e-ink reader. I currently have a Pocketbook Verse Pro and I love reading on it. The goal would be to have an easy way of taking anything noteworthy (and usually long-form) and transferring it to my e-reader. Most importantly, this is not a Pocketbook-specific solution: in fact it will work on any reader with KOReader installed, meaning it could be your Kobo or Kindle too.

It sounds like a lot of hassle

It does, but let me explain. Once everything is set up, this is actually a very smooth experience. Frictionless.

There are two major sources of friction:

1. Getting the content into the e-reader
2. Removing the content from the e-reader once finished (keeping things tidy)

Conveniently, both problems are solved by Wallabag, which will be familiar if you know Pocket or Instapaper. Wallabag is an open-source “read it later” app, and it is by design self-hosting-friendly, even though you can use it as an online service directly from wallabag.it too. It will serve as the home for all content worthy of proper reading and thus be the backbone of this setup. And because KOReader already integrates with Wallabag, receiving and archiving articles is quite seamless.

The one-tap solution

The end state looks like this: I am going through my RSS feeds on my phone, and if I see something long-form that I’m interested in, I tap on the “Star” button and move on until I have enough articles to read. In a few minutes, I can pick up my e-reader, sync new articles and start reading said articles. During the next sync, the already finished articles will be removed from my device (unless I mark them as not finished).

The one remaining missing piece is a Python script that periodically fetches newly starred (“favourited” in FreshRSS speak) articles from FreshRSS and pushes them to Wallabag. Below you will find both instructions on how to set the whole pipeline up, and the code for the script.

The way the script works is by connecting to FreshRSS to fetch favourited articles, comparing it to a local list of already processed articles, and adding the new ones to your Wallabag instance to be picked up by KOReader. It’s a really simple script that ties this all together. It will also keep producing rotating sync.log files to make any potential troubleshooting easier.

Below is a breakdown of what happens under the hood:

Setting up the pipeline

Pre-requisites

• A server or computer (with Python 3 installed) to run the script periodically.
• FreshRSS 1.27 or newer with Fever API enabled
• Wallabag 2.6.13 or newer
• KOReader on your e-reader

FreshRSS setup

First, you have to enable API access in your FreshRSS instance. Make note of your user’s API password. You can verify if the Fever API is enabled by going to https://foo.bar/p/api/, assuming https://foo.bar/ is the root path to your FreshRSS instance.

Wallabag setup

Next, you have to set up API keys to access your Wallabag instance. Log in to Wallabag and go to API clients management section, where you need to create a new client. I personally created separate clients for my Python script as well as for my KOReader and Wallabagger extension (see below), but you could reuse the same client credentials if you prefer. Note down the Client ID and Client secret.

Sync script setup

The script for syncing articles between FreshRSS and Wallabag can be found in this GitHub repo. Download the .py file and the config.json.example to your server, put them in the same folder, rename the latter to config.json and update its values. You should also chmod 0600 the config.json file or otherwise make sure that it’s safe from prying eyes, since it will store your API credentials.

Tom, you dummy, why not just use a .env file? Everyone knows that’s where secrets go!

Yes, and you’d typically load it using python-dotenv — a module you’d install via pip, which may not even be installed on your machine. Writing my own parser for dotenv files would unnecessarily inflate the length of this script and could lead to unforeseen bugs on different systems. The goal here was to make this as portable as possible, requiring nothing but a Python interpreter, which is almost universally available. This is simply the path of least resistance, and as long as you keep the permissions tight, it is as safe as a .env file.

Okay, now as long as you’ve edited your config correctly, you can try running the script to see if you can connect to both APIs. You should see something like this:

[2025-11-25 23:30:02] INFO: Starting FreshRSS → Wallabag sync
[2025-11-25 23:30:02] INFO: Previously synced: 0 articles
[2025-11-25 23:30:02] INFO: Found 0 starred articles in FreshRSS
[2025-11-25 23:30:02] INFO: No new starred articles to sync. All up to date!

Now it’s time to go to FreshRSS, mark an article as favourite, and re-run the script to see if it gets synced to Wallabag.

Tom, I see you’re storing the previously synced article IDs in a local json file. That’s kind of dumb!

It is! But also it’s beautifully simple and functional. A setup using SQLite would surely be more scalable, but how many articles will you favourite per year? Dozens? Hundreds? This probably gives the script centuries before it starts becoming a problem. Let’s not overengineer things.

