hi all, after ~1yr of trying various settings, syncthing finally works for me with very good response\reliability.
that being said, i have been unable to find a good guide\video that offers the minimal\simplest config for better security and reliability (and describing tradeoffs as they occur).
my current setup is use on a home network only between linux boxes that use spam+ad+malware blocking host files, updated every few months from antiX. this standard host file utilizes 127.0.0.1 assigned to both localnet and the unique hostname on which it resides, with 0.0.0.0 assigned to all specifically named unwelcome sites.
for reliability i use fixed IP+port settings for quic and tcp in syncthing, despite my router set to dynamic. somehow i ended up with different port setting for each machine (1 shared folder/machine), but i have now set most advanced option values back to ‘default’, where it is clear ‘default’ is a valid entry. introducer is set to just 1 desktop machine, and syncthing relays are ‘off’. LAN announce, global announce, local announce, and NAT are all set to ‘on’, but unsure which are really needed.
i basically see a few areas for advice on improving :
-
a. since someday the router may not renew existing IPs with the same address, i would like to replace the fixed syncthing IPs for tcp and quic. having tried ‘dynamic’ within syncthing in the past, i found sync would often not work within ~10 min of machines going into power suspend mode. my currrent use of fixed IP+port usually works as soon as the machine network activates.
-
b. i do not used the ‘always use local net’ option for added security. opinions and usage?
-
c. much further away, i would like to sync to cloud when traveling and then return to sync local when home. has anyone found a easy and secure process for this?
