Code Monkey home page Code Monkey logo

syncthing-discovery's Introduction

syncthing-discosrv

Docker Container for the global discovery server for the http://syncthing.net/ project. I build the container because the official on is virtually dead (last build at the time of writing "a year ago"). This build is listening on the gihub project of the discovery server and gets updated whenever there is a code change. dicosrv GitHub repo. The container is intendet for people who like to roll their own private syncthing "cloud".

The files for this container can be found at my GitHub repo

docker-build-push

dockeri.co

About the Container

This build is based on ubuntu:latest and installs the latests successful build of the syncthing discovery server.

How to use this image

docker run --name syncthing-discovery -d -p 22026:22026 --restart=always t4skforce/syncthing-discovery:latest This will store the certificates and all of the data in /home/discosrv/. You will probably want to make at least the certificate folder a persistent volume (recommended):

docker run --name syncthing-discovery -d -p 22026:22026 -v /your/home:/home/discosrv/certs --restart=always t4skforce/syncthing-discovery:latest

If you already have certificates generated and want to use them and protect the folder from being changed by the docker images use the following command:

docker run --name syncthing-discovery -d -p 22026:22026 -v /your/home:/home/discosrv/certs:ro --restart=always t4skforce/syncthing-discovery:latest

Creating cert directory and setting permissions (docker process is required to have access):

mkdir -p /your/home/certs
chown -R 1000:1000 /your/home/certs

Upgrade

# download updates
docker pull t4skforce/syncthing-discovery:latest
# stop current running image
docker stop syncthing-discovery
# remove container
docker rm syncthing-discovery
# start with new base image
docker run --name syncthing-discovery -d -p 22026:22026 -v /your/home:/home/discosrv/certs:ro --restart=always t4skforce/syncthing-discovery:latest
# cleanup docker images
docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}") > /dev/null 2>&1

Autostart

To enable the discovery server to start at system-startup we need to create a systemd service file vim /lib/systemd/system/syncthing-discovery.service:

[Unit]
Description=Syncthing-Discovery-Server
Requires=docker.service
After=docker.service

[Service]
Restart=always
ExecStart=/usr/bin/docker start -a syncthing-discovery
ExecStop=/usr/bin/docker stop -t 2 syncthing-discovery

[Install]
WantedBy=multi-user.target

To start the service manually call systemctl start syncthing-discovery. For retreaving the current service status call systemctl status syncthing-discovery

root@syncthing:~# systemctl status syncthing-discovery
● syncthing-discovery.service - Syncthing-Discovery-Server
   Loaded: loaded (/lib/systemd/system/syncthing-discovery.service; disabled)
   Active: active (running) since Sun 2016-04-17 14:33:07 BST; 13s ago
 Main PID: 11010 (docker)
   CGroup: /system.slice/syncthing-discovery.service
           └─11010 /usr/bin/docker start -a syncthing-discovery

Apr 17 14:33:07 syncthing docker[11010]: Server device ID is <your device ID of the server>

And last but not least we need to enable our newly created service via issuing systemctl enable syncthing-discovery:

root@syncthing:~# systemctl enable syncthing-discovery
Created symlink from /etc/systemd/system/multi-user.target.wants/syncthing-discovery.service to /lib/systemd/system/syncthing-discovery.service.

Auto Upgrade

Combine all the above and autoupgrade the container at defined times. This requires you to at least setup Autostart.

First we need to generate your upgrade shell script vim /root/syncthing-discovery_upgrade.sh:

#!/bin/bash

# Directory to look for the Certificates
CERT_HOME="/your/home/certs"

# download updates
docker pull t4skforce/syncthing-discovery:latest
# stop current running image
systemctl stop syncthing-discovery
# remove container
docker rm syncthing-discovery
# start with new base image
docker run --name syncthing-discovery -d -p 22026:22026 -v ${CERT_HOME}:/home/discosrv/certs:ro --restart=always t4skforce/syncthing-discovery:latest
# stop container
docker stop syncthing-discovery
# start via service
systemctl start syncthing-discovery
# cleanup docker images
docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}") > /dev/null 2>&1

Next we need to make this file executable chmod +x /root/syncthing-discovery_upgrade.sh, and test if the upgrade script works by calling the shell-script and checking the service status afterwards:

root@syncthing:~# /root/syncthing-discovery_upgrade.sh
root@syncthing:~# systemctl status syncthing-discovery
● syncthing-discovery.service - Syncthing-Discovery-Server
   Loaded: loaded (/lib/systemd/system/syncthing-discovery.service; enabled)
   Active: active (running) since Sun 2016-04-17 11:42:57 BST; 2s ago
 Main PID: 2642 (docker)
   CGroup: /system.slice/syncthing-discovery.service
           └─2642 /usr/bin/docker start -a syncthing-discovery

Now we need to set the trigger for the upgrade. In this example we just setup a weekly upgrade via crontab scheduled for Sunday at midnight. We add 0 0 * * 7 root /root/syncthing-discovery_upgrade.sh to /etc/crontab. The resulting file looks like:

# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user  command
17 *    * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
# Syncthing-Discovery-Server Docker Container Upgrade
0  0    * * 7   root    /root/syncthing-discovery_upgrade.sh
#

syncthing-discovery's People

Contributors

t4skforce avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

seancrites dron4eg

syncthing-discovery's Issues

Running in http mode

Hey I really enjoy your github and instructions. Nice since a lot of documentation seems to be missing from the syncthing-discovery project in general.

