Syncthing is an open source and cross-platform peer-to-peer synchronization software used to synchronize files and folders between multiple devices securely in a network. Syncthing is considered reliable and secure alternative to cloud-based file synchronization services such as Google Drive, Dropbox, e.t.c. Syncthing utilizes a decentralized architecture that enables devices to communicate with each other directly over an encrypted channel, without the need for a central server. As a user you have full complete control over your data and not relying on third-party services to store files.
When you install Syncthing, it ships with a web-based GUI that provides detailed information about files synchronization status as well as tools for configuring advanced options such as service start / stop, device discovery, adding new device and more configurations like LDAP integration. Some key features of Syncthing synchronization tool are:
- Encryption: All communication between devices is encrypted using TLS to ensure that data is protected from unauthorized access.
- Cross-platform support: Syncthing can run on a wide range of platforms, including Linux, Windows, macOS, Android, and FreeBSD.
- Decentralization: Syncthing operates on a peer-to-peer architecture eliminating the need for a central server. Users have control over their data
- Versioning: It has a sophisticated versioning system to ensure that changes made to files are propagated correctly between devices, even if multiple changes are made simultaneously.
- Selective synchronization: Users can choose which folders they want to synchronize between devices, giving them greater control over their data.
- Web-based GUI: Syncthing includes a user-friendly web-based GUI.
Install Syncthing on Rocky Linux 9 / CentOS 9 / AlmaLinux 9
Here are the steps you’ll follow to install and configure Syncthing on Rocky 9, CentOS 9, or AlmaLinux 9 system.
Step 1: Download and Install Syncthing
You can check the latest stable release of Syncthing from the Github release page. Download it using wget or curl
curl -s https://api.github.com/repos/syncthing/syncthing/releases/latest | grep browser_download_url | grep linux-amd64 | cut -d '"' -f 4 | wget -qi -Next we extract downloaded file using tar
tar xvf syncthing-linux-amd64*.tar.gzNext we copy binary file to /usr/bin directory
sudo cp syncthing-linux-amd64-*/syncthing /usr/bin/Confirm the installation was successful by checking the version.
$ syncthing --version
syncthing v1.23.7 "Fermium Flea" (go1.20.7 linux-amd64) [email protected] 2023-07-31 03:45:37 UTC
Step 2: Create Syncthing systemd unit file
Syncthing service can be managed using systemd on systems that support it. We need to create a service unit for it.
Create user account called syncthing
sudo useradd -m syncthingYou can add the user to wheel group.
sudo usermod -aG wheel syncthingGive it a strong password.
$ sudo passwd syncthing
Changing password for user syncthing.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Create systemd unit file.
$ sudo vi /etc/systemd/system/[email protected]
[Unit]
Description=Syncthing - Open Source Continuous File Synchronization for %I
Documentation=man:syncthing(1)
After=network.target
StartLimitIntervalSec=60
StartLimitBurst=4
[Service]
User=%i
ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0
Restart=on-failure
RestartSec=1
SuccessExitStatus=3 4
RestartForceExitStatus=3 4
# Hardening
ProtectSystem=full
PrivateTmp=true
SystemCallArchitectures=native
MemoryDenyWriteExecute=true
NoNewPrivileges=true
# Elevated permissions to sync ownership (disabled by default),
# see https://docs.syncthing.net/advanced/folder-sync-ownership
#AmbientCapabilities=CAP_CHOWN CAP_FOWNER
[Install]
WantedBy=multi-user.target
Reload systemd for the change to be effective.
sudo systemctl daemon-reloadStart and enable the service.
sudo systemctl start syncthing@syncthing
sudo systemctl enable syncthing@syncthingCheck its status to confirm it’s running.
