TrueNAS AppsTrueNAS Apps: Tutorials
Application maintenance is independent from TrueNAS version release cycles.
App versions, features, options, and installation behavior at time of access might vary from documented tutorials and UI reference.

Syncthing (Enterprise)

TrueNAS Enterprise

SCALE Enterprise-licensed systems do not have applications available by default. To enable applications as part of the Enterprise license, consult with iXsystems.

Only install qualified applications from the Enterprise applications train with the assistance of iXsystems Support.

Contacting Support

Customers who purchase iXsystems hardware or that want additional support must have a support contract to use iXsystems Support Services. The TrueNAS Community forums provides free support for users without an iXsystems Support contract.

iXsystems Customer Support
Support Portalhttps://support.ixsystems.com
Emailsupport@ixsystems.com
Telephone and Other Resourceshttps://www.ixsystems.com/support/

This article provides information on installing and using the TrueNAS Syncthing app.

TrueNAS has two versions of the Syncthing application, the offical version in the stable train and a smaller version tested and polished for a safe and supportable experience for enterprise customers in the enterprise train. Community members can install either the enterprise or official stable version.

Syncthing Overview

Syncthing is a file synchronization application that provides a simple and secure environment for file sharing between different devices and locations. Use it to synchronize files between different departments, teams, or remote workers.

Syncthing is tested and validated to work in harmony with TrueNAS platforms and underlying technologies such as ZFS to offer a turnkey means of keeping data across many systems. It can seamlessly integrate with TrueNAS.

Syncthing does not use or need a central server or cloud storage. All data is encrypted and synchronized directly between devices to ensure files are protected from unauthorized access.

Syncthing is easy to use and configure. You can install on a wide range of operating systems, including Windows, MacOS, Linux, FreeBSD, iOS or Android. The Syncthing web UI provides users with easy management and configuration of the application software.

How does Syncthing work?

Syncthing does not have a central directory or cache to manage. It segments files into pieces called blocks. These blocks transfer data from one device to another. Multiple devices can share the synchronization load in a similar way to the torrent protocol. With more devices and smaller blocks, devices receive data faster because all devices fetch blocks in parallel.

Syncthing renames files and updates metadata more efficiently because renaming does not cause a re-transmission of that file.

Temporary files store partial data downloaded from devices. Temporary files are removed when a file transfer completes or after the configured amount of time elapses.

Users migrating data from an existing third-party NAS solution to TrueNAS 24.04 (Dragonfish) or newer can use the Syncthing enterprise application to mount the source with a remote SMB share that preserves metadata.

See Third-Party SMB Data Migration for considerations and a full tutorial.

Before You Begin

To install the Syncthing enterprise train app, first create a self-signed certificate for the Syncthing enterprise app.

Adding an App Certificate
  1. Go to Credentials > Certificates to add a self-signed certificate authority (CA) and certificate for the application to use.

  2. Click Add on the Certificate Authorities (CA) widget to open the Add Certificate Authority screen.

    a. Enter a name for the CA. For example, minio, syncthing, etc. Accept the defaults for Type and Profile, then click Next.

    b. Accept the defaults on Certificate Options unless you want to set an expiration on the certificate. Enter a new value in Lifetime to impose an expiration time period, then click Next.

    c. Enter location and organization values for your installation in the Certificate Subject fields. Enter the email address you want to receive system notifications.

    d. Enter your system IP address in Subject Alternate Names, then click Next. When configuring a cluster, enter the system IP addresses for each system in the cluster.

    e. Accept the default values on Extra Constraints, then click Next.

    f. Review the CA configuration then click Save.

  3. Click Add on the Certificates widget to open the Add Certificate screen.

    a. Enter a name for the certificate. For example, minio, syncthing, etc. Select Internal Certificate as Type and HTTPS RSA Certificate in Profiles, then click Next.

    b. Select the newly-created CA in Signing Certificate Authority. Accept the rest of the defaults unless you want to set an expiration on the certificate. Enter a new value in Lifetime to impose an expiration time period, then click Next.

    c. Enter location and organization values for your installation in the Certificate Subject fields. Enter the email address you want to receive system notifications.

    d. Enter your system IP address in Subject Alternate Names, then click Next. When configuring a cluster, enter the system IP addresses for each system in the cluster.

    e. Accept the default values on Extra Constraints, then click Next.

    f. Review the CA configuration then click Save.