Now that your script is up and running, don’t forget to add it to your cron, or a similar solution to periodically run it. I’m using Synology’s Task Scheduler and have set the frequency to 15 minutes.

KOReader setup

Now that articles are getting beamed up to Wallabag, it’s time to set up your e-reader. KOReader supports Wallabag natively, and it’s easy to set it up using the official wiki. I highly recommend saving the empty settings and editing the Lua file on your computer. Typing all the credentials on the e-reader keyboard is no fun.

Once you have Wallabag set up, syncing should download the articles:

I also highly recommend going to Wallabag settings in KOReader, open the section Remote mark-as-read settings and enable the following options:

• Mark finished articles as read
• Mark 100% read articles as read
• Auto-upload article statuses when downloading

This will automatically delete any read articles from your e-reader and mark them as read in Wallabag whenever you sync. You do not have to manually clean anything up - brilliant!

[Bonus] Wallabagger setup

Now that we have a pipeline that feeds our e-reader, we might as well use it in other useful ways. Wallabagger is a Chrome and Firefox extension that saves articles directly to your Wallabag instance. This gives you freedom to shoot any articles you got sent or found in newsletters etc. straight to your e-ink device.

When you install Wallabagger, you have to set it up to connect to your Wallabag instance (hit Check URL) and then provide Wallabag client credentials. You should also tick the option Retrieve content from the browser by default when saving page, otherwise Wallabagger will only save the link itself and some metadata.

Support open-source!

All of this is possible only thanks to open-source developers of the above applications. While you can subscribe to Wallabag’s hosted solution and support them that way, I suspect many of my readers will dabble in self-hosting.

Below are links to the Liberapay accounts where you can support the applications:

• Wallabag
• KOReader
• FreshRSS

As part of my journey towards higher privacy while using internet, I decided to set up Pi-hole on my Synology NAS DS218play. If you are reading this article, you probably don’t need the following explanation, but just in case: Pi-hole is perhaps the most popular DNS sinkhole, which aims to block ads, trackers and malicious sites for all devices on your local network.

Now, your NAS is one of the best candidates for running Pi-hole since it is typically on 24/7 and connected via high-speed wired connection to your router. Since I already was an owner of Synology NAS, I started googling how to set up Pi-hole on my device. There are plenty of howto’s which describe the process, but they have one fatal flaw: they rely on the Docker (or Container Manager, as it was later renamed to) Synology package to be installed and used for the setup. And this is where it starts to get interesting: Docker is not officially supported on ARM-based Synology NASes (such as the j and play models), supposedly due to insufficient performance of their CPUs. This means you will not find the packages in the Package Manager and will not be able to install it the usual way.

There are many users asking how to install Docker (or even specifically Pi-Hole) on the DS218play and the answer is always the same - unsupported, not available, you’re out of luck, you will need to upgrade to the plus model (which uses x86 CPUs) or get a Raspberry Pi.

That is not entirely true, though, and that’s why you’re likely here. The setup requires a little bit of technical skills and bravery, but it is not an overly complicated process. It does need to be said though that the Docker support is indeed unofficial, one could even say hacky, and you are doing this at your own risk. On the upside, the Realtek RTD1296 CPU in the DS218play is perfectly capable of running a simple app such as Pi-hole in Docker (the CPU barely registers usage from multiple local network devices), and can probably run even more complex apps, so the argument related to the CPU’s performance is not entirely based on reality - it probably has more to do with Synology not wanting to maintain packages for multiple architectures, especially if moving to the + line is such a good upsell for them.

Also, while I can give you no guarantees on this, the how-to is likely to work on some other Synology models (such as DS220j, DS223j, DS118, DS218, DS418 - basically anything that has aarch64 CPU model listed here). Furthermore, based on my cursory Google research, changing the architecture in below scripts from aarch64 to armhf might allow you to use it for the ARMv7 models (such as DS218j, DS216j or DS416) as well.

Prerequisites

OK, now that you have been warned and given necessary context, let’s see what we will need:

• Access to the Synology NAS using a privileged user (can be your regular user but should be in the administrators group - i.e. the main account you use to manage the NAS using DSM
• DSM version 7.2.x (tested on 7.2.1, likely works on all 7.x.x)
• Enabled SSH access (see below)
• Internet access (duh)
• An SSH client (PuTTY is a great one if you’re on Windows, but you can also install an ssh client from Windows; Linux and Mac usually comes with a command-line SSH client)

Enabling SSH access to your NAS

Your Synology NAS may not have a remote terminal access enabled. This is how you enable it:

1. Open Control Panel.
2. Go to Terminal & SNMP.
3. Check the Enable SSH service checkbox.
4. Done!

In case the port is set to anything else than the usual port 22, you should make a mental note of that number.