$ systemctl status syncthing@syncthing
● [email protected] - Syncthing - Open Source Continuous File Synchronization for syncthing
Loaded: loaded (/etc/systemd/system/sync[email protected]; disabled; vendor preset: disabled)
Active: active (running) since Thu 2023-03-02 17:41:05 UTC; 15s ago
Docs: man:syncthing(1)
Main PID: 10605 (syncthing)
Tasks: 16 (limit: 24167)
Memory: 28.3M
CPU: 1.682s
CGroup: /system.slice/system-syncthing.slice/[email protected]
├─10605 /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
└─10612 /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: Loading HTTPS certificate: open /root/.config/syncthing/https-cert.pem: no such file or directory
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: Creating new HTTPS certificate
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: GUI and API listening on 127.0.0.1:8384
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: Access the GUI via the following URL: http://127.0.0.1:8384/
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: My name is "rocky9.mylab.io"
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] WARNING: Syncthing should not run as a privileged or system user. Please consider using a normal user account.
Mar 02 17:41:06 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: Completed initial scan of sendreceive folder "Default Folder" (default)
Mar 02 17:41:07 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: quic://0.0.0.0:22000 detected NAT type: Not behind a NAT
Mar 02 17:41:07 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: quic://0.0.0.0:22000 resolved external address quic://65.108.59.32:22000 (via stun.syncthing.net:3478)
Mar 02 17:41:16 rocky9.mylab.io syncthing[10605]: [7N43J] INFO: Detected 0 NAT services
To allow listen on all interfaces use:
ExecStart=/usr/bin/syncthing --no-browser --gui-address="0.0.0.0:8384" --no-restart --logflags=0Step 3: Using separate partition for Syncthing data
I’ll configure /dev/sdb for files sync.
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 600M 0 part /boot/efi
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 48.4G 0 part
├─rl-root 253:0 0 43.4G 0 lvm /
└─rl-swap 253:1 0 5G 0 lvm [SWAP]
sdb 8:16 0 200G 0 diskCreate partition table on the raw disk /dev/sdX
sudo parted -s -a optimal -- /dev/sdX mklabel gpt
sudo parted -s -a optimal -- /dev/sdX mkpart primary 0% 100%
sudo parted -s -- /dev/sdX align-check optimal 1Create filesystem on it. In this example we’re using LVM.
sudo pvcreate /dev/sdX1
sudo vgcreate data /dev/sdX1
sudo lvcreate -n syncthing -l +100%FREE data
sudo mkfs.xfs /dev/data/syncthing
echo "/dev/data/syncthing /home/syncthing/data xfs defaults 0 0" | sudo tee -a /etc/fstabCreate mount point
sudo mkdir /home/syncthing/dataMount the partition at runtime to validate it works.
sudo mount -aConfirm the mounting works.
$ df -hT /home/syncthing/data
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/data-syncthing xfs 200G 44G 157G 22% /home/syncthing/dataSet correct permissions for the data directory.
sudo chown syncthing:syncthing /home/syncthing/dataConfirm it works.
$ ls -lhd /home/syncthing/*
drwxr-xr-x. 2 syncthing syncthing 6 Feb 28 00:49 /home/syncthing/data
drwxr-xr-x. 3 syncthing syncthing 23 Feb 28 00:28 /home/syncthing/SyncStep 4: Allow required ports in firewalld
If you have firewalld active, allow ports 8384 and 22000. Both TCP
sudo firewall-cmd --add-port={8384,22000}/tcp --zone=public --permanent
sudo firewall-cmd --reloadYou can list all ports allowed using
firewall-cmd --list-allStep 5: Access Syncthing Web UI
Once the service is started Syncthing admin GUI accessible on port 8384. Open the link on https://localhost_or_ServerIP:8384/
Click on “Settings” to set password for admin user.
Test by logging in with username admin and password set above.
In our next article we shall cover the process of files and folders synchronization between multiple devices using Syncthing.
Conclusion
Syncthing is a powerful and versatile file synchronization tool designed to be secure and decentralized. Syncthing is a good alternative to cloud-based file synchronization services that require subscription and internet access to use. With its cross-platform support, sophisticated versioning system, and user-friendly web-based GUI, Syncthing is a great choice for users looking to synchronize files between multiple devices while maintaining control over their data.
