Git Product home page Git Product logo

syncthing-relay's Introduction

syncthing-relaysrv

Docker Container for the global relay server for the http://syncthing.net/ project. I created this container because there is no official one. This build is listening on the gihub project of the relay server and gets updated whenever there is a code change. relaysrv GitHub repo. The container is intended for people who like to roll their own private syncthing "cloud".

The files for this container can be found at my GitHub repo

docker-build-push

dockeri.co

About the Container

This build is based on debian:latest and installs the latests successful build of the syncthing relay server.

How to use this image

docker run --name syncthing-relay -d -p 22067:22067 --restart=always t4skforce/syncthing-relay:latest

This will store the certificates and all of the data in /home/relaysrv/. You will probably want to make at least the certificate folder a persistent volume (recommended):

docker run --name syncthing-relay -d -p 22067:22067 -v /your/home:/home/relaysrv/certs --restart=always t4skforce/syncthing-relay:latest

If you already have certificates generated and want to use them and protect the folder from being changed by the docker images use the following command:

docker run --name syncthing-relay -d -p 22067:22067 -v /your/home:/home/relaysrv/certs:ro --restart=always t4skforce/syncthing-relay:latest

Creating cert directory and setting permissions (docker process is required to have access):

mkdir -p /your/home/certs
chown -R 1000:1000 /your/home/certs

Container Configuration

There are several configuration options available. The options are configurable via environment variables (docker default):

Example enabling debug mode:

export DEBUG=true
docker run --name syncthing-relay -d -p 22067:22067 --restart=always t4skforce/syncthing-relay:latest

or

docker run --name syncthing-relay -d -p 22067:22067 -e DEBUG=true --restart=always t4skforce/syncthing-relay:latest

Options

  • DEBUG: enable debugging (true/false) / default:false
  • RATE_GLOBAL: global maximum speed for transfer / default:10000000 = 10mbps
  • RATE_SESSION: maximum speed for transfer per session / default:500000 = 500kbps
  • TIMEOUT_MSG: change message timeout / default: 1m45s
  • TIMEOUT_NET: change net timeout / default: 3m30s
  • PING_INT: change ping timeout / default: 1m15s
  • PROVIDED_BY: change provided by string / default:"syncthing-relay"
  • SERVER_PORT: port hte relay server listens on / default:22067
  • STATUS_PORT: disable by default to enable it add -d 22070:22070 to you docker run command / default:22070
  • POOLS: leave empty for private relay use "https://relays.syncthing.net/endpoint" for public relay / default: ""
  • RELAY_OPTS: to provide addition options not configurable via env variables above / default: ""
    • example: -e RELAY_OPTS='-ext-address=:443'

Have a look at the current doc GitHub - relaysrv

Upgrade

# download updates
docker pull t4skforce/syncthing-relay:latest
# stop current running image
docker stop syncthing-relay
# remove container
docker rm syncthing-relay
# start with new base image
docker run --name syncthing-relay -d -p 22067:22067 -e RATE_GLOBAL=6000000 -e RATE_SESSION=1000000 -v /your/home:/home/relaysrv/certs:ro --restart=always t4skforce/syncthing-relay:latest
# cleanup docker images
docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}") > /dev/null 2>&1

Autostart

To enable the relay server to start at system-startup we need to create a systemd service file vim /lib/systemd/system/syncthing-relay.service:

[Unit]
Description=Syncthing-relay-Server
Requires=docker.service
After=docker.service

[Service]
Restart=always
ExecStart=/usr/bin/docker start -a syncthing-relay
ExecStop=/usr/bin/docker stop -t 2 syncthing-relay

[Install]
WantedBy=multi-user.target

To start the service manually call systemctl start syncthing-relay. For retrieving the current service status call systemctl status syncthing-relay -l

root@syncthing:~# systemctl status syncthing-relay
● syncthing-relay.service - Syncthing-relay-Server
   Loaded: loaded (/lib/systemd/system/syncthing-relay.service; disabled)
   Active: active (running) since Sun 2016-04-17 15:41:39 BST; 9min ago
 Main PID: 11010 (docker)
   CGroup: /system.slice/syncthing-relay.service
           └─11010 /usr/bin/docker start -a syncthing-relay

Apr 17 15:41:39 syncthing docker[11651]: 2016/04/17 14:41:39 main.go:89: Connection limit 838860
Apr 17 15:41:39 syncthing docker[11651]: 2016/04/17 14:41:39 main.go:147: URI: relay://0.0.0.0:22067/?id=<your server id>&pingInterval=1m15s&networkTimeout=3m30s&sessionLimitBps=1000000&globalLimitBps=6000000&statusAddr=&providedBy=syncthing-relay

And last but not least we need to enable our newly created service via issuing systemctl enable syncthing-relay:

root@syncthing:~# systemctl enable syncthing-relay
Created symlink from /etc/systemd/system/multi-user.target.wants/syncthing-relay.service to /lib/systemd/system/syncthing-relay.service.

