Greatly respect all of the comments and concerns here… and some of the pitfalls.
Secondly, Syncthing is a great piece of technology, and compliments to all those who have made it a great success.
We have had similar problems as others, and have managed to come up with a solution for us.
‘syncthing-acl’ is a daemon that manages file permissions and ownerships across syncthing servers. We use it distribute our backups mainly, but originally it was developed for a resilient cloud based file-system.
We have used it for a while ( with … lets say improving success ), but it is alpha… I think it might help with some ideas/solutions. Its uses syncthing to propogate acl’s and ownerships.
BUT please be aware that this is work in progress.
I’m still struggling with ownership of files and directories. The Metadata of a file is as important as the content for me. Otherwise files belong to Peter would be accessible by somebody else in the case of a restore.
Maybe a suggestion about this topic: Would it be possible to implement this feature in a “sudo” way ?
I mean that if the ownership synchronisation feature is enabled then the golang code executes a kind of
sudo chown -R owner.group targetpath
GUI could display a warning on the ownership synchronisation feature saying that it requires sudo chown or runas permission on the target system. Or maybe that feature could also prevent from being activated if it fails to execute a testing command with sudo.
This way, no need to run synchting as root, just require a little tweak on the target operating system