Step-by-step instructions

Connecting and gaining root access

1. Use your SSH client to connect to the NAS. You will need to specify the NAS’s IP Address - if you do not know it, you can find it out in Control Panel → Network → Network Interface. Mine is 192.168.0.101 and let’s say the main user account is “tom”.

ssh tom@192.168.0.101
If you are using a different port than 22, add the -p parameter, e.g.:
ssh tom@192.168.0.101 -p 22345
2. You might be prompted to accept the host’s key the first time you connect. Accept it.
3. Now enter the password for tom’s account - this is the same as you use to log in into DSM using your browser.
4. Now you should be remotely connected to your NAS, but we need to get the system administrator (root) privileges. On DSM, simply type sudo -i and use the same password as in step 3.
5. Now the command line should say something like root@nas (or whatever hostname you chose after the @ sign).

Docker installation

1. Navigate to you main user’s home directory.
   cd /volume1/homes/tom/
   Note that you will need to adjust the username and potentially the volume number based on your system’s settings.
2. Grab the file below and save it to your desktop computer. Let’s call the file get-docker.sh

#!/bin/bash
set -e

ARCH=aarch64
DOCKER_VERSION=20.10.9
COMPOSE_VERSION=2.5.1
DOCKER_DIR=/volume1/@docker

echo "Downloading docker $DOCKER_VERSION-$ARCH"
curl "https://download.docker.com/linux/static/stable/$ARCH/docker-$DOCKER_VERSION.tgz" | tar -xz -C /usr/local/bin --strip-components=1

echo "Creating docker working directory $DOCKER_DIR"
mkdir -p "$DOCKER_DIR"

echo "Creating docker.json config file"
mkdir -p /usr/local/etc/docker
cat <<EOT > /usr/local/etc/docker/docker.json
{
  "storage-driver": "vfs",
  "iptables": false,
  "bridge": "none",
  "data-root": "$DOCKER_DIR"
}
EOT

echo "Creating docker startup script"
cat <<'EOT' > /usr/local/etc/rc.d/docker.sh
#!/bin/sh
# Start docker daemon

NAME=dockerd
PIDFILE=/var/run/$NAME.pid
DAEMON_ARGS="--config-file=/usr/local/etc/docker/docker.json --pidfile=$PIDFILE"

case "$1" in
    start)
        echo "Starting docker daemon"
        # ulimit -n 4096  # needed for influxdb (uncomment if your limit is lower)
        /usr/local/bin/dockerd $DAEMON_ARGS &
        ;;
    stop)
        echo "Stopping docker daemon"
        kill $(cat $PIDFILE)
        ;;
    *)
        echo "Usage: "$1" {start|stop}"
        exit 1
esac
exit 0
EOT

chmod 755 /usr/local/etc/rc.d/docker.sh

echo "Creating docker group"
egrep -q docker /etc/group || synogroup --add docker root

echo "Installing docker compose $COMPOSE_VERSION"
curl -SL "https://github.com/docker/compose/releases/download/v$COMPOSE_VERSION/docker-compose-linux-$ARCH" \
     --create-dirs -o /usr/local/lib/docker/cli-plugins/docker-compose
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
chgrp -R docker /usr/local/lib/docker

echo "Starting docker"
/usr/local/etc/rc.d/docker.sh start

echo "Done.  Please add your user to the docker group in the Synology GUI and reboot your NAS."

Credits to DaveMDS
_Note: The versions of Docker and Docker Compose might be outdated when you read this. If you want to use the the latest versions, check them here and here. _

1. Upload the get-docker.sh file to your home folder in DSM: Open File Station, navigate to your home, click on Upload and the Upload - Overwrite.
2. Now back to SSH terminal - make the script executable:
   chmod +x ./get-docker.sh
3. Run the installation script:
   ./get-docker.sh
4. Docker should now be installed! Let’s follow the instruction to add our user to the docker group: go to Control Panel → User & Group → Group → select docker → Edit → Members → select the checkbox next to tom (your main user) → Save.
5. Reboot your NAS!

