Category: network

Setting Up Syncthing for Ubuntu / Linux + Windows + Android

Syncthing is a decentralized continuous file synchronization software with many security features, like end-to-end encryption, device authentication, permission management and more. Both the protocol specification and the Syncthing software are free and open source.
With Syncthing files can be easily kept in sync across multiple devices, e.g. one desktop PC, one notebook and several mobile devices, *without* relying on third-party infrastructure (optional). File syncing can be limited to a local Wifi network, avoiding sending files to the outside world altogether.

Installation on Ubuntu

For Ubuntu and other Debian-like Linux distros the package repository for Syncthing should be added to the list of apt sources.

# Add the release PGP keys:
sudo curl -o /usr/share/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg

# Add the "stable" channel to your APT sources:
echo "deb [signed-by=/usr/share/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list

# Update and install syncthing:
sudo apt-get update
sudo apt-get install syncthing

This way new versions of Syncthing become available automatically every time apt update is run and updating is as simple as apt upgrade synthing.

You can also run Syncthing manually whenever needed by executing syncthing serve.

Configuration of shared folders is basically the same across all OS, in Ubuntu the web interface at localhost:8384 is used.

Installation on Windows 10

For Windows devices install Syncthing using the official msi-installer.
When compiling Syncthing from it’s sources, make sure to verify the signature of the source code package.

To auto-run Syncthing when Windows boots hit Win+R and type shell:startup, hit enter and wait for the file explorer to open.
Create a shortcut to the location of syncthing.exe (wherever you installed/extracted it). Right-click on the shortcut, select properties, and append -no-console and -no-browser to the target of the shortcut.

You can also run Syncthing manually whenever needed by executing syncthing.exe.

Configuration of shared folders is basically the same across all OS, in Windows the web interface at localhost:8384 is used.

Installation on Android

For Android devices install the Syncthing app from Google Playstore or from F-Droid. Start the Syncthing app, set the appropriate permissions and get going. Configuration of shared folders is basically the same across all OS, in Android the app is used instead of a web interface.

Configuration

When working with a GUI the Syncthing configuration interface can be accessed by connection to localhost:8384 in a browser.

On a headless system, like a server or NAS, the configuration of Syncthing requires a few more steps.

Normally connecting to the server with ssh and launching syncthing would be sufficient.

ssh user@server

user@server> syncthing serve

This time however, connect to the server via ssh and forward the port on which syncthing exposes it’s web interface to your local machine.

# Connect to hostname and forward localhost:8384 from hostname to 8385 on local machine.
# This port forwarding allows to connect to hostname's syncthing web interface in a browser on the local machine using port 8385.
ssh -L 8385:localhost:8384 user@hostname

It should be possible now to connect to hostname’s Syncthing web interface on port 8385 on the local machine. Note that I used a different port to avoid a port collision in case syncthing is already running on the local machine.

Alternatively, and not-recommended, the Syncthing web interface can be exposed completely to the local network. This is achieved by editing the config file under ~/.config/syncthing and setting the IP address to 0.0.0.0 and optionally changing the port as well. Note that the firewall must allow the selected port to pass through, so additional steps may be needed in this case.

<gui enabled="true" tls="false" debugging="false">
    <address>0.0.0.0:8384</address>
...

Anyway, use the web interface to set up Syncthing initially. Add at least one folder for syncing and allow at least one other device to access it (if a device has been set up).

If that worked, enable Syncthing to run as a service, which ensures that it will start up on boot and execute continuously in the background.

# Replace "user" with the user as which syncthing should run.
sudo systemctl enable syncthing@user.service
sudo systemctl start syncthing@user.service

That’s is from the “server” side. Note that Syncthing is a peer-to-peer (P2P) protocol, so there is not actual server. What I call the server is just another node.

Device Setup

The rest of the setup is pretty straight forward.

On each device, tell Syncthing which folders should be synced between the current device and the other devices. The mapping of shared folders to local folders is quite flexible. Each shared folder gets an unique identifier which must be the same across all devices. Where the content of a shared folder is stored can be controlled for each device individually. Also if syncing for a folder should be done at all or if it should be paused.

