Mar 242019

We know the routine. You have a desktop, and a laptop, or perhaps two laptops. You want your files in both places. A shared, remotely mounted directory is not ideal. Instead, let’s have the systems synchronize themselves.

That’s where syncthing comes in:

Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it’s transmitted over the Internet.

Installing and running

I decided to install syncthing within an existing jail, called fileserver.

I was using Syncthing on FreeBSD as my starting place. My experiences differed, specifically:

  1. I did not have to manually create /var/log/syncthing.log
  2. I did not have to create /var/run/

Why? I attribute that to the port evolving, but I really do not know.

I installed via pkg install syncthing, and I had already built it on my poudriere server.

I started it with: service syncthing start

All very standard stuff.

What did I see?

$ ps auwwx | grep sync
syncthing 12450 20.1  0.0 121732  52104  -  SNJ  21:06   0:02.16 /usr/local/bin/syncthing -home=/usr/local/etc/syncthing -logfile=/var/log/syncthing.log -no-browser
syncthing 12447  0.5  0.0 119940  46884  -  SJ   21:06   0:00.39 /usr/local/bin/syncthing -home=/usr/local/etc/syncthing -logfile=/var/log/syncthing.log -no-browser
syncthing 12446  0.0  0.0  10812   2248  -  SsJ  21:06   0:00.00 daemon: /usr/local/bin/syncthing[12447] (daemon)
root      12865  0.0  0.0  11112   2576  2  R+J  21:06   0:00.00 grep sync

$ ls -l /var/log/syncthing.log
-rwxr-xr-x  1 syncthing  syncthing  2362 Mar 23 21:07 /var/log/syncthing.log

$ sockstat -l -4 | grep syncthing
syncthing syncthing 12450 13 tcp4       *:*
syncthing syncthing 12450 14 udp4       *:*
syncthing syncthing 12450 15 udp4       *:*
syncthing syncthing 12450 18 tcp4        *:*

$ # ls -l /usr/local/etc/syncthing
total 59
-rw-r--r--  1 syncthing  syncthing   615 Mar 23 21:06 cert.pem
-rw-------  1 syncthing  syncthing  3761 Mar 23 21:06 config.xml
-rw-r--r--  1 syncthing  syncthing   672 Mar 23 21:06 https-cert.pem
-rw-------  1 syncthing  syncthing   288 Mar 23 21:06 https-key.pem
drwxr-xr-x  2 syncthing  syncthing     7 Mar 23 21:06 index-v0.14.0.db
-rw-------  1 syncthing  syncthing   288 Mar 23 21:06 key.pem

Nothing spectacular at all.

When I tried to browse to I got a ‘check host error’ which is documented.

I am sure this can be fixed by other solutions, but I installed Nginx and create a reverse proxy, which is outside scope for this blog post, but see

This is the virtual host I used:

server {
  listen ssl http2;
  ssl_protocols TLSv1.2 TLSv1.1 TLSv1;


  root /usr/local/www/;

  error_log  /var/log/  info;
  access_log /var/log/ combined;

  ssl_certificate     /usr/local/etc/ssl/;
  ssl_certificate_key /usr/local/etc/ssl/;

  location  /  {
    proxy_set_header Host localhost;


Not shown here, is my creation of a Let’s Encrypt certificate, and configuration of anvil to pull the cert down from my distribution server.

I also created an entry in DNS for which has the same IP address as

Opening that URL in my browser showed me this:

sycnthing web GUI

sycnthing web GUI


My first step, seeing as this server runs ZFS, I will create a dedicated filesystem for syncthing and mount it within this jail.

[dan@slocum:~] $ sudo zfs create -o recordsize=512K -o mountpoint=/iocage/jails/fileserver/root/usr/local/syncthing system/data/syncthing
[dan@slocum:~] $ 

From within the jail, I saw:

[dan@fileserver:~] $ ls -ld /usr/local/syncthing/
drwxr-xr-x  2 root  wheel  2 Mar 23 21:50 /usr/local/syncthing/
[dan@fileserver:~] $ sudo chown syncthing:syncthing /usr/local/syncthing/
[dan@fileserver:~] $ sudo chmod o= /usr/local/syncthing/
[dan@fileserver:~] $ ls -ld /usr/local/syncthing/
drwxr-x---  2 syncthing  syncthing  2 Mar 23 21:50 /usr/local/syncthing/
[dan@fileserver:~] # 

I adjusted the directory permissions so that only syncthing had access.

