Syncthing is an open-source file synchronization client/server application, written in Go, implementing its own, equally free Block Exchange Protocol. All transit communications between syncthing nodes are encrypted, and all nodes are uniquely identified with cryptographic certificates.
Syncthing can be installed with the package.
syncthing binary manually from a terminal.
Running Syncthing as a system service ensures that it is running at startup even if the user has no active session, it is intended to be used on a server.
Running Syncthing as a user service ensures that Syncthing only starts after the user has logged into the system (e.g., via the graphical login screen, or ssh). Thus, the user service is intended to be used on a (multiuser) desktop computer. To use the user service, start/enable the user unit
syncthing.service (i.e. with the
The systemd services need to be started for a specific user in any case, see Autostart-syncthing with systemd for detailed information on the services.
Syncthing can also be launched by. Use interface UI settings to start at startup, and to state whether to launch the syncthing daemon.
When launching the syncthing daemon using both systemd and, it might happen that two syncthing instances run concurrently leading to high CPU consumption: one launched by syncthing-gtk, and the other (slightly later) by systemd. To solve this, either avoid launching synchting using systemd, or configure syncthing-gtk to wait for the syncthing daemon.
Accessing the web-interface
When Syncthing is started, a web interface will be provided by default on http://localhost:8384.
After installation Syncthing already has a proper start-up configuration. You may now add new servers and/or folders by visiting the web interface. For detailed instructions on how to set up a simple network, read Syncthing's getting started.
After a successful first start, it will create the default repository at
~/Sync. You can see this in the web admin interface. On the right is the list of nodes you have added. On the left is the list of repositories, which are folders you can choose to share with other nodes.
To add another node, click "Add Node" underneath the list of nodes. You will be prompted for their Node ID (which can be found on the other machine by clicking
Edit > Show ID) as well as a short name and the address.
If you specify "dynamic" for the address, the syncthing announce server will be used to automatically exchange addresses between nodes. If you want to know more about Node IDs, including the cryptographic implications, you can read the appropriate Syncthing documentation page.
After saving the configuration, you will be prompted to restart the syncthing server, and once restarted, the changes will be applied.
Next, you can either change the configuration of the default node (click its name and then
Edit), or create a new one to share data with. Simply tick the node you wish to share the data with, and they will have permission to access it.
Tips and tricks
syncthing-inotifyservice when using the
Inotify (inode notify) is a Linux kernel subsystem that acts to extend filesystems to notice changes to the filesystem, and report those changes to applications. Syncthing does not support inotify yet but there is an official extension module which talks to the Syncthing REST API. The usage of inotify avoids expensive rescans every minute. The inotify extension can be installed with the package. Restart the
syncthing service for changes to take effect.
Alternatively, inotify support is provided by(which does not depend on ) but in this case inotify will only work while the GUI is running.
Increase the default
fs.inotify.max_user_watches value to prevent errors like Too many open files, by appending the following line:
Run a Relay
Syncthing has the ability to connect two devices via a relay when it is not possible to establish a direct connection between them. Relayed connections are end-to-end encrypted in the usual manner, so the relay has no insight into the connection other than the knowledge of the IP addresses and device IDs.
Anyone can run a relay server and it will automatically join the Syncthing relay pool and be available to all Syncthing's users. To run your own relay, install and Start/Enable
syncthing-relaysrv.service. Rate limiting and other options can be configured via the command line. These options can be set in the
ExecStart directive of the service drop-in file as follows:
[Service] ExecStart= ExecStart=/usr/bin/syncthing-relaysrv -global-rate 500000 -provided-by relayprovidername
-status-srvoptions. These ports should therefore be open for TCP connections.
Stop journal spam
Syncthing can be quite noisy even while it isn't doing anything. The service ExecStart can be overridden like this to filter output directly without an extra script (adjust "grep" as needed):
[Service] ExecStart= ExecStart=/bin/bash -c 'set -o pipefail; /usr/bin/syncthing -no-browser -no-restart -logflags=0 | grep -v "INFO: "'
The Syncthing Discovery Server is available in the AUR under here.AUR. The official documentation is provided
Note that the discovery server requires certificates to run, which should ideally be placed in
/var/discosrv. The user/group
syncthing needs permissions to be able to read the certificate files. You need to edit the systemd unit file to correctly point to the certificates (and to undertake any other configuration change you may want, see list).
[Unit] Description=Syncthing discovery server After=network.target [Service] User=syncthing Group=syncthing ExecStart=/bin/sh -c "/usr/bin/syncthing-discosrv -db-dsn='file:///var/discosrv/discosrv.db' -cert /var/discosrv/chain.pem -key /var/discosrv/key.pem" Restart=on-failure SuccessExitStatus=2 PrivateDevices=true ProtectSystem=full ProtectHome=true NoNewPrivileges=true [Install] WantedBy=multi-user.target
To point the client to your discovery server, change the
Global Discovery Servers variable under Settings to
https://yourserver:8443/ (default port) or whatever port you have reconfigured to. The variable takes a comma-separated list of discovery servers. It is possible to include multiple ones, including the default one.
If you are using self-signed certificates, the client refuses to connect unless you append the discovery server ID to its domain. The ID is printed to stdout upon launching the discovery server. Amend the Global Discovery Servers entry to add the ID:
Run in VirtualBox
It is possible to have Syncthing connect both locally and globally within a VirtualBox virtual machine keeping its network adapter in the standard NAT mode (as opposed to bridged networking attached to the host computer's adapter).
To achieve this, Syncthing should use a port in the VM different from the port it uses on the host.
If the default 22000 port is used by the host for listening, one could use 22001 in the VM.
This is carried out by setting Syncthing's Sync Protocol Listen Addresses to
tcp://:22001 in the VM and by opening the corresponding port of the virtual machine: the 22001/TCP host's port should be forwarded to the guest's same port:
$ VBoxManage modifyvm myvmname --natpf1 "syncthing,tcp,,22001,,22001"
In this setup, relaying should not be necessary: local devices can connect to the VM on port 22001 while global devices should be accessible as long as they have an open port.
See Debugging Syncthing.