My intentions are actually to try to run the discovery server behind a reverse proxy. Your docker file has:

CMD ${USER_HOME}/server/discosrv \
    -listen=":${SERV_PORT}" \
    -db-dir="${USER_HOME}/db/discosrv.db" \
    -cert="${USER_HOME}/certs/cert.pem" \
    -key="${USER_HOME}/certs/key.pem" \
    ${DISCO_OPTS}

Just checking that if I made the following modifications to the Dockerfile, then the server would start listening via http:

ENV DISCO_OPTS      "-http"
CMD ${USER_HOME}/server/discosrv \
    -listen=":${SERV_PORT}" \
    -db-dir="${USER_HOME}/db/discosrv.db" \
    ${DISCO_OPTS}

Additional modifications of course would be needed on the reverse proxy and I believe if using nginx as a reverse proxy these would be:

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Port $remote_port;
proxy_set_header X-SSL-Cert $ssl_client_cert;
ssl_verify_client optional_no_ca;

Alpine Linux base and reverse proxy

Hey nothing wrong with your image per se since I used your Dockerfile as the base for my own. I just wanted to add a bit to your project. I modified the Dockerfile to use alpine linux as a base since its much smaller. I only needed a few modifications to change to alpine linux:

FROM alpine:latest
################################
#           Settings                                            #
################################
# Syncthing-Discovery Server

ENV SERV_PORT 8443
ENV DISCO_OPTS "-http"

################################
#            Setup                                               #
################################
ENV BUILD_REQUIREMENTS curl openssl
ENV REQUIREMENTS ca-certificates shadow tzdata
ENV PUID 6000
ENV PGID 6000
ENV USER_HOME /home/discosrv
ENV USERNAME discosrv
ENV USERGROUP discosrv
################################

###############################
#           Build                                               #
###############################
ARG VERSION=v1.18.1
ENV DOWNLOAD_URL="https://github.com/syncthing/discosrv/releases/download/$VERSION/stdiscosrv-linux-amd64-$VERSION.tar.gz"
###############################

USER root

# setup
SHELL ["/bin/sh", "-c"]
RUN apk update \
        && apk add --no-cache ${BUILD_REQUIREMENTS} ${REQUIREMENTS} \
        && mkdir -p ${USER_HOME} \
        && addgroup -S -g ${PGID} ${USERGROUP} \
        && adduser \
           --disabled-password \
           --gecos "" \
           --home ${USER_HOME} \
           --ingroup ${USERGROUP} \
           --uid ${PUID} \
           ${USERNAME} \
        && echo "${USERNAME}:$(openssl rand 512 | openssl sha256 | awk '{print $2}')" | chpasswd \
        && chown -R ${USERNAME}:${USERGROUP} ${USER_HOME}

EXPOSE ${SERV_PORT}

HEALTHCHECK --interval=1m --timeout=10s \
  CMD nc -z localhost 8443 || exit 1

# install disco
WORKDIR /tmp/
RUN curl -Ls ${DOWNLOAD_URL} --output discosrv.tar.gz \
  && tar -zxf discosrv.tar.gz \
  && rm discosrv.tar.gz \
  && mkdir -p ${USER_HOME}/server ${USER_HOME}/certs ${USER_HOME}/db \
  && cp /tmp/*discosrv*/*discosrv ${USER_HOME}/server/discosrv \
  && chown -R ${USERNAME}:${USERGROUP} ${USER_HOME}

# cleanup
RUN apk del ${BUILD_REQUIREMENTS} \
  && rm -rf /var/cache/apk/* \
  && rm -rf /tmp/*

USER ${USERNAME}
VOLUME ${USER_HOME}/certs

CMD ${USER_HOME}/server/discosrv \
    ${DISCO_OPTS} \
    -listen=":${SERV_PORT}" \
    -db-dir="${USER_HOME}/db/discosrv.db" \
    -cert="${USER_HOME}/certs/cert.pem" \
    -key="${USER_HOME}/certs/key.pem" \

I was able to get the reverse proxy running behind an nginx reverse proxy using LinuxServer IO SWAG container. The configuration of the reverse proxy wasn't all that difficult however if you need documentation for this I can provide. I used the -http option passed the the discovery server to indicate to run via http since the discovery server was sitting behind a reverse proxy.

Thanks for your help.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.