Hold Tight...

0 %
Warith AL Maawali
Driving cybersecurity excellence
Innovator behind Linux Kodachi
  • Residence:
    ::0
  • Uptime Binary:
    101110
  • Mantra:
    Innovate, Secure, Repeat
ONS
EEDS
NSSG
Visual basic
Gambas
PHP
Delphi
Bash
  • Cybersecurity
  • Generative AI
  • Cloud & Automation
  • Cryptocurrency

Effortless File Syncing: Automate Syncthing Installation with This Script

03/11/2024

Simplify Syncthing Installation with This Bash Script

Setting up Syncthing on a Debian-based system can be time-consuming. This Bash script automates the entire process, making secure file synchronization effortless and efficient.

What is Syncthing?

Syncthing is an open-source tool for secure, decentralized file synchronization across multiple devices. It keeps your data private and under your control, avoiding reliance on third-party servers.

Key Features of the Script

  • Root Privileges Check: Ensures the script runs with necessary permissions.
  • User Management: Creates a dedicated Syncthing user for enhanced security.
  • Installation: Installs Syncthing if it’s not already present.
  • Configuration: Sets up configuration directories, permissions, and necessary services.
  • Service Management: Configures Syncthing to run under a low-privileged user and manages service restarts.
  • Status Check: Retrieves and displays Syncthing status, API keys, and connected devices.

How It Works

  1. Prepares the System:
  • Removes any previous Syncthing configurations.
  • Creates a dedicated syncthing user to enhance security.
  1. Installs Syncthing:
  • Installs Syncthing from Debian repositories if it is not already present.
  1. Configures Syncthing:
  • Sets up configuration files, directories, and permissions.
  • Applies custom settings, including GUI and networking options.
  1. Manages the Service:
  • Disables root-level services and ensures Syncthing runs under the correct user.
  • Restarts the service to apply changes and enables it to start on boot.
  1. Displays Status and Next Steps:
  • Outputs API keys, GUI credentials, and connection details.
  • Provides instructions for pairing devices and managing shared folders.

Quick Start

  1. Download and Make Executable:
   chmod +x syncthing-setup.sh
  1. Run the Script:
   sudo ./syncthing-setup.sh
  1. Follow Prompts:
  • Let the script create a secure configuration and manage service setup.
  1. Access Syncthing:
  • Open the web interface at http://<your-server-ip>:5612.
  • Use the provided credentials to log in and configure synchronization.

Benefits

  • Time-Saving: Automates the installation and configuration process.
  • Enhanced Security: Runs Syncthing under a dedicated user with restricted permissions.
  • Decentralized Control: Ensures your data remains private and accessible only to authorized devices.
  • Ease of Use: Simplifies complex configurations with a streamlined script.

Conclusion

This Bash script makes setting up Syncthing on Debian-based systems a breeze. By automating every step, it ensures a secure and efficient synchronization setup. Take control of your data and simplify file sharing across devices today with this powerful tool!

Bash
#!/bin/bash
# =========================================
# Syncthing Setup
# =========================================
#
# Version: 1.0.4
# Script written by Warith Al Maawali
#
# Discord channel: https://discord.gg/KEFErEx
# Twitter: http://twitter.com/warith2020
# Linkedin: http://www.linkedin.com/in/warith1977
# Website: https://www.digi77.com
# (c) 2024
#
# Description:
# This script installs and configures Syncthing on a Debian-based system.
# It ensures root privileges, removes old configurations, creates a Syncthing user,
# installs Syncthing if not already installed, prepares the configuration directory,
# and sets up necessary permissions and services.
#
# This software is dual-licensed:
#
# Personal, non-commercial use: Apache License 2.0
# Commercial, corporate, or organizational use: Separate commercial license required. 
# Contact me for licensing inquiries.
#
# Usage: ./syncthing-setup.sh
#
# Usage Examples:
#   Run this script as root to set up Syncthing:
#     ./syncthing-setup.sh
# =========================================

# Global Variables
FOLDER_PATH="/var/www/html/vps-cards"
GUI_USER="x_your_username_x"
GUI_PASSWORD='x_your_password_x'
ENCRYPTION_PASSWORD="x_your_password_x"
GUI_ADDRESS="0.0.0.0:5612"
LISTEN_TCP="tcp://0.0.0.0:22222"
LISTEN_TCP6="tcp6://[::]:22222"
LISTEN_QUIC="quic://0.0.0.0:22222"
LISTEN_QUIC6="quic6://[::]:22221"

# Configuration File Path
CONFIG_DIR="/home/syncthing/.config/syncthing"
CONFIG_FILE="$CONFIG_DIR/config.xml"
USER="syncthing"

# Function to install and configure Syncthing on Debian
setup_syncthing() {
  # Ensure root privileges
  if [ "$EUID" -ne 0 ]; then
    echo "Please run as root"
    exit 1
  fi

