I’m trying to get Syncthing to work on my qnap nas. I’ve installed the qpkg, and now it appears to be running, but I can’t access the GUI from my laptop.
From command line while having ssh access to the nas (output shortened):
[~] # syncsh status full
syncthing is Enable
herefater task running one with select multiple with fork
14760 admin 3164 S /share/HDA_DATA/.qpkg/syncthing/syncthing -home /shar
14807 admin 16604 S N /share/HDA_DATA/.qpkg/syncthing/syncthing -home /shar
QPKG version
1
Syncthing version from qpkg.conf
QPKG Config File
[global]
# use x86 bin in place of x86_64
Use_x86=FALSE
# global_discovery=FALSE
Log=YES
guiAddress=0.0.0.0:8090
guihttps=NO
user=admin
gogc=100
gomaxprocs=0
(...)
Syncthing config file
<configuration version="28">
<gui enabled="true" tls="false" debugging="false">
<address>127.0.0.1:8384</address>
<apikey>YgHGXQvWz6EkyAKbmA6TEnSWEgDfMFS6</apikey>
<theme>default</theme>
</gui>
<ldap></ldap>
<options>
(...)
</options>
</configuration>
The localhost and port mentioned don’t seem to be open though:
(Eventually I want to access the GUI from my laptop via $ ssh -L 9090:127.0.0.1:8384 user@othercomputer.example.com as described in the FAQ section 2.2.21.)
And in fact, I can access the nas’ GUI through its IP address (192.168.1.100 in my case) and that port, from my laptop’s browser (so, on http://192.168.1.100:8090/)
However, that port is listed in syncsh status full together with ip address 0.0.0.0, which, if I understand correctly, is not recommended for security reasons, as it’s accessible by anyone on the network. Instead of putting a password on the GUI to reduce the risk, my preferred option is to turn off the 0.0.0.0 address (as recommended here) and use ssh's security, so that the GUI is only shown to those that are able to ssh into the nas. And I actually thought that is what I was doing, as syncthing’s config.xml file mentions (as is shown in my code-snipped):
<address>127.0.0.1:8384</address>
The 0.0.0.0 address does not appear in config.xml.
So my questions now:
Where is the 0.0.0.0 address configured?
Is there a reason it takes precedence over the address configured in config.xml?
Yes, I had seen that line QPKG Config File as well.
There is only one file I can find that I think might be meant, and that is /etc/config/qpkg.conf. It does not have the mentioned entries, however. The section on syncthing:
[syncthing]
Name = syncthing
Version = 1-
Enable = TRUE
QPKG_File = syncthing.qpkg
Date = 2018-11-03
Shell = /share/HDA_DATA/.qpkg/syncthing/syncthing.sh
Install_Path = /share/HDA_DATA/.qpkg/syncthing
Web_Port = 8090
WebUI /
Author = Father_mande
To see if this file’s contents is used, I first changed changing the 3rd to last line to Web_Port = 8384, and restartet the service (syncsh restart) This does not change anything:
and also, the GUI is still available at the nass IP address and port 8090, and status (syncsh status full) still shows the 0.0.0.0 ip address, just like before:
[/] # syncsh status full
syncthing is Enable
herefater task running one with select multiple with fork
29452 admin 22080 S /share/HDA_DATA/.qpkg/syncthing/syncthing -home /shar
29511 admin 35408 S N /share/HDA_DATA/.qpkg/syncthing/syncthing -home /shar
QPKG version
1
Syncthing version from qpkg.conf
QPKG Config File
[global]
# use x86 bin in place of x86_64
Use_x86=FALSE
# global_discovery=FALSE
Log=YES
guiAddress=0.0.0.0:8090
guihttps=NO
user=admin
gogc=100
gomaxprocs=0
# localAnnoun...
This file’s contents is used, though, as changing the line to WebUI = / (so with a =), makes the GUI no longer available. In that case nothing is running at either port 8384 or 8090.
I wouldn’t know where else to look. I’ve tried finding the files with pattern *qpkg*conf*, but apart from the one I edited, only an empty log file (/etc/config/qpkq_log.conf) came up.
If you have any more suggestions I’d love to hear them. I’ll try my luck at the forum for the qpkg file otherwise.
For anyone having the same problem, I’ll post the next step here now, though it doesn’t completely clear things up.
The main config files for syncthing on my nas (they might be in different location on different qnap devices) are in /share/HDA_DATA/.qpkg/syncthing/config/, but it turns out there is another file located in the parent: share/HDA_DATA/.qpkg/syncthing/syncthing.conf. This one contains the configuration:
[global]
# use x86 bin in place of x86_64
Use_x86=FALSE
# global_discovery=FALSE
Log=YES
guiAddress=0.0.0.0:8090
guihttps=NO
user=admin
gogc=100
gomaxprocs=0
# localAnnouncePort=21025
# listenAddress=0.0.0.0:22000
# upnp=TRUE
# Cert_Path=""
# home="/root/.config/syncthing"
ENV=""
### create here for each repository to change rescan (sec)
# [Repository_name]
# rescan=60
Commenting guiAddress out doesn’t seem to have any effect though, so it’s not the end solution yet. But getting closer, I hope.