  4. Download the certificate and install it.

    a. Click the download icon on the Certificates widget to start the download. When complete, click the browser download icon to open in a File Explorer window.

    b. Right click on the certificate.crt file, then click Install Certificate. Click Open on the Open File window.

    CertificateOpenCertificateWindow

    c. Click Install Certificate, then select Local Machine on the Welcome to the Certificate Import Wizard window. Click Next.

    CertificateImportWizardSelectLocalMachine

    d. Select Place all certificates in the following store, then select Trusted Root Certificate Authorities and click OK.

    SelelectCertificateStore

    c. Click Next then Finish.

Syncthing requires two storage volumes.

If not already assigned, set a pool for applications to use.

You can allow the app to create two storage volume(s) or use the recommended method and create the two datasets, host and data1 to use with the host path option. The host dataset stores configuration information and the data1 dataset is the storage data volume.

Create the two datasets before beginning the app installation process. You can organize these under a parent dataset to keep the Syncthing storage datasets separated from datasets for other potential applications. For example, create a parent dataset syncthing with the two child datasets host and data1 nested under it.

You can also mount additional storage volume inside the container pod using either the ix-Volume or hostpath options, but these are not required. If mounting additional storage volumes with the hostpath option, create the datasets before using the app installation wizard.

Either use the default user and group IDs or create a new user with Create New Primary Group selected. Make note of the UID/GID for the new user.

Installing the Syncthing Application

You can have multiple Syncthing app deployments (for example two or more stable, two or more enterprise, or a combination of stable and enterprise trains, etc.). Each Syncthing app deployment requires a unique name that can include numbers, and dashes or underscores (for example, syncthing2, syncthing-test, syncthing_1, etc.).

Use a consistent file-naming convention to avoid conflict situations where data does not or cannot synchronize because of file name conflicts. Path and file names in the Syncthing app are case sensitive. For example, a file named MyData.txt is not the same as mydata.txt file in Syncthing.

Go to Apps > Discover Apps, and locate the Syncthing enterprise app widget.

Syncthing Enterprise App Widget
Figure 1: Syncthing Enterprise App Widget

Click on the widget to open the Syncthing details screen.

Syncthing Enterprise Details Screen
Figure 2: Syncthing Enterprise Details Screen

Click Install to open the Install Syncthing wizard.

Application configuration settings are presented in several sections, each explained below. To find specific fields click in the Search Input Fields search field, scroll down to a particular section, or click on the section heading in the navigation area in the upper-right corner.

Install Syncthing Enterprise Screen
Figure 3: Install Syncthing Enterprise Screen

Accept the default values in Application Name and Version.

Select the timezone where the TrueNAS server is located from the Timezone dropdown list.

Accept the default user and group ID settings (568). If you created a user for this app, change these settings to the UID/GID for that new user.

If selected, Host Network binds to the default host settings programmed for Syncthing. If not selected you must enter your local network in CIDR format to the Syncthing Web UI. See Network Configuration below for more information.

Syncthing Enterprise Network Settings
Figure 4: Syncthing Enterprise Network Settings

Accept the default web port 8384. Before changing ports, see Default Ports for a list of assigned port numbers.

Select the certificate created for Syncthing from the Certificates dropdown list.

Configure the storage settings. You can allow Syncthing to create the configuration storage volume, but we recommend setting Type to Host Path (Path that already exists on the system), and then enter or browse to the location of the home dataset to populate the Host Path field for the Syncthing Home Storage settings.

Syncthing Home Storage Settings
Figure 5: Syncthing Home Storage Settings

Next, Click add to the right of Additional Storage to add the storage configuration settings for the data volume.

Syncthing Data1 Storage Settings
Figure 6: Syncthing Data1 Storage Settings

Enter or browse to the dataset created to populate the Host Path field (for example, /mnt/tank/syncthing/config), then enter or browse to the location of the data1 dataset to populate the Host Path field under the Mount Path field.

To add another dataset path inside the container, see Storage Settings below for more information. Set Type to Host Path (Path that already exists on the system), enter /data1 in Mount Path, and then either enter or browse to the path to the data1 dataset to populate the Host Path field.

Accept the rest of the default values in the wizard, then click Install. The system opens the Installed Applications screen with the Syncthing app in the Deploying state. After installation completes the status changes to Running.

