Add Syncthing support
This commit is contained in:
parent
cd7ef92fb4
commit
a2f27d7725
5 changed files with 131 additions and 2 deletions
87
docs/services/syncthing.md
Normal file
87
docs/services/syncthing.md
Normal file
|
@ -0,0 +1,87 @@
|
|||
# Syncthing
|
||||
|
||||
[Syncthing](https://syncthing.net/) is a **continuous file synchronization** program which synchronizes files between two or more computers in real time, safely protected from prying eyes.
|
||||
|
||||
|
||||
## Dependencies
|
||||
|
||||
This service requires the following other services:
|
||||
|
||||
- a [Traefik](traefik.md) reverse-proxy server
|
||||
|
||||
|
||||
## Configuration
|
||||
|
||||
To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
|
||||
|
||||
```yaml
|
||||
########################################################################
|
||||
# #
|
||||
# syncthing #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
syncthing_enabled: true
|
||||
|
||||
syncthing_hostname: mash.example.com
|
||||
syncthing_path_prefix: /syncthing
|
||||
|
||||
# By default, the data directory is created at (`/mash/syncthing/data`), as defined below.
|
||||
# If you'd like to put it elsewhere on the host, uncomment and edit the line below.
|
||||
#
|
||||
# Regardless of the location of the data directory on the host,
|
||||
# it will be mounted into the Syncthing container at `/data`.
|
||||
# syncthing_data_path: "{{ syncthing_base_path }}/data"
|
||||
|
||||
# To mount additional data directories, use `syncthing_container_additional_volumes`.
|
||||
|
||||
# Secure with HTTP Basic Auth (at the Traefik level)
|
||||
syncthing_basicauth_enabled: true
|
||||
|
||||
# Syncthing is NOT a multi-user system.
|
||||
# Whichever user you authenticate with later, you would get to the same shared system.
|
||||
syncthing_basicauth_credentials:
|
||||
- username: someone
|
||||
password: secret-password
|
||||
- username: another
|
||||
password: more-secret-password
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# /syncthing #
|
||||
# #
|
||||
########################################################################
|
||||
```
|
||||
|
||||
### URL
|
||||
|
||||
In the example configuration above, we configure the service to be hosted at `https://mash.example.com/syncthing`.
|
||||
|
||||
You can remove the `syncthing_path_prefix` variable definition, to make it default to `/`, so that the service is served at `https://mash.example.com/`.
|
||||
|
||||
### Authenticaiton
|
||||
|
||||
You can log in with **any** of the Basic Auth credentials defined in `syncthing_basicauth_credentials`. Syncthing is **not a multi-user system**, so whichever user you authenticate with, you'd ultimately end up looking at the same shared system.
|
||||
|
||||
Authentication is **done at the reverse-proxy level** (Traefik), so upon logging in, Syncthing will show you scary warnings about **no GUI password being set**. You should ignore these warnings.
|
||||
|
||||
You can hide the warning permanently by going to **Actions** -> **Advanced** -> **GUI** section -> checking the **Insecure Admin Access** checkbox.
|
||||
|
||||
### Configuration & Data
|
||||
|
||||
The Syncthing configuration (stored in `syncthing_config_path` on the host) is mounted to the `/var/syncthing` directory in the container.
|
||||
By default, Syncthing will create a default `Sync` directory underneath. We advise that you **don't use this** `Sync` directory and use the data directory (discussed below).
|
||||
|
||||
As mentioned above, the **data directory** (stored in `syncthing_data_path` on the host) is mounted to the `/data` directory in the container. We advise that you put data files underneath `/data` when you start using Syncthing.
|
||||
|
||||
If you'd like to **mount additional directories** into the container, look into the `syncthing_container_additional_volumes` variable part of the [`ansible-role-syncthing` role](https://github.com/mother-of-all-self-hosting/ansible-role-syncthing)'s [`defaults/main.yml` file](https://github.com/mother-of-all-self-hosting/ansible-role-syncthing/blob/main/defaults/main.yml).
