# Syncthing Mesh Setup

Shared file synchronization across all Timmy VPS nodes.

## Overview

Syncthing provides peer-to-peer, encrypted file synchronization between all wizard VPS nodes. No central server required.

## Architecture

```
┌─────────────────┐     P2P Sync      ┌─────────────────┐
│  Allegro VPS    │ ◄──────────────► │   Ezra VPS      │
│  143.198.27.163 │                   │ 167.99.126.228  │
│  ~/shared/      │                   │  ~/shared/      │
└─────────────────┘                   └─────────────────┘
```

## Quick Start

### On Each VPS Node

```bash
# Run the setup script
curl -sL https://raw.githubusercontent.com/Timmy_Foundation/timmy-home/main/scripts/setup-syncthing.sh | bash
```

Or manually:

```bash
# Download and run setup script
wget -O /tmp/setup-syncthing.sh https://raw.githubusercontent.com/Timmy_Foundation/timmy-home/main/scripts/setup-syncthing.sh
chmod +x /tmp/setup-syncthing.sh
/tmp/setup-syncthing.sh <node-name>
```

## Node Status

| Node | IP | Device ID | Status |
|------|-----|-----------|--------|
| Allegro | 143.198.27.163 | MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE | ✅ Running |
| Ezra | 167.99.126.228 | TBD | ⏳ Awaiting setup |
| Future Timmy | TBD | TBD | ⏳ Future |

## Peering Nodes

After setup on each node:

1. Get device ID from each node:
```bash
syncthing --device-id
```

2. On Allegro VPS, add Ezra's device:
```bash
syncthing cli config devices add --device-id=<EZRA_DEVICE_ID> --name=ezra
```

3. On Ezra VPS, add Allegro's device:
```bash
syncthing cli config devices add --device-id=MK6G5KV-VLTY7KS-FJ6ZN63-RV5ZIRG-7C2GSRS-OSJUDWA-IC6A7UP-NIGMQAE --name=allegro
```

4. Share the `shared` folder with the peer device via web UI or CLI.

## Testing Sync

```bash
# On Allegro
echo "Test from Allegro" > ~/shared/test-allegro.txt

# On Ezra (after 60 seconds)
cat ~/shared/test-allegro.txt  # Should show "Test from Allegro"
```

## Web UI Access

```bash
# SSH tunnel to access web UI locally
ssh -L 8384:localhost:8384 root@<vps-ip>
# Then open http://localhost:8384 in browser
```

## Troubleshooting

| Issue | Solution |
|-------|----------|
| Nodes not connecting | Check firewall allows port 22000/tcp |
| Web UI not accessible | Verify bound to 127.0.0.1:8384 |
| Files not syncing | Check folder paths match on both nodes |
| Service not starting | Check `systemctl status syncthing@root` |

## Security

- Web UI bound to localhost only (no external exposure)
- All sync traffic is encrypted
- Device IDs required for peering (no unauthorized access)
- No central server - direct peer-to-peer only