Syncthing Docker image
How to run
Simpliest way to run this container is by using docker-compose.yml file. Simply run:
wget https://raw.githubusercontent.com/istepanov/docker-syncthing/master/docker-compose.yml docker-compose up -d
Then access Syncthing Web UI at http://localhost:8384/.
To update the container, run:
docker-compose pull docker-compose up -d
You can also start the container manually without using Docker Compose:
# Container requires 2 volumes: for config and for data. CONFIG_VOLUME='syncthing-config' DATA_VOLUME='syncthing-data' CONTAINER_NAME='syncthing' docker run -d \ --name $CONTAINER_NAME \ --restart always \ -p 8384:8384 -p 22000:22000 -p 21027:21027/udp \ -v $CONFIG_VOLUME:/home/syncthing/.config/syncthing \ -v $DATA_VOLUME:/home/syncthing/Sync \ istepanov/syncthing
--restart always (or
--restart on-failure or
--restart unless-stopped) is required because Syncthing restarts itself during auto-update. Without this option container just stops after first update.
Enabling HTTPS for Web UI
The image itself tends to be minimal and doesn't provide any HTTPS functionality. If you want to have a SSL connection between your browser and Syncthing Web UI, you need to put a proxy container that will handle HTTPS connections.
The easiest way to do it is by using Let's Encrypt certifcates and 3 additional containers: official Nginx image, jwilder/docker-gen image to auto-generate Nginx configs and jrcs/letsencrypt-nginx-proxy-companion image to auto-generate/auto-renew SSL certificates. To orchestrate all containers, we'll use docker-compose-https.yml file:
wget https://raw.githubusercontent.com/istepanov/docker-syncthing/master/docker-compose-https.yml # before launching, we need to prepare 2 docker volumes: docker volume create --driver local --name certs docker volume create --driver local --name nginx-templates # download nginx template into "nginx-templates" volume docker run --rm -v nginx-templates:/tmp/nginx-templates alpine /bin/sh -c 'apk add --no-cache curl ca-certificates && curl -o /tmp/nginx-templates/nginx.tmpl https://gist.githubusercontent.com/istepanov/6c19d1e519196e9b74f76344353fe837/raw/fc8784d1cbc8ad56047b10630b68c1830859bf63/nginx.tmpl' # Setup env vars that will be used by Docker Compose file. # SYNCTHING_HOSTNAME must be accessible from outside, otherwise SSL certificate won't be generated. # Make sure port 80 is open and the domain name is resolvable. # (this is an example, replace this with real values) export SYNCTHING_HOSTNAME='syncthing.myserver.host' export LETSENCRYPT_EMAILemail@example.com' docker-compose -f docker-compose-https.yml up -d
Make sure you set
LETSENCRYPT_EMAIL env vars before running Docker Compose commands. You can also edit
docker-compose-https.yml and replace these vars with real values.
Loving this docker image of syncthing. Works very well. I'm wondering if there is any possibility to add syncthing-inotify as default into this image, or at least provide a label which include it? syncthing-inotify makes sure detects files that is changed on disk and thus reduce the amount of rescans needed.
Is it possible to change permissions for mounted volume? Files in Sync have default permissions set to
drwx------ 1 user user. It would be great to be able to modify owner and permissions.
Why are you upgrading anything inside of a docker container why not just pull an upgraded copy and replace it.
New version is able to do auto-upgrade. To handle process restart, add
--restart always flag to
docker run command
I am a little disapointed as the docker is fine except the binary is in / and so cannot upgrade itself :(
The binary use the user syncthing who cannot create files inside /
The binary should be put in /usr/local/bin (for example) so it would be able to download update and upgrade.
Take into account that upgrading restart the process and so stop the docker. Maybe with supervisord it is possible to avoid this behavior.