I would like to use Syncthing on a few servers to share some files, like the Wordpress upload folder. Instead of putting the files on a remote shared drive, I would like to have them locally on every server, synced with Syncthing. When one file is added or changed on one server, the others are updated.
This should run in Docker Swarm. My idea is to have Syncthing running headless in a container on every server. Then add a single Syncthing-controller container, that fetches all internal Syncthing IPs every 5 minutes via Swarm API, checks via Syncthing REST API with all servers if all IPs are already registered as peers, and adds them and a default shared folder if necessary.
I setup my first Syncthing server “cluster” via GUI, got the token, added it on one server, confirmed it on the other. Same for folder, added it on one server, confirmed it on the others. So quite a few steps that probably need to be replicated via REST API.
Is it even possible to setup a Syncthing instance without any GUI, just using the REST API? Can an initial token be supplied via env or set via CLI?
Has this been done before? I prefer not to re-invent the wheel and rather use something proven then try to code myself. Internet search didn’t show me any viable projects.
Certainly this is possible. It’s not clear to me if you mean “API key” or “device ID” when you say token. For the API key, it can be set from the command line when starting, so you could use the same for all your instances and it would be known beforehand by your management system. As for tying the devices together, you need the device IDs which you can get via REST, and push the corresponding device entries to the config on both sides.
I’m not aware of any ready-made solution. I tried building one, but it turns out it’s quite hard to build something generic that fulfils all use cases and doesn’t devolve into just being programming. (And also, nobody wants to pay for this. :))
I’m not sure why you would want to do so (and no, not that I’m aware of:)), since using the right API-key would be the solution here (“X-API-Key: …”).
As Eric says, there is no CSRF protection when using an API key. Unfortunately, the error becomes misleading: read it as “bad API key” instead, in this case.
I can fetch all Syncthing instance IPs from Docker Swarm, then get their myID via GET /rest/system/status and add it to the others with POST /rest/config/devices:
{
deviceID: device,
autoAcceptFolders: true
}
Next I would like to add a single folder with POST /rest/config/folders to the first Syncthing instance, adding own and other myIDs:
What’s the correct way to add a single synced folder to all Syncthing instances? Should I use autoAcceptFolders or add the single folder manually to every instance? Do I need to manually set/update the path on every instance?
Or should I better just stick with the single default folder and make sure on every instance the folder has all other deviceIDs set?
Auto-accepted folders will have Syncthing make up a path by itself, as it has to. If you want to control it manually you need to add the folder there yourself via the API.
So on every node I need to create the folder with a common ID and the correct path first. Only when all nodes know about the folder, I add the other deviceIDs to it?
One “syncthing-controller” container for a simple work flow:
Get all Syncthing container IPs from Docker Swarm
Get Syncthing IDs from all containers via IP
Get Syncthing “devices” from each container and add IDs which are missing
Get Syncthing default folder from each container and update “devices” with IDs which are missing
Sleep and repeat
With this another service/container can use /var/sycthing/Sync/myfolder for files which are automatically replicated across all Syncthing nodes. This can be used for configuration files, LetsEncrypt certificates or folders like Wordpress upload.