  # Remove old configuration directory
  rm -rf "$CONFIG_DIR"

  # Create Syncthing user if it doesn't exist
  if ! id -u $USER &>/dev/null; then
    useradd -r -m -d /home/syncthing -s /usr/sbin/nologin $USER
    echo "User $USER created."
  fi

  # Install Syncthing if not already installed
  if ! command -v syncthing &>/dev/null; then
    apt update && apt install -y syncthing
  fi

  # Prepare the configuration directory and permissions
  mkdir -p "$CONFIG_DIR"
  chown -R $USER:$USER "$CONFIG_DIR"

  # Disable root service for Syncthing and configure for $USER
  systemctl stop syncthing@root && systemctl disable syncthing@root && systemctl mask syncthing@root
  systemctl stop syncthing@$USER
  setcap 'cap_net_bind_service=+ep' /usr/bin/syncthing

  # Ensure low privileged port binding is allowed
  if ! grep -q 'net.ipv4.ip_unprivileged_port_start=0' /etc/sysctl.conf; then
    echo 'net.ipv4.ip_unprivileged_port_start=0' | sudo tee -a /etc/sysctl.conf && sysctl -p
  fi

  # Start Syncthing service for user
  systemctl restart syncthing@$USER

  # Copy the provided config.xml to the Syncthing configuration directory
  cp -f config.xml "$CONFIG_FILE"
  chown $USER:$USER "$CONFIG_FILE"
  syncthing -generate="~/.config/syncthing"
  # Ensure CONFIG_FILE exists, create if missing
  if [ ! -f "$CONFIG_FILE" ]; then
    syncthing generate
    syncthing -generate="~/.config/syncthing"
    while [ ! -f "$CONFIG_FILE" ]; do sleep 1; done
  fi

  # Final restart to apply configurations
  systemctl restart syncthing@$USER

  # Display next steps
  echo "====================================================="
  echo "Syncthing is configured. Access the web interface at http://<your-vps-ip>:$GUI_ADDRESS"
  echo "The configuration file has been copied. You might want to change those values later."
  echo "Current configuration values:"
  echo "FOLDER_PATH: $FOLDER_PATH"
  echo "GUI_USER: $GUI_USER"
  echo "GUI_PASSWORD: $GUI_PASSWORD"
  echo "ENCRYPTION_PASSWORD: $ENCRYPTION_PASSWORD"
  echo "GUI_ADDRESS: $GUI_ADDRESS"
  echo "LISTEN_TCP: $LISTEN_TCP"
  echo "LISTEN_TCP6: $LISTEN_TCP6"
  echo "LISTEN_QUIC: $LISTEN_QUIC"
  echo "LISTEN_QUIC6: $LISTEN_QUIC6"
  echo "Next steps:"
  echo "1. Pair this device with others via the Syncthing web interface."
  echo "2. Configure shared folders on other nodes and approve sync requests."
  echo "3. Path to configuration file: $CONFIG_FILE"
  echo "====================================================="
}

# Function to show Syncthing status
show_syncthing_status() {
  # Check if xmlstarlet is installed, if not, install it
  if ! command -v xmlstarlet &>/dev/null; then
    echo "xmlstarlet not found, installing..."
    sudo apt-get update && sudo apt-get install -y xmlstarlet
  fi

  # Extract API key from the Syncthing config
  API_KEY=$(xmlstarlet sel -t -v "//apikey" "$CONFIG_FILE")
  if [ -z "$API_KEY" ]; then
    echo "API key not found in the Syncthing config."
    exit 1
  fi
  echo "API Key: $API_KEY"
  # Set your Syncthing API key and base URL
  BASE_URL="https://localhost:5612"
  FOLDER_ID="unvv4-ddta3" # Replace with your actual folder ID

  # Get the list of pending folders and devices
  PENDING_FOLDERS=$(curl -k -s -X GET -H "X-API-Key: $API_KEY" "$BASE_URL/rest/cluster/pending/folders")
  PENDING_DEVICES=$(curl -k -s -X GET -H "X-API-Key: $API_KEY" "$BASE_URL/rest/cluster/pending/devices")
  ACTIVE_DEVICES=$(curl -k -s -X GET -H "X-API-Key: $API_KEY" "$BASE_URL/rest/config/devices")

  # Extract and show only device id and ip for active and pending devices
  echo "Pending Devices:"
  echo "$PENDING_DEVICES" | jq -r '.[] | "Device ID: \(.deviceID), IP: \(.addresses[])"'

  echo "Active Devices:"
  echo "$ACTIVE_DEVICES" | jq -r '.[] | "Device ID: \(.deviceID), IP: \(.addresses[])"'

  echo "Pending Folders:"
  echo "$PENDING_FOLDERS" | jq -r '.[] | "Folder ID: \(.folderID), Folder Name: \(.folderName)"'
}

# Main script execution
setup_syncthing
show_syncthing_status
Bash
Posted in Tech BlogTags:
© 2024 Warith AL Maawali. All Rights Reserved.
Stay Secure, Stay Assured.