Syncthing Installed
Figure 7: Syncthing Installed

Click Web Portal on the Application Info widget to open the Syncthing web portal where you can begin configuring folders, devices, and other settings.

Syncthing Web Portal for TrueNAS
Figure 8: Syncthing Web Portal for TrueNaS

Securing the Syncthing Web UI

After installing and starting the Syncthing application, launch the Syncthing web UI. Go to Actions > Settings and set a user password for the web UI.

Syncthing UI Actions Menu
Figure 9: Syncthing UI Actions Menu

Using the Syncthing Web Portal for TrueNAS

The Syncthing web portal allows administrators to monitor and manage the synchronization process, view logs, and adjust settings.

Folders list configured sync folders, details on sync status and file count, capacity, etc. To change folder configuration settings, click on the folder.

This Device displays the current system IO status including transfer/receive rate, number of listeners, total uptime, sync state, and the device ID and version.

Actions displays a dropdown list of options. Click Advanced to access GUI, LDAP, folder, device, and other settings.

You can manage directional settings for sync configurations, security, encryption, and UI server settings through the Actions options.

Managing Syncthing Folder

To change or enter a directory path to share a folder, click on the folder, then select Edit. We recommend each shared folder have a sync folder to allow for more granular traffic and data flow. Syncthing creates a default sync folder in the main user or HOME directory during installation of the application.

Click on a folder to see details on that folder.

Untrusted Device Password is a beta feature and not recommended for production environments. This feature is for edge cases where two users want to share data on a given device but cannot risk interception of data. Only trusted users with the code can open the file(s) with shared data.

Using Syncthing File Versioning

File Versioning applies to changes received from other devices. For example, Bill turns on versioning and Alice changes a file. Syncthing archives the old version on the computer Bill uses when it syncs the change from Alice. But if Bill changes a file locally on his computer, Syncthing does not and cannot archive the old version.

For more information on specific file versioning, see Versioning

Using Syncthing Advanced Administration

Go to Actions > Advanced to access advanced settings. These setting options allow you to set up network isolation, directory services, database, and bandwidth throttling, and to change device-specific settings and global default settings.

Incorrect configuration can damage folder contents and render Syncthing inoperable!
Viewing Syncthing Logs and Debugs

Go to Logs to access current logs and debug files. The Log tab displays current logs, and the Debugging Facilities tab provides access to debug logging facilities. Select different parameters to add to the logs and assist with debugging specific functionalities.

You can forward logs to a specific folder or remote device.

Maintaining File Ownership (ACL Preservation) Syncthing includes the ability to maintain ownership and extend attributes during transfers between nodes (systems). This ensures ACLs and permissions remain consistent across TrueNAS systems during one and bi-directional Syncthing moves. You can configure this setting on a per folder basis.

Understanding TrueNAS Syncthing Wizard Settings

The following sections provide detailed explanations of the settings found in each section of the Enterprise train Install Syncthing screen.

Application Name Settings

Accept the default value or enter a name in Application Name field. In most cases use the default name, but if adding a second deployment of the application you must change this name.

Accept the default version number in Version. When a new version becomes available, the application shows an update badge and the Application Info widget on the Installed applications screen shows the Update button.

Configuration Setting

Select the timezone where your TrueNAS system is located.

The Syncthing Enterprise app wizard is configured with all settings required to deploy the container, but you can add additional settings if you want to further customize the app in TrueNAS.

Add Syncthing Environment Variables
Figure 12: Add Syncthing Environment Variables

Click Add to the right of Environmental Variables to show a set of fields to configure the application with additional Syncthing environmental variables. Click Add for each environmental variable you want to configure.

User and Group Settings

Accept the user and group defaults settings in User and Group Configuration, or enter new user and group IDs for the user created to administer this app. The default value for User Id and Group ID is 568.

Syncthing Enterprise User and Group IDs
Figure 13: Syncthing Enterprise User and Group IDs

Networking Settings

Accept the default port numbers in Web UI Port. The TrueNAS Syncthing enterprise app listens on port 8384.

Syncthing Enterprise Network Settings
Figure 14: Syncthing Enterprise Network Settings

Before changing the default port to a new port number, refer to the TrueNAS default port list for a list of assigned port numbers. To change the port numbers, enter a number within the range 9000-65535.

