gedankensplitter/syncthing.md

## syncthing Best-practise

#### config
syncthing works well under systemd context, especially under the user permission. The config is commonly under gnome located in `~/.conf/syncthing/`

#### misbehaviour
##### global state not equal to local state
- No elegant way to fix, delete instead the database and rebuild it all the way upp
##### encrypted unnsynced files
- No elegant way to fix, delete thee file and mybe reupload all of the folder

#### warpinator behaviour
- use link-local IPv6 adresses based on the mac like `quic6://[fe80:abcd:ef01:2345:6789%25enp0s8]:22000`
- reduce `fsWatcherDelayS`
- disable globalAnnouncement
- enable localAnnoucement and add multicastgroup? `[ff12::8384]:21027`
- add local Relay if needed `relay://[fe80:abcd:ef01:2345:6789%25enp0s8]:22067/?id=ABCDEF-000000-111111-222222-333333-4444444-555555-666666`

#### virtual machine ↔ host interconnect
![syncthing-vm-sharing.png](./syncthing-vm-sharing.png)
1. create separate vm which is connected to a host-only and the internal vm network

#### extended hardening
- set the `config.xml` to readonly and immutable
- deactivate the network interface  for configuring
- use https certifiicate 

#### bugs and missbehaviour
https://github.com/syncthing/syncthing/issues/7581
https://github.com/syncthing/docs/issues/780
announce interface identifier, either needs mapping to own interface or omit it in the hope, that the stack will track that
syncthing 2023-05-04 12:59:26 +00:00			`## syncthing Best-practise`

			`#### config`
			syncthing works well under systemd context, especially under the user permission. The config is commonly under gnome located in `~/.conf/syncthing/`

			`#### misbehaviour`
			`##### global state not equal to local state`
typo 2023-07-22 20:56:17 +00:00			`- No elegant way to fix, delete instead the database and rebuild it all the way upp`
syncthing 2023-05-04 12:59:26 +00:00			`##### encrypted unnsynced files`
typo 2023-07-22 20:56:17 +00:00			`- No elegant way to fix, delete thee file and mybe reupload all of the folder`
syncthing 2023-05-04 12:59:26 +00:00
			`#### warpinator behaviour`
			- use link-local IPv6 adresses based on the mac like `quic6://[fe80:abcd:ef01:2345:6789%25enp0s8]:22000`
			- reduce `fsWatcherDelayS`
			`- disable globalAnnouncement`
			- enable localAnnoucement and add multicastgroup? `[ff12::8384]:21027`
			- add local Relay if needed `relay://[fe80:abcd:ef01:2345:6789%25enp0s8]:22067/?id=ABCDEF-000000-111111-222222-333333-4444444-555555-666666`

			`#### virtual machine ↔ host interconnect`
			`![syncthing-vm-sharing.png](./syncthing-vm-sharing.png)`
			`1. create separate vm which is connected to a host-only and the internal vm network`

			`#### extended hardening`
			- set the `config.xml` to readonly and immutable
			`- deactivate the network interface for configuring`
			`- use https certifiicate`

			`#### bugs and missbehaviour`
			`https://github.com/syncthing/syncthing/issues/7581`
			`https://github.com/syncthing/docs/issues/780`
			`announce interface identifier, either needs mapping to own interface or omit it in the hope, that the stack will track that`