Syncthing Linux headless server setup guide

Installation script (save as syncthing.sh for example, then run bash syncthing.sh):

#!/bin/bash

# Add the release PGP keys:
curl -s https://syncthing.net/release-key.txt | sudo apt-key add –

# Add the “stable” channel to your APT sources:
echo “deb https://apt.syncthing.net/ syncthing stable” | sudo tee /etc/apt/sources.list.d/syncthing.list

# Update and install syncthing:

# HTTPS transport package must be installed first to allow apt update to scan the Syncthing source & recognize the package as an install candidate
sudo apt-get install apt-transport-https
sudo apt-get update
sudo apt-get install syncthing

Edit config.xml to allow web interface to be accessible from the internet (be sure to open port 8384 on the firewall while you configure your shared folders, then add a password, close the port, or revert this line back to the original setting):

Run nano .config/syncthing/config.xml

In the “gui enabled” section, Change the “address” value from

127.0.0.1:8384 to :8384

If the server is acting as a web server with HTTPS, you will receive an error if you try to load the Syncthing interface; its self-signed certificate will conflict with your “real” certificate due to HSTS. To fix this, take your real .crt and .key files, rename them to https-cert.pem and https-key.pem, make sure they’re owned by the same user as the syncthing service (use chown command), then copy them to .config/syncthing.

Set up system service to run syncthing in the background and start it:

systemctl enable syncthing@[your system username].service
systemctl start syncthing@[username].service

You should be able to access the web GUI at https://%5Bserver’s public IP]:8384, then add your shared machines, folders, etc.

Advertisements

AWS IAM policy to allow a user access to one specific S3 bucket

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:ListAllMyBuckets",
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::[bucket-name]",
                "arn:aws:s3:::[bucket-name]/*"
            ]
        }
    ]
}

The important part is having both resources listed. The first one allows access to the bucket itself, and the second allows access to the objects inside the bucket.

The “list all my buckets” permission is required because you have to be able to view the account’s buckets in order to access one.

Create a free website or blog at WordPress.com.

Up ↑