Host Network is selected by default. This binds to the host network. If not selected, you must enter the network settings for TrueNAS in the Syncthing web portal.

Select the self-signed certificate created in TrueNAS for Syncthing from the Certificate dropdown list. If you did not create this certificate before starting the installation wizard you can select the default TrueNAS certificate and edit the certificate after deploying the application.

Storage Settings

The Syncthing enterprise train app requires two storage volumes/datasets. One named home, the other data1. The first storage volume assigned is home, and is where Syncthing configuration information is stored. The second storage volume assigned in data1, and is for the application data storage. The app can create the configuration storage volumes or you can create datasets to use for the configuration and data storage volumes to use within the container pod.

To allow the app to create a configuration storage volume, leave Type set to ixVolume (Dataset created automatically by the system). The app ixVolumes created are found in the iX-apps dataset created by adding the pool for apps. You can see these volumes if you take a recursive snapshot of the iX-Apps dataset.

Add ixVolume Storage Option
Figure 15: Add ixVolume Storage Option

To use existing datasets, set Type to Host Path (Path that already exist on the system). This shows the Mount Path and Host Path fields, and a file explorer where you can either enter or browse to and select the dataset an existing dataset created for the configuration storage volume.

Syncthing Enterprise Add Host Path
Figure 16: Syncthing Enterprise Add Host Path

In addition to the home and data1 datasets, you can mount additional datasets to use as other storage volumes within the pod. Click Add to the right of Additional Storage to show another set of Mount Path and Host Path fields for each dataset to mount. The first time you add additional storage, mount the data one dataset as a host path.

To modify the permissions for an app storage volume or host path dataset, select Enable ACE and use these fields to add an ACL entry. You can use this option or after installing the app, go to Datasets, select the dataset for the app, scroll down to the Permissions widget and click Edit to open the ACL Editor screen to modify dataset permissions.

Mounting an SMB Share

The TrueNAS Syncthing Enterprise app includes the option to mount an SMB share inside the container pod. This allows data synchronization between the share and the app.

Set Type an SMB/CIFS Share (Mounts a persistent volume claim to a SMB share) to use when migrating third-party data using Syncthing.

Syncthing Add SMB Share Option
Figure 17: Syncthing Add SMB Share Option

Selecting this option shows the SMB share fields that allow you to configure the share server, path, and user authentication credentials while configuring the app.

Select Read Only to make the storage volume read only.

Enter the path inside the container to mount the storage for the share volume in Mount Path.

Select Migration Mode if migrating third-party data. Enter the server address for the SMB share in Server, the path to mount the SMB share in Path, and the share authentication user credentials in User and Password. domain is an optional field for the share domain name.

Permissions are currently limited to the permissions of the user that mounted the share.

Resource Configuration Settings

Accept the default values in Resources Configuration or enter new CPU and memory values. By default, this application is limited to use no more than 2 CPU cores and 4096 Megabytes available memory. The application might use considerably less system resources.

To customize the CPU and memory allocated to the container (pod) Syncthing uses, enter new CPU values as a plain integer value followed by the suffix m (milli). The default is 4096m.

Accept the default value 8Gb allocated memory or enter a new limit in bytes. Enter a plain integer followed by the measurement suffix, for example, 129M or 123MiB.

Increasing inotify Watchers

Syncthing uses inotify to monitor file system events, with one inotify watcher per monitored directory. Linux defaults to a maximum of 8192 inotify watchers. Using the Syncthing Enterprise app to sync directories with greater than 8191 subdirectories (possibly lower if other services are also utilizing inotify) produces errors that prevent automatic monitoring of file system changes.

Increase inotify values to allow Syncthing to monitor all sync directories. Add a sysctl variable to ensure changes persist through reboot.

Go to System > Advanced and locate the Sysctl widget.

Sysctl Widget
Figure 19: Sysctl Widget

Click Add to open the Add Sysctl screen.

Add Sysctl Screen
Figure 20: Add Sysctl Screen

Enter fs.inotify.max_user_watches in Variable.

Enter a Value larger than the number of directories monitored by Syncthing. There is a small memory impact for each inotify watcher of 1080 bytes, so it is best to start with a lower number, we suggest 204800 and increase if needed.

Enter a Description for the variable, such as Increase inotify limit.

Select Enabled and click Save.