coelner/gedankensplitter
1
0
Fork 0
Code Pull Requests Releases Activity

syncthing

Browse Source
This commit is contained in:
coelner 2023-05-04 14:59:26 +02:00
parent 8994f29053
commit 458031b8cd
2 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
syncthing-vm-sharing.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

33
syncthing.md Normal file
View File

@ -0,0 +1,33 @@
## syncthing Best-practise
#### config
syncthing works well under systemd context, especially under the user permission. The config is commonly under gnome located in `~/.conf/syncthing/`
#### misbehaviour
##### global state not equal to local state
- No elegant way to fix, delete instead the database and rebuild it all the way upp
##### encrypted unnsynced files
- No elegant way to fix, delete thee file and mybe reupload all of the folder
#### warpinator behaviour
- use link-local IPv6 adresses based on the mac like `quic6://[fe80:abcd:ef01:2345:6789%25enp0s8]:22000`
- reduce `fsWatcherDelayS`
- disable globalAnnouncement
- enable localAnnoucement and add multicastgroup? `[ff12::8384]:21027`
- add local Relay if needed `relay://[fe80:abcd:ef01:2345:6789%25enp0s8]:22067/?id=ABCDEF-000000-111111-222222-333333-4444444-555555-666666`
#### virtual machine ↔ host interconnect
![syncthing-vm-sharing.png](./syncthing-vm-sharing.png)
1. create separate vm which is connected to a host-only and the internal vm network
#### extended hardening
- set the `config.xml` to readonly and immutable
- deactivate the network interface for configuring
- use https certifiicate
#### bugs and missbehaviour
https://github.com/syncthing/syncthing/issues/7581
https://github.com/syncthing/docs/issues/780
announce interface identifier, either needs mapping to own interface or omit it in the hope, that the stack will track that