Auto Upgrade

Combine all the above and autoupgrade the container at defined times. This requires you to at least setup Autostart.

First we need to generate your upgrade shell script vim /root/syncthing-relay_upgrade.sh:

#!/bin/bash

# Directory to look for the Certificates
CERT_HOME="/your/home/certs"

# download updates
docker pull t4skforce/syncthing-relay:latest
# stop current running image
systemctl stop syncthing-relay
# remove container
docker rm syncthing-relay
# start with new base image
docker run --name syncthing-relay -d -p 22067:22067 -e RATE_GLOBAL=6000000 -e RATE_SESSION=1000000 -v ${CERT_HOME}:/home/relaysrv/certs:ro --restart=always t4skforce/syncthing-relay:latest
# stop container
docker stop syncthing-relay
# start via service
systemctl start syncthing-relay
# cleanup docker images
docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}") > /dev/null 2>&1

Next we need to make this file executable chmod +x /root/syncthing-relay_upgrade.sh, and test if the upgrade script works by calling the shell-script and checking the service status afterwards:

root@syncthing:~# /root/syncthing-relay_upgrade.sh
root@syncthing:~# systemctl status syncthing-relay
● syncthing-relay.service - Syncthing-relay-Server
   Loaded: loaded (/lib/systemd/system/syncthing-relay.service; enabled)
   Active: active (running) since Sun 2016-04-17 11:42:57 BST; 2s ago
 Main PID: 2642 (docker)
   CGroup: /system.slice/syncthing-relay.service
           └─2642 /usr/bin/docker start -a syncthing-relay

Now we need to set the trigger for the upgrade. In this example we just setup a weekly upgrade via crontab scheduled for Sunday at midnight. We add 0 0 * * 7 root /root/syncthing-relay_upgrade.sh to /etc/crontab. The resulting file looks like:

# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user  command
17 *    * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
# Syncthing-relay-Server Docker Container Upgrade
0  0    * * 7   root    /root/syncthing-relay_upgrade.sh
#

syncthing-relay's People

Contributors

t4skforce avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

l0rda tamara-schmitz seancrites thecoolreaver codersplayground konovalov-nik dcarbone gdcurs popcorn9499

syncthing-relay's Issues

SSL EOF errors

I can't get this to work anymore. Android Oreo. I see SSL EOF errors with self signed and signed certs. ?

CA certificates not included

I'd like to advertise my relay in in a relay pool, however CA certificates are required in order to connect to the directory via TLS.
Error message: Error joining pool https://relays.syncthing.net/endpoint Post https://relays.syncthing.net/endpoint: x509: failed to load system roots and no roots provided

I temporarely fixed this by linking a different ca-certificates.crt file

This can be fixed by installing the Debian package ca-certificates.

Public relay registration fails due to 0.0.0.0 prefixes on listen ports.

Not sure if this is a behavioral change in newer versions of Syncthing or something specific to my (bridged network) Docker installation, but I wasn't able to get the relay up and running out of the box with the public endpoint with the INADDR_ANY prefixes on some of the options. It would initially connect and register itself, but the public relay list wouldn't show any details and no clients would connect to it.

I tracked it down to the -listen="0.0.0.0:${RELAY_PORT}" and -status-srv="0.0.0.0:${STATUS_PORT}" options. Changing these to just -listen=":${RELAY_PORT}" and -status-srv=":${STATUS_PORT}" respectively fixed the image and allowed me to join the public relay pool.

The current Syncthing documentation also shows these options as just a colon followed by port, with the host address omitted.

Note: also affects https://github.com/t4skforce/syncthing-relay-discovery with the same issue and fix.

Cannot bind ports below 1000

I'd like to run my relay on port 80 or 993 but my Docker container logs display the following error message: 2017/11/20 16:23:34 listener.go:29: listen tcp 0.0.0.0:993: bind: permission denied

There are various approaches to fixing this:

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.