Another useful feature for shared folders is the “Send only” and “Receive only” option. These allow setting up a shared folder to serve as a simple backup system, e.g. have a notebook send files to a desktop PC, but not the other way around.

Take your time and test the different options to get a feel for it.

Note that the initial sync can take a long time, e.g. when syncing a folder with pictures from a mobile phone to a NAS.

That’s it.


References:

Wireguard on Lightsail gone Ship-Wrecked

For a long time now I run an AWS Lightsail VPS serving as a wireguard gateway to my home server. Since recently connecting to the Lightsail instance via wireguard is no longer possible.
When I took a look with SSH I got

$> sudo wg-quick up wg0
[#] ip link add wg0 type wireguard
RTNETLINK answers: Operation not supported
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"

To be sure I updated all packages, but the problem still persisted.
The port used by wireguard had not changed and still was accessible according to the network settings of Lightsail.
What change in the Lightsail VPS or network settings could cause an issue like this? It literally just stopped working over night.

Installation and Configuration of MiniDLNA/ReadyMedia

This is a very brief article or rather a reminder to myself, about how to install MiniDLNA on Ubuntu Server 20.04. I always knew this piece of software by it’s old name MiniDLNA, but apparently it was renamed and is now called ReadyMedia. There don’t seem to be many changes below the hood though.

MiniDLNA is a light-weight media server using the DLNA protocol. Through MiniDLNA a library of media files is created which allows a user to very conveniently browse through the files and start audio and video playback. Most SmartTVs and Android phones support DLNA out of the box.

Connect Wireguard after Boot

It is sometimes desirable to bring a Wireguard interface up each time the system boots. Using wg-quick it is dead easy to create a service which takes care of the required steps. In case wg0 is already up and running, it must be taken down before the service can start successfully.

$> sudo systemctl enable wg-quick@wg0.service
$> sudo systemctl daemon-reload
$> sudo wg-quick down wg0
$> sudo systemctl start wg-quick@wg0

References:

Make Samba Share Appear in Windows 10 Network View

Since Windows 10 version 1709 (“Fall Creators Update”) neither SMB1 nor NetBios device discovery is supported anymore.
Due to this change a Samba share which is hosted on a Linux machine may no longer show up in the Network view of Windows Explorer.
Although the Samba share can still be reached by it’s hostname or IP address (and share name) this is a slight inconvenience.

Luckily there is a small Python tool called wsdd which provides a Web Service Discovery (host) daemon. What follows is a short guide on how to install and use wsdd on Ubuntu Server 20.04 (works similar for other Debian based distributions).

Setting up Wireguard on Ubuntu

Wireguard is a modern VPN protocol allowing secure and confidential communication between a network of peers. Wireguard is based on the concept of private-public key cryptography and a number of other modern cryptographic algorithms. Have a look at the wireguard white paper for more details.

Wireguard Requirements

Since Linux kernel version 5.6 (late March 2020) wireguard is an integral part of the Linux kernel. That means Linux distributions using a kernel &gt;= 5.6 do not need to install any additional packages in order to support wireguard.

How to set up NordVPN on Ubuntu

There are two ways to set up a VPN connection with NordVPN on Ubuntu. The first one is to add NordVPN’s package repository to the apt sources and then install the nordvpn client via a simple sudo apt install nordvpn. The second one is to install OpenVPN and configure it to use the servers of NordVPN.
This how-to was written for Ubuntu 18.04 LTS (Bionic Beaver).

Extracting MPEG2-TS from Wireshark capture file

When working with IP multicast streams it can sometimes be useful to convert a captured IP stream file to a corresponding MPEG2 transport stream (TS) file. Wireshark has a built-in capability to extract MPEG2-TS packets from the UDP packets of an IP multicast stream. This feature is somewhat hidden away in the menus and not obvious to find.

Powered by WordPress & Theme by Anders Norén

Close Bitnami banner
Bitnami