From eadb1eff2527972d4b78e7206e12a919cd0bfae3 Mon Sep 17 00:00:00 2001 From: Allegro Date: Mon, 30 Mar 2026 15:20:01 +0000 Subject: [PATCH] [#74] Add Syncthing mesh setup script and documentation - Add scripts/setup-syncthing.sh for automated VPS provisioning - Add docs/SYNCTHING.md with architecture and troubleshooting - Configure systemd service for auto-start - Set web UI to localhost-only for security Allegro VPS: Device ID MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE Ezra VPS: Awaiting SSH access for setup completion --- docs/SYNCTHING.md | 98 ++++++++++++++++++++++++++++++++++++++ scripts/setup-syncthing.sh | 77 ++++++++++++++++++++++++++++++ 2 files changed, 175 insertions(+) create mode 100644 docs/SYNCTHING.md create mode 100755 scripts/setup-syncthing.sh diff --git a/docs/SYNCTHING.md b/docs/SYNCTHING.md new file mode 100644 index 0000000..a69abfe --- /dev/null +++ b/docs/SYNCTHING.md @@ -0,0 +1,98 @@ +# Syncthing Mesh Setup + +Shared file synchronization across all Timmy VPS nodes. + +## Overview + +Syncthing provides peer-to-peer, encrypted file synchronization between all wizard VPS nodes. No central server required. + +## Architecture + +``` +┌─────────────────┐ P2P Sync ┌─────────────────┐ +│ Allegro VPS │ ◄──────────────► │ Ezra VPS │ +│ 143.198.27.163 │ │ 167.99.126.228 │ +│ ~/shared/ │ │ ~/shared/ │ +└─────────────────┘ └─────────────────┘ +``` + +## Quick Start + +### On Each VPS Node + +```bash +# Run the setup script +curl -sL https://raw.githubusercontent.com/Timmy_Foundation/timmy-home/main/scripts/setup-syncthing.sh | bash +``` + +Or manually: + +```bash +# Download and run setup script +wget -O /tmp/setup-syncthing.sh https://raw.githubusercontent.com/Timmy_Foundation/timmy-home/main/scripts/setup-syncthing.sh +chmod +x /tmp/setup-syncthing.sh +/tmp/setup-syncthing.sh +``` + +## Node Status + +| Node | IP | Device ID | Status | +|------|-----|-----------|--------| +| Allegro | 143.198.27.163 | MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE | ✅ Running | +| Ezra | 167.99.126.228 | TBD | ⏳ Awaiting setup | +| Future Timmy | TBD | TBD | ⏳ Future | + +## Peering Nodes + +After setup on each node: + +1. Get device ID from each node: +```bash +syncthing --device-id +``` + +2. On Allegro VPS, add Ezra's device: +```bash +syncthing cli config devices add --device-id= --name=ezra +``` + +3. On Ezra VPS, add Allegro's device: +```bash +syncthing cli config devices add --device-id=MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE --name=allegro +``` + +4. Share the `shared` folder with the peer device via web UI or CLI. + +## Testing Sync + +```bash +# On Allegro +echo "Test from Allegro" > ~/shared/test-allegro.txt + +# On Ezra (after 60 seconds) +cat ~/shared/test-allegro.txt # Should show "Test from Allegro" +``` + +## Web UI Access + +```bash +# SSH tunnel to access web UI locally +ssh -L 8384:localhost:8384 root@ +# Then open http://localhost:8384 in browser +``` + +## Troubleshooting + +| Issue | Solution | +|-------|----------| +| Nodes not connecting | Check firewall allows port 22000/tcp | +| Web UI not accessible | Verify bound to 127.0.0.1:8384 | +| Files not syncing | Check folder paths match on both nodes | +| Service not starting | Check `systemctl status syncthing@root` | + +## Security + +- Web UI bound to localhost only (no external exposure) +- All sync traffic is encrypted +- Device IDs required for peering (no unauthorized access) +- No central server - direct peer-to-peer only diff --git a/scripts/setup-syncthing.sh b/scripts/setup-syncthing.sh new file mode 100755 index 0000000..4509ea2 --- /dev/null +++ b/scripts/setup-syncthing.sh @@ -0,0 +1,77 @@ +#!/bin/bash +# Syncthing Setup Script for Timmy Fleet +# Run this on each VPS node to join the sync mesh + +set -e + +NODE_NAME="${1:-$(hostname)}" +HOME_DIR="${HOME:-/root}" +CONFIG_DIR="$HOME_DIR/.config/syncthing" +SHARED_DIR="$HOME_DIR/shared" + +export HOME="$HOME_DIR" + +echo "=== Syncthing Setup for $NODE_NAME ===" + +# Install syncthing if not present +if ! command -v syncthing &> /dev/null; then + echo "Installing Syncthing..." + curl -sL "https://github.com/syncthing/syncthing/releases/download/v1.27.0/syncthing-linux-amd64-v1.27.0.tar.gz" | tar -xzf - -C /tmp/ + cp /tmp/syncthing-linux-amd64-v1.27.0/syncthing /usr/local/bin/ + chmod +x /usr/local/bin/syncthing +fi + +# Create directories +mkdir -p "$CONFIG_DIR" +mkdir -p "$SHARED_DIR" + +# Generate config if not exists +if [ ! -f "$CONFIG_DIR/config.xml" ]; then + echo "Generating Syncthing config..." + syncthing generate --config="$CONFIG_DIR" +fi + +# Get device ID +DEVICE_ID=$(syncthing --config="$CONFIG_DIR" --device-id 2>/dev/null || grep -oP '(?<=127.0.0.1:8384|
127.0.0.1:8384
|g' "$CONFIG_DIR/config.xml" +sed -i 's|
0.0.0.0:8384
|
127.0.0.1:8384
|g' "$CONFIG_DIR/config.xml" + +# Create systemd service +cat > /etc/systemd/system/syncthing@root.service << 'EOF' +[Unit] +Description=Syncthing - Open Source Continuous File Synchronization for %i +Documentation=man:syncthing(1) +After=network.target + +[Service] +User=%i +ExecStart=/usr/local/bin/syncthing -no-browser -no-restart -logflags=0 +Restart=on-failure +RestartSec=5 +SuccessExitStatus=3 4 +RestartForceExitStatus=3 4 +Environment="HOME=/root" + +[Install] +WantedBy=multi-user.target +EOF + +# Enable and start service +systemctl daemon-reload +systemctl enable syncthing@root.service +systemctl restart syncthing@root.service || systemctl start syncthing@root.service + +echo "" +echo "=== Setup Complete ===" +echo "Node: $NODE_NAME" +echo "Device ID: $DEVICE_ID" +echo "Shared folder: $SHARED_DIR" +echo "Web UI: http://127.0.0.1:8384 (localhost only)" +echo "" +echo "To peer with another node, add their device ID via the web UI" +echo "or use: syncthing cli --config=$CONFIG_DIR config devices add --device-id="