First time setup on server and multiple Windows clients

Hello, we are in the process of setting up Syncthing for the first time and we have some questions about how to start/best practices.

There is a group of users, most of them running Windows clients, and one Ubuntu server which is supposed to host an always-on instance for each user. Our current setup uses multiple Resilio Sync instances, most users have “Read-Only” folders on the server (because no changes should originate on the server) and “Read-Write” folders on all of their other computers (laptops, desktops, …). Some users also use restic to pull backups from some of the synced “Read-Only” folders regularly. We would ideally like to replicate this setup with Syncthing.

Right now it looks to us like the best solution are multiple systemd services of syncthing@username.service running in parallel and independently. That way all of the users get their own instance, folders etc. We have a few points we are not clear on, so here they go:

1. We have read that a read only folder was in the making (A proposal for a receive-only folder type), but is not there yet. This would have been nice, because for a lot of things the server should only read (“being always on”) the changes and distribute them, but should NOT be allowed to make changes if the user on the server changes something by accident. However, the user should be able to have as many additional read&write machines as they want. (In short: Multiple read/write masters, one read/distribute slave.) Can this be done right now? If so, how? What is the closest alternative if not?

2. If a user has say three locations (server, laptop, desktop) where they have folders in sync from previous software (Resilio in this case) what would be the better way to start syncing with syncthing: a) Add all folders on all the nodes “at the same time”, Syncthing recognizes that it does not need to sync anything, just index and its fine. b) Or delete the old syncs and use e.q. the laptop as a seed to get everything in sync (maybe go somewhere with a nice upload). c) Any other option?

3. If we will run multiple instances (5+), do we have to take care and change some of the ports because of multiple user instances of syncthing? Obviously each WEB UI will be running on a different port, but should we set the TCP ports to different values as well? Or does Syncthing automatically take care of this?

4. If there are 5+ people syncing 5 folders each with tens of gigabytes, so potentially say 25 folders, 20 GB each, what are some reasonable parameters for scanning intervals? We ran into issues with Resilio before that on each user, by the time the rescan of each folder finished, it was already past due to scan for changes again and this generated more than 25 processes permanently scanning the drive in parallel, which is not optimal for RAID operations. Is there a way around this? How should we handle this?

Thank you for all advice and tips, we appreciate your help.

1. Not possible within Syncthing. But as it’s a server and there shouldn’t be any changes every, you could just make those directories inaccessible/read-only to the users.

2. TLDR: Don’t delete, just connect. There were some deliberations on whether it would be faster to first scan, then connect and/or connect one after the other, but I don’t think there is any conclusive “best” method. It will take a while anyway (hashing and exchanging info until everyone knows that everyone else has the same stuff).

3. Both web UI and listen/tcp ports aren’t done automatically, you do need to set them accordingly (typically 22000, 22001, 22002, … for listen).

4. There is FS watching, i.e. scanning changes when they happen now. Well technically it is only activated by default in the upcoming 0.14.47 release, but the code is already in there. That should help a lot. You still need to run periodical full scans (watcher shouldn’t, but might miss things), but less often. How often depends on your hardware and use-case, you’ll have to figure that out yourself.

I would go so far to say: Better not done through Syncthing even if/when the feature is available. A controlled server is precisely the environment you should be using user permissions so only the ST user can write in the directories.

Alright, everything is set up and seems to work for a while now. Thank you very much for the help.

1. I understand. We are just worried that root might break something rm -rf / style and syncthing starts syncing that.

2. I did not delete like recommended and it worked like a charm.

3. We changed the ports and it works.

4. I enabled the FS and rescan to something reasonable. (I also noticed that it is the default for the new update)

The only thing we noticed was some periodic connection and reconnection (with an accompanying notification from SyncTrayzor), which I thought was strange.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.