Solved: Is there a tutorial for private disco and relay server usage

mfld · July 5, 2021, 8:02am

Following the docu I have a few untrusted devices that receive encrypted folders and a few trusted full-sync devices up and running. Works really well. The untrusted raspberry pi at family member’s houses are always on and I can get stuff synced nicely. But I wanted to use my own relay exclusively and here is where things go weird. Following along with the documentation I simply set up a relay and a discovery server on a VPS. This VPS is not acting as a syncthing node. Just relay and discovery. I have the URL for discovery on port 8443 and I have the relay:// URI for the relay service.

i.e.:

https://my.vps.tld:8443/?id=1111111-2222222-3333333-XXXXXX-YYYYYY

relay://my.vps/tld:22067/?id=3333333-4444444-5555555-ZZZZZZZ

Now on all my clients I set these settings:

Actions → Settings → Connections

Have all of these checked:

Enable NAT traversal
Local Discovery
Global Discovery
Enable Relaying

In “Global Discovery Servers” I put my disco URL, example https://my.vps.tld:8443/?id=1111111-2222222-3333333-XXXXXX-YYYYYY

Up on top Under “Sync Protocol Listen Addresses” it has “default” and I append a white space, a comma and then put the relay server URI, i.e. default, relay://my.vps/tld:22067/?id=3333333-4444444-5555555-ZZZZZZZ

This seems to work because I can see in the log that the relay was joined. On the relay server if I run it with debug it also talks of sending and receiving data for clients.

If I turn off “Global Discovery”, clients on different networks cannot see each other anymore so Discovery seems to work, too.

The issue is that I notice that in the client logs they sometimes also connect to random third party relays.

My guestion is this: Is there any combination of settings that will let them discover each other via a private discovery server ONLY and use ONLY the private relay ?

Or do I need to turn off “Global Discovery” altogether and add the private relay’s URI as an address for each remote device where it defaults to dynamic, do I need to put dynamic, relay://my.vps/tld:22067/?id=3333333-4444444-5555555-ZZZZZZZ

AudriusButkevicius · July 5, 2021, 8:07am

“default” listen address also includes public relays.

mfld · July 5, 2021, 8:09am

Awesome. So I can just change from default to tcp://:22000 quic://:22000 and my relay:// in Actions → Settings → Connections → Sync Protocol Listen Addresses

?

AudriusButkevicius · July 5, 2021, 8:22am

Yes, that would do it.

mfld · July 5, 2021, 8:26am

Done! Now I see only the expected relay under remote devices. Thank you so much!

system · August 4, 2021, 8:27am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.