Installing Pi-Hole

1. While your NAS rebooted, your SSH session got disconnected, so you will need to repeat steps from the above section Connecting and gaining root access.
2. Using the same process as with the get-docker.sh file, upload the below script and name it install-pihole.sh. Do not forget to change the value of the PIHOLE_PWD variable.

#!/bin/bash

IP_ADDRESS=$(ifconfig eth0 | awk '/inet addr/ {gsub("addr:", "", $2); print $2}')
TZ=$(realpath --relative-to /usr/share/zoneinfo /etc/localtime)
PORT=8080
PIHOLE_PWD="piholepwd"

PIHOLE_BASE="${PIHOLE_BASE:-$(pwd)}"
[[ -d "$PIHOLE_BASE" ]] || mkdir -p "$PIHOLE_BASE" || { echo "Couldn't create storage directory: $PIHOLE_BASE"; exit 1; }

echo -e "Setting up pihole container at ${IP_ADDRESS}:${PORT} (timezone ${TZ})"

docker run -d --name=pihole \
-e WEB_PORT=$PORT \
-e WEBPASSWORD=$PIHOLE_PWD \
-e WEB_BIND_ADDR=$IP_ADDRESS \
-e TZ=$TZ \
-e DNSMASQ_USER=root \
-e DNSMASQ_LISTENING=local \
-v /volume1/docker/pihole/dnsmasq.d:/etc/dnsmasq.d \
-v /volume1/docker/pihole/pihole:/etc/pihole \
--net=host \
--restart always \
pihole/pihole

printf 'Starting up pihole container '
for i in $(seq 1 20); do
    if [ "$(docker inspect -f "{{.State.Health.Status}}" pihole)" == "healthy" ] ; then
        printf ' OK'
        echo -e "\nPi-hole running at http://${IP_ADDRESS}:${PORT}/admin/ - use password '${PIHOLE_PWD}' to log in."
        exit 0
    else
        sleep 3
        printf '.'
    fi

    if [ $i -eq 20 ] ; then
        echo -e "\nTimed out waiting for Pi-hole start, consult your container logs for more info (\`docker logs pihole\`)"
        exit 1
    fi
done;

The script was adapted from the official pi-hole example.

1. Run the Pi-hole installation script (assuming you’re in the main user home directory again):
   ./install-pihole.sh
2. Downloading and setting up the pihole container may take some time. Once it is done, you should see a message like this:
   Pi-hole running at http://192.168.0.101:8080/admin/ - use password 'piholepwd' to log in.
3. If everything went well, navigating to http://192.168.0.101:8080/admin should lead you to the Pi-Hole login screen. Success!
4. Do not forget to configure your NAS’s IP address as the DNS server for your network - this would typically be done in the router settings, for example like so.

Additional considerations

• Since Pi-hole is now the sole resource for DNS resolution, it becomes a critical part of your network infrastructure. If the NAS or Pi-Hole itself stops working or gets disconnected, none of the clients on your network will be able to connect to the internet. This can be easily fixed by rebooting/reconnecting your NAS or simply reverting the router DNS settings to default or, for example, to Cloudflare’s 1.1.1.1 DNS server, but you can only do that if you are physically at home (or have other means of connecting to your router).
  • To prevent my loved ones from undergoing the terrible torture of not having access to the internet when I’m not at home (and also for general peace of mind), I decided to build redundancy into my Pi-Hole setup: I bought a super-cheap used Raspberry Pi 2 and added it as another Pi-Hole to my home network. I actually use the RPi2 as my primary DNS server and the NAS one as the secondary one (most routers will allow you to specify two DNS servers for your WAN), and have not had any issues with this setup so far. Knock on the wood.
  • Tip: Use the Teleporter feature to easily sync settings between the two Pi-Holes.
• The setup above persists even through NAS reboots (docker will start automatically, and so will Pi-Hole), and it also survives DSM patches (7.2.x), but I have yet to test whether it survives minor updates (7.x.x). I will update this article with my findings once I have an opportunity to test it.
  • My hunch is that minor updates will be fine, but I am fairly certain that a major update (to DSM8) will likely need a docker reinstall. However, since the scripts are stored in my home folder, SSHing to the NAS and running them again will be minimal effort, should any of the DSM updates disrupt the setup.

Support Pi-Hole!

Pi-Hole is a wonderful project that objectively improves the digital life of many people. If it is the case for you, consider supporting the creators - surely your privacy on the internet is worth a donation of few bucks.