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
After installation, you can go to the Syncthing URL, as defined in `syncthing_hostname` and `syncthing_path_prefix`.
|
||||
|
||||
As mentioned in [Configuration & Data](#configuration--data) above, you should:
|
||||
|
||||
- get rid of the `Default Folder` directory that was automatically created in `/var/syncthing/Sync`
|
||||
- change the default data directory, by going to **Actions** -> **Settings** -> **General** tab -> **Edit Folder Defaults** and changing **Folder Path** to `/data`
|
|
@ -23,6 +23,7 @@
|
|||
| [Radicale](https://radicale.org/) | A Free and Open-Source CalDAV and CardDAV Server (solution for hosting contacts and calendars) | [Link](services/radicale.md) |
|
||||
| [Redmine](https://redmine.org/) | A flexible project management web application. | [Link](services/redmine.md) |
|
||||
| [Redis](https://redis.io/) | An in-memory data store used by millions of developers as a database, cache, streaming engine, and message broker. | [Link](services/redis.md) |
|
||||
| [Syncthing](https://syncthing.net/) | A continuous file synchronization program which synchronizes files between two or more computers in real time | [Link](services/syncthing.md) |
|
||||
| [Traefik](https://doc.traefik.io/traefik/) | A container-aware reverse-proxy server | [Link](services/traefik.md) |
|
||||
| [Vaultwarden](https://github.com/dani-garcia/vaultwarden) | A lightweight unofficial and compatible implementation of the [Bitwarden](https://bitwarden.com/) password manager | [Link](services/vaultwarden.md) |
|
||||
| [Uptime-kuma](https://uptime.kuma.pet/) | A fancy self-hosted monitoring tool | [Link](services/uptime-kuma.md) |
|
||||
|
|
|
@ -111,6 +111,8 @@ devture_systemd_service_manager_services_list_auto: |
|
|||
+
|
||||
([{'name': (redis_identifier + '.service'), 'priority': 750, 'groups': ['mash', 'redis']}] if redis_enabled else [])
|
||||
+
|
||||
([{'name': (syncthing_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'syncthing']}] if syncthing_enabled else [])
|
||||
+
|
||||
([{'name': (vaultwarden_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'vaultwarden', 'vaultwarden-server']}] if vaultwarden_enabled else [])
|
||||
+
|
||||
([{'name': (uptime_kuma_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'uptime-kuma']}] if uptime_kuma_enabled else [])
|
||||
|
@ -986,6 +988,39 @@ redis_gid: "{{ mash_playbook_gid }}"
|
|||
|
||||
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# syncthing #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
syncthing_enabled: false
|
||||
|
||||
syncthing_identifier: "{{ mash_playbook_service_identifier_prefix }}syncthing"
|
||||
|
||||
syncthing_uid: "{{ mash_playbook_uid }}"
|
||||
syncthing_gid: "{{ mash_playbook_gid }}"
|
||||
|
||||
syncthing_base_path: "{{ mash_playbook_base_path }}/syncthing"
|
||||
|
||||
syncthing_container_additional_networks: |
|
||||
{{
|
||||
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
|
||||
}}
|
||||
|
||||
syncthing_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
|
||||
syncthing_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
|
||||
syncthing_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||
syncthing_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# /syncthing #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# vaultwarden #
|
||||
|
|
|
@ -115,6 +115,10 @@
|
|||
name: prometheus
|
||||
version: v2.43.0-0
|
||||
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-syncthing.git
|
||||
name: syncthing
|
||||
version: v1.23.2-0
|
||||
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-vaultwarden.git
|
||||
name: vaultwarden
|
||||
version: v1.27.0-2
|
||||
|
|
|
@ -84,6 +84,8 @@
|
|||
|
||||
- role: galaxy/redis
|
||||
|
||||
- role: galaxy/syncthing
|
||||
|
||||
- role: galaxy/vaultwarden
|
||||
|
||||
- role: galaxy/uptime_kuma
|
||||
|
|
Loading…
Reference in a new issue