Skip to content

Instantly share code, notes, and snippets.

@muhammadardie

muhammadardie/README.md

Created October 13, 2025 08:54
Show Gist options
  • Save muhammadardie/73f571491b491688c146bec36c85ad12 to your computer and use it in GitHub Desktop.
Save muhammadardie/73f571491b491688c146bec36c85ad12 to your computer and use it in GitHub Desktop.
Download ZIP
Syncthing Installation & Configuration on Rocky / CentOS / AlmaLinux 9
Raw
README.md

Syncthing Installation & Configuration on Rocky / CentOS / AlmaLinux 9

A step-by-step guide to install the latest Syncthing binary, run it as a service, set up data directories, firewall rules, and access the Web UI.

Table of Contents

  1. Prerequisites
  2. Download & Install Syncthing
  3. Configure a Systemd Service
  4. Prepare Data / Sync Directory
  5. Firewall / Port Setup
  6. Access the Web UI
  7. Optional: Use reverse proxy to expose web GUI
  8. Notes & Troubleshooting

1. Prerequisites

  • You have root (or sudo) access to a Rocky / CentOS / AlmaLinux 9 system.
  • curl, wget, tar, and systemd are available.
  • Basic familiarity with Linux filesystem permissions, editing config files, systemctl, etc.

2. Download & Install Syncthing

Use the official GitHub releases to get the latest version:

cd /tmp

# Fetch the latest release download URL for linux-amd64
# Download it using wget or curl
curl -s https://api.github.com/repos/syncthing/syncthing/releases/latest | grep browser_download_url | grep linux-amd64 | cut -d '"' -f 4 | wget -qi -

# Extract
tar xvf syncthing-linux-amd64*.tar.gz

# Move the `syncthing` binary to /usr/bin (or another PATH)
 sudo cp syncthing-linux-amd64-*/syncthing /usr/bin/

Verify installation:

syncthing --version

You should see something like:

syncthing vX.Y.Z "SomeCodename" (go version …)

3. Configure a Systemd Service

Run Syncthing under a dedicated user (not root). Example: syncthing.

Create user

sudo useradd -m syncthing

Optionally, give this user sudo / wheel privileges if needed (not strictly necessary).

sudo usermod -aG wheel syncthing
sudo passwd syncthing
Changing password for user syncthing.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Create the service unit file

Create a template unit file at /etc/systemd/system/[email protected]:

[Unit]
Description=Syncthing - Open Source Continuous File Synchronization for %I
Documentation=man:syncthing(1)
After=network.target
StartLimitIntervalSec=60
StartLimitBurst=4

[Service]
User=%i
ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0
Restart=on-failure
RestartSec=1
SuccessExitStatus=3 4
RestartForceExitStatus=3 4

# Hardening options
ProtectSystem=full
PrivateTmp=true
SystemCallArchitectures=native
MemoryDenyWriteExecute=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

To allow listen on all interfaces use:

ExecStart=/usr/bin/syncthing --no-browser --gui-address="0.0.0.0:8384" --no-restart --logflags=0

Reload systemd to pick up the new file:

sudo systemctl daemon-reload

Start and enable the service for user syncthing:

sudo systemctl start syncthing@syncthing
sudo systemctl enable syncthing@syncthing

Check status:

systemctl status syncthing@syncthing

You should see active (running).

4. Prepare Data / Sync Directory

Create a directory where Syncthing will store data / sync files:

sudo mkdir -p /home/syncthing/data
sudo chown syncthing:syncthing /home/syncthing/data

You can also create other subfolders:

sudo mkdir /home/syncthing/Sync
sudo chown syncthing:syncthing /home/syncthing/Sync

Then in the Syncthing Web UI, add these paths as “Folders” with folder path /home/syncthing/data or /home/syncthing/Sync.

5. Firewall / Port Setup

If using firewalld, allow the necessary ports:

sudo firewall-cmd --add-port=8384/tcp --zone=public --permanent
sudo firewall-cmd --add-port=22000/tcp --zone=public --permanent
sudo firewall-cmd --reload
  • 8384/tcp — Web GUI
  • 22000/tcp — Sync protocol

(If you use discovery, you may also allow UDP discovery ports.)

6. Access the Syncthing Web UI

Open your browser and go to:

http://<server-ip>:8384/

In the GUI:

  • Set an admin password under Settings → GUI.
  • Add folders you prepared (e.g. /home/syncthing/data).
  • Connect devices as needed.

Optional: Use reverse proxy to expose web GUI

configuration for nginx

server {
    listen 80;
    server_name example.com;

    location /syncthing/ {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        proxy_pass              http://localhost:8384/;

        proxy_read_timeout      600s;
        proxy_send_timeout      600s;
    }
}

Then edit configuration syncthing file at /home/syncthing/.local/state/syncthing/config.xml add this <insecureSkipHostcheck>true</insecureSkipHostcheck> to skip host check <gui enabled="true" tls="false" sendBasicAuthPrompt="false"> <insecureSkipHostcheck>true</insecureSkipHostcheck> </gui>

8. Notes & Troubleshooting

  • If the service fails to start (exit-code errors), examine logs:

    journalctl -u syncthing@syncthing -b

  • Make sure the syncthing user has permissions to its home, config, and data directories.

  • Syncthing’s default config is created in /home/syncthing/.local/state/syncthing/config.xml.

  • Use systemctl restart syncthing@syncthing after making config changes.

License / Attribution

This README is adapted from the guide on ComputingForGeeks: "How To Install Syncthing on Rocky 9 / CentOS 9 / Alma 9". https://computingforgeeks.com/install-configure-syncthing-on-rocky-centos-almalinux/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment