syncthing 同步文件

syncthing 安装配置

使用总结：

一分钟内能同步变更，可以同步权限，但不能同步所有者和所属组，以及ACL等属性。

共享的文件夹没权读取或写入，会导致同步问题，同时导致自动选用端口，而不用指定端口。

同步的文件所有者和所有组，改为syncthing运行的用户名和组

同步间隔内(一分钟内)，多个服务器同一个文件变更，按时间优先原则选择，有冲突的文件会自动重命名。

支持无登陆权限的用户启动,保存syncthing运行配置文件的目录必须有读写权限，同步目录也必须有读写权限

The following are not synchronized;

    File or Directory Owners and Groups (not preserved)
    Directory Modification Times (not preserved)
    Hard Links (followed, not preserved)
    Extended Attributes, Resource Forks (not preserved)
    Windows, POSIX or NFS ACLs (not preserved)
    Devices, FIFOs, and Other Specials (ignored)
    Sparse file sparseness (will become sparse, when supported by the OS & filesystem)

配置参考：

https://docs.syncthing.net/users/config.html

需要安装配置时间同步

yum install chrony
systemctl start chronyd
systemctl enable chronyd

防火墙开放端口，还需要关闭selinux

firewall-cmd --add-port={22000/tcp,8888/tcp}
firewall-cmd --add-port={22000/tcp,8888/tcp} --permanent

如果文件夹很多，需要调整

echo "fs.inotify.max_user_watches=204800" | sudo tee -a /etc/sysctl.conf
sudo sh -c 'echo 204800 > /proc/sys/fs/inotify/max_user_watches'

设置时区

cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

安装配置

## 官网：https://syncthing.net/

## 安装 syncthing

wget https://github.com/syncthing/syncthing/releases/download/v0.14.48/syncthing-linux-amd64-v0.14.48.tar.gz

tar -zxf syncthing-linux-amd64-v0.14.48.tar.gz -C /usr/local

mv /usr/local/syncthing-linux-amd64-v0.14.48 /usr/local/syncthing

cp /usr/local/syncthing/etc/linux-systemd/system/syncthing@.service /usr/lib/systemd/system/

vi /usr/lib/systemd/system/syncthing@.service
[Unit]
Description=Syncthing - Open Source Continuous File Synchronization for %I
Documentation=man:syncthing(1)
After=network.target
#Wants=syncthing-inotify@.service

## 地址不能用引号
[Service]
User=%i
ExecStart=/usr/local/syncthing/syncthing -no-browser -no-restart -logflags=1 -home=/web/syncthing/%i
Restart=on-failure
SuccessExitStatus=3 4
RestartForceExitStatus=3 4

[Install]
WantedBy=multi-user.target



## 下面两参数不需要，centos运行不了
#environment = STNORESTART="1", HOME="/web/syncthing/%i"
#directory = /web/syncthing/%i

启动

# 创建同步账户

groupadd -g 2222 g_sync
useradd -u 2222 -g 2222 -M -s /sbin/nologin u_sync

mkdir /web/syncthing/u_sync -p
chown -R u_sync:g_sync /web/syncthing/u_sync

systemctl start syncthing@<启动用户名>

## 启动时如果没配置-home 参数，将会自动在运行用户home目录下创建运行配置目录，如： ~/.config/syncthing

webui 访问

# 编辑配置文件

vi /data/syncthing/<user_name_folder>/.config.xml
<gui enabled="true" tls="false">
<address>0.0.0.0:8384</address>

改为(user:test.admin,pwd:test.admin!9595)

<gui enabled="true" tls="true">
<address>200.200.200.221:8888</address>
<user>test.admin</user>
<password>$2a$10$ddH.7NbCZPrBzvn95dANT.bpFBKW/9anJ8a6xq44CZbcGJcE3kJGG</password>

两台服务器数据同步

基本必须的配置

actions-->settings-->general:

    Device Name: vm01
    Automatic upgrades: No upgrades
    Default Folder Path: /sync/www

actions-->settings-->GUI:

    GUI Listen Address: 200.200.200.221:8888
    GUI Authentication User: test
    GUI Authentication Password: test
    Use HTTPS for GUI： checked
    Start Browser ：checked

## 本机连接配置, 局域网用并手动配置同步服务器地址，所以不启用NAT端口转换，局域网搜索服务器，英特网搜索服务器，中继服务服务器
actions-->settings-->Connection:
    Sync Protocol Listen Addresses: tcp://200.200.200.221:22000

    Enable NAT traversal: unchecked
    Local Discovery: unchecked
    Global Discovery: unchecked
    Enable Relaying: unchecked

    Incoming Rate Limit (KiB/s) ：0
    Outgoing Rate Limit (KiB/s) : 0

actions-->settings-->advanced:
Device "vm03" :
    Addresses: tcp://200.200.200.221:22000
    Allowed Networks: 200.200.200.0/24

服务器连接配置,局域网用，所有服务器都手动添加对方服务器连接信息

主界面-->Remote Devices-->Add remote Device：

    ## 对方的id，在actions-->show id
    Device ID：FOYBGA7-CMD2C6O-5JFBWNW-5D34HJ4-TXTEY6C-UZ7E7EE-X4ZR3DR-S6BCQA2
    ## 对方的设备名
    Device Name：vm02
    ## 对方的连接地址，actions-->settings-->Connection-->Sync Protocol Listen Addresses
    Addresses：tcp://200.200.200.222:22000

    # 自动在默认的共享文件夹下创建和共享目录，这个最好取消，最好手动配置共享和同步目录
    Auto Accept：unchecked
    # 对方不是中继服务就不需要选
    Introducer: uncehcked

同步共享文件夹,同步的服务器配置最好都一致，folder id 必须一致

主界面-->Folders-->add folder

Folders-->add folder--> General：

    ## 显示名可以和folder id 一样
    Folder Label : wwwroot

    ## 唯一标记用于同步和共享文件夹，同步的同一个文件夹，所有的服务器上都要一致
    Folder ID : wwwroot

    ## 在服务上要共享同步的目录
    Folder Path : /sync/wwwroot

    ## 勾选同步和共享给哪些设备或服务器，没有列出需要添加服务器或设备
    Share With Devices： 

Folders-->add folder--> File Versioning：

    ## 这里不启用文件本版管理，相当于github功能
    File Versioning：no File Versioning

Folders-->add folder-->  ignore patterns：

    ## 忽略哪些文件同步或共享，采用模式匹配

Folders-->add folder--> Advance:

    Scanning:

        ## 监控变更
        Watch for Changes : checked

        ## 完整扫描间隔，单位秒
        Full Rescan Interval (s)： 3600

    ## 如果选Send only, 则表示作为master不会自动同步其它设备的文件最新的变更，也不会去覆盖其它设备的最新变更.
    Folder Type： Send & Receive

    File Pull Order ：Newest First

    Minimum Free Disk Space: 5 %

    Permissions： 

            Ignore： unchecked

提升同步速度和限制共享网络

# 添加同步服务器和设置好同步文件夹后，分别需要在高级里面设置各个设备的连接地址，地址栏里不要有dynamic，否则同步速度很慢

actions-->settings-->advanced:

Addresses: tcp://200.200.200.222:22000
Allowed Networks: 200.200.200.0/24

# 可能需要重启syncthing

如果无法及时更新文件变更，请安装inotify-tools

yum install inotify-tools

#添加以下代码
vi /etc/sysctl.conf

fs.inotify.max_queued_events=99999999

fs.inotify.max_user_watches=99999999

fs.inotify.max_user_instances=65535

完整配置文件

## 只需把自动生成的配置文件里对应的
<device id="DER7MDE-ACFAHGP-U5NMSCL-FEY7NJK-KKQYAHP-7LBSOHD-7WFW76J-IPCGMQM"
<address>tcp://10.100.100.5:22000</address>
<urUniqueID>cfxLXRKZ</urUniqueID>
<listenAddress>tcp://10.100.100.5:22000</listenAddress>
<localAnnounceMCAddr>[ff12::8384]:22000</localAnnounceMCAddr>

## 密码和apikey需要重新生成
<password>$2a$10$ddH.7NbCZPrBzvn95dANT.bpFBKW/9anJ8a6xq44CZbcGJcE3kJGG</password>
<apikey>KgfbYLfLVjf7LJhh4vuYrHbmEXdZhix7</apikey>

<configuration version="28">
    <folder id="sweet" label="sweet" path="/data/wwwroot/sweet" type="readwrite" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
        <filesystemType>basic</filesystemType>
        <device id="DER7MDE-ACFAHGP-U5NMSCL-FEY7NJK-KKQYAHP-7LBSOHD-7WFW76J-IPCGMQM" introducedBy=""></device>
        <device id="2Y75F2E-66PD3UW-EJZZOTD-67VNT2R-6RBGWXX-GAGWSMX-KO73YJK-NSLFSQU" introducedBy=""></device>
        <minDiskFree unit="%">10</minDiskFree>
        <versioning></versioning>
        <copiers>0</copiers>
        <pullerMaxPendingKiB>0</pullerMaxPendingKiB>
        <hashers>0</hashers>
        <order>newestFirst</order>
        <ignoreDelete>false</ignoreDelete>
        <scanProgressIntervalS>0</scanProgressIntervalS>
        <pullerPauseS>0</pullerPauseS>
        <maxConflicts>10</maxConflicts>
        <disableSparseFiles>false</disableSparseFiles>
        <disableTempIndexes>false</disableTempIndexes>
        <paused>false</paused>
        <weakHashThresholdPct>25</weakHashThresholdPct>
        <markerName>.stfolder</markerName>
        <useLargeBlocks>false</useLargeBlocks>
    </folder>
    <device id="DER7MDE-ACFAHGP-U5NMSCL-FEY7NJK-KKQYAHP-7LBSOHD-7WFW76J-IPCGMQM" name="web02" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
        <address>tcp://10.100.100.5:22000</address>
        <paused>false</paused>
        <allowedNetwork>10.100.100.0/24</allowedNetwork>
        <autoAcceptFolders>false</autoAcceptFolders>
        <maxSendKbps>0</maxSendKbps>
        <maxRecvKbps>0</maxRecvKbps>
    </device>
    <device id="2Y75F2E-66PD3UW-EJZZOTD-67VNT2R-6RBGWXX-GAGWSMX-KO73YJK-NSLFSQU" name="web03" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
        <address>tcp://10.100.100.6:22000</address>
        <paused>false</paused>
        <allowedNetwork>10.100.100.0/24</allowedNetwork>
        <autoAcceptFolders>false</autoAcceptFolders>
        <maxSendKbps>0</maxSendKbps>
        <maxRecvKbps>0</maxRecvKbps>
    </device>
    <gui enabled="true" tls="true" debugging="false">
        <address>10.100.100.5:8888</address>
        <user>test.admin</user>
        <password>$2a$10$ddH.7NbCZPrBzvn95dANT.bpFBKW/9anJ8a6xq44CZbcGJcE3kJGG</password>
        <apikey>KgfbYLfLVjf7LJhh4vuYrHbmEXdZhix7</apikey>
        <theme>default</theme>
    </gui>
    <options>
        <listenAddress>tcp://10.100.100.5:22000</listenAddress>
        <globalAnnounceServer>default</globalAnnounceServer>
        <globalAnnounceEnabled>false</globalAnnounceEnabled>
        <localAnnounceEnabled>false</localAnnounceEnabled>
        <localAnnouncePort>21027</localAnnouncePort>
        <localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>
        <maxSendKbps>0</maxSendKbps>
        <maxRecvKbps>0</maxRecvKbps>
        <reconnectionIntervalS>60</reconnectionIntervalS>
        <relaysEnabled>false</relaysEnabled>
        <relayReconnectIntervalM>10</relayReconnectIntervalM>
        <startBrowser>false</startBrowser>
        <natEnabled>false</natEnabled>
        <natLeaseMinutes>60</natLeaseMinutes>
        <natRenewalMinutes>30</natRenewalMinutes>
        <natTimeoutSeconds>10</natTimeoutSeconds>
        <urAccepted>-1</urAccepted>
        <urSeen>3</urSeen>
        <urUniqueID>cfxLXRKZ</urUniqueID>
        <urURL></urURL>
        <urPostInsecurely>false</urPostInsecurely>
        <urInitialDelayS>1800</urInitialDelayS>
        <restartOnWakeup>true</restartOnWakeup>
        <autoUpgradeIntervalH>0</autoUpgradeIntervalH>
        <upgradeToPreReleases>false</upgradeToPreReleases>
        <keepTemporariesH>24</keepTemporariesH>
        <cacheIgnoredFiles>false</cacheIgnoredFiles>
        <progressUpdateIntervalS>5</progressUpdateIntervalS>
        <limitBandwidthInLan>false</limitBandwidthInLan>
        <minHomeDiskFree unit="%">10</minHomeDiskFree>
        <releasesURL></releasesURL>
        <alwaysLocalNet>10.100.100.0/24</alwaysLocalNet>
        <overwriteRemoteDeviceNamesOnConnect>false</overwriteRemoteDeviceNamesOnConnect>
        <tempIndexMinBlocks>10</tempIndexMinBlocks>
        <trafficClass>0</trafficClass>
        <defaultFolderPath>/data/wwwroot</defaultFolderPath>
        <setLowPriority>true</setLowPriority>
        <minHomeDiskFreePct>0</minHomeDiskFreePct>
    </options>
</configuration>