[#74] Add Syncthing mesh setup script and documentation

- Add scripts/setup-syncthing.sh for automated VPS provisioning - Add docs/SYNCTHING.md with architecture and troubleshooting - Configure systemd service for auto-start - Set web UI to localhost-only for security Allegro VPS: Device ID MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE Ezra VPS: Awaiting SSH access for setup completion
2026-03-30 15:20:01 +00:00
parent 6f9fe7f31b
commit eadb1eff25
2 changed files with 175 additions and 0 deletions
--- a/docs/SYNCTHING.md
+++ b/docs/SYNCTHING.md
@@ -0,0 +1,98 @@
+# Syncthing Mesh Setup
+
+Shared file synchronization across all Timmy VPS nodes.
+
+## Overview
+
+Syncthing provides peer-to-peer, encrypted file synchronization between all wizard VPS nodes. No central server required.
+
+## Architecture
+
+```
+┌─────────────────┐     P2P Sync      ┌─────────────────┐
+│  Allegro VPS    │ ◄──────────────► │   Ezra VPS      │
+│  143.198.27.163 │                   │ 167.99.126.228  │
+│  ~/shared/      │                   │  ~/shared/      │
+└─────────────────┘                   └─────────────────┘
+```
+
+## Quick Start
+
+### On Each VPS Node
+
+```bash
+# Run the setup script
+curl -sL https://raw.githubusercontent.com/Timmy_Foundation/timmy-home/main/scripts/setup-syncthing.sh | bash
+```
+
+Or manually:
+
+```bash
+# Download and run setup script
+wget -O /tmp/setup-syncthing.sh https://raw.githubusercontent.com/Timmy_Foundation/timmy-home/main/scripts/setup-syncthing.sh
+chmod +x /tmp/setup-syncthing.sh
+/tmp/setup-syncthing.sh <node-name>
+```
+
+## Node Status
+
+| Node | IP | Device ID | Status |
+|------|-----|-----------|--------|
+| Allegro | 143.198.27.163 | MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE | ✅ Running |
+| Ezra | 167.99.126.228 | TBD | ⏳ Awaiting setup |
+| Future Timmy | TBD | TBD | ⏳ Future |
+
+## Peering Nodes
+
+After setup on each node:
+
+1. Get device ID from each node:
+```bash
+syncthing --device-id
+```
+
+2. On Allegro VPS, add Ezra's device:
+```bash
+syncthing cli config devices add --device-id=<EZRA_DEVICE_ID> --name=ezra
+```
+
+3. On Ezra VPS, add Allegro's device:
+```bash
+syncthing cli config devices add --device-id=MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE --name=allegro
+```
+
+4. Share the `shared` folder with the peer device via web UI or CLI.
+
+## Testing Sync
+
+```bash
+# On Allegro
+echo "Test from Allegro" > ~/shared/test-allegro.txt
+
+# On Ezra (after 60 seconds)
+cat ~/shared/test-allegro.txt  # Should show "Test from Allegro"
+```
+
+## Web UI Access
+
+```bash
+# SSH tunnel to access web UI locally
+ssh -L 8384:localhost:8384 root@<vps-ip>
+# Then open http://localhost:8384 in browser
+```
+
+## Troubleshooting
+
+| Issue | Solution |
+|-------|----------|
+| Nodes not connecting | Check firewall allows port 22000/tcp |
+| Web UI not accessible | Verify bound to 127.0.0.1:8384 |
+| Files not syncing | Check folder paths match on both nodes |
+| Service not starting | Check `systemctl status syncthing@root` |
+
+## Security
+
+- Web UI bound to localhost only (no external exposure)
+- All sync traffic is encrypted
+- Device IDs required for peering (no unauthorized access)
+- No central server - direct peer-to-peer only