I need to sync the /home dir over two systems with multiple users. The file permissions and ownership need to be preserved, the are equal on both systems.
As far as I can see, there is no way to sync /home without root privileges.
Is it not practical to setup syncthing separately for 10 or 15 users, or has someone already built an automation for this with Ansible?
You can enable ownership syncing and grant the required bits to chown as non-root. It’s in the docs.
Yes I found this in the faq, but how can I setup my permissions, that syncthing can create/synchronize files for another user?
Is there a smart way around configuring and starting the process for each user? Maybe a automatic configuration with ansible?
The syncOwnership feature documented on that page covers it. More specifically, refer to the “Unix implementation” section: https://docs.syncthing.net/advanced/folder-sync-ownership.html#unix-implementation
Are you already using Ansible?
If not, for 10-15 users, it might be simpler to just manually set up Syncthing on a user by user basis. Given your particular use-case, once Syncthing is set up for a user you might rarely need to touch the configuration again.
Start with a prototype user (e.g. syncthing). Configure Syncthing to link your two systems. Then use the config.xml as a template to jumpstart the setup for the real users (keep the same API key and admin user/password to simplify remote management).
To simplify network port assignments, use a user’s UID as part of the port number – i.e. instead of Syncthing’s default 8384, if a user’s UID is 1001 use 11001 (as you already might know, binding to ports <= 1024 normally requires root permissions).
If you already have a network monitoring system, there’s Syncthing’s REST API: https://docs.syncthing.net/dev/rest.html. Otherwise, there are plenty to choose from: (https://en.wikipedia.org/wiki/Comparison_of_network_monitoring_systems.
Starting Syncthing via systemd for each user is just a one time command per user (documented on Syncthing’s autostart page).