Via the web GUI, I clicked on settings and changed the Device Name to, so it matched the DNS entry, as opposed to the host name.

I also changed Default Folder Path from ~ to /usr/local/syncthing.

I manually changed /usr/local/etc/syncthing/config.xml and changed




You should also set the GUI Authentication User and GUI Authentication User values on the GUI tab. This controls access to your syncthing instance.

I also disabled relays, via Actions | Advanced | Options | Relays Enabled. Relays are required unless all your systems have direct connections. All my hosts are on the same VPN so I disabled this.

Then I restarted the service:

$ sudo service syncthing restart
Stopping syncthing.
Waiting for PIDS: 12447.
Starting syncthing.

Now the web GUI looks like this:

syncthing with new default folder

syncthing with new default folder

Introducing my laptop to my server, syncthing style

I was doing this on my MacBook Pro, and I had previously installed Syncthing.

On the server, I clicked on Show Id. I copied the ID and browsed to where I saw this:

syncthing web UI on my laptop

syncthing web UI on my laptop

I clicked on +Add Remote Device. I pasted the device ID of my server, added the name of my server, and clicked on Save.

Back on the server, I saw a message:

server UI - new device

server UI – new device

That IP address is not the IP address of my laptop. It’s the relay server that my laptop is using. When took this screenshot, I had not yet disabled relays.

After adding my laptop, the web GUI for my server looked like this:

server web GUI after adding laptop

server web GUI after adding laptop

This screen shot is actually from the next day, when I sat at a cafe typing up this part. From there, I had added a second latop, air01, and got it working.

Setting the address

Please ignore this section if you are using relays.

Instead of using relays, I want my hosts to connect directly to each other. This is possible because they are all on the same VPN. If firewalls/NAT/etc are involved, you might have more work to do before taking this step.

On my server, I clicked on my laptop under Remote Devices, then on Edit. In the addresses field I put: tcp://

I did this for all devices on all hosts.

Sharing a folder

ON my laptop I did this:

[dan@air01:~] $ mkdir Testing
[dan@air01:~] $ touch Testing/SharedFileTest
[dan@air01:~] $ 

The following steps allowed me to share that directory with my server:

  1. In the web GUI for the air01 laptop, I clicked on Add Folder.
  2. In Folder Label, I put Testing.
  3. In Folder Path, I put /Users/dan/Testing, but it defaulted to this value because of what I put in the Label field.
  4. On the Sharing tab, I checked the box beside my server name.
  5. Then I clicked on Save.

On the server web GUI, I saw this message:

server add folder

server add folder

I clicked on Add and saw this:

server add folder

server add folder

I looked in /usr/local/syncthing/ where I saw:

[dan@fileserver:~] $ sudo ls -l /usr/local/syncthing
total 6
drwxr-xr-x  2 syncthing  syncthing  2 Mar 23 22:01 .stfolder
drwxr-xr-x  3 syncthing  syncthing  4 Mar 24 16:30 Testing

[dan@fileserver:~] $ sudo ls -l /usr/local/syncthing/Testing
total 2
drwxr-xr-x  2 syncthing  syncthing  2 Mar 24 16:30 .stfolder
-rw-r--r--  1 syncthing  syncthing  0 Mar 24 16:27 SharedFileTest
[dan@fileserver:~] $ 

What next?

I deleted all my testing folders, and went BIG. I added my Documents folder. Now that’s syncing:

documents syncing

documents syncing

My next goal: external file verisioning with zfs snapshots.

Website Pin Facebook Twitter Myspace Friendfeed Technorati Digg Google StumbleUpon Premium Responsive