Syncthing: Difference between revisions

Line 53:

};

~~# syncthing uses port 22000 to facilitate discovery of nodes on the local area network~~

~~# if this port is blocked by the firewall, nodes will have to go all the way to the announce servers, then use a bridge to tunnel through NAT.~~

~~# this is much slower than just sending data in a "node1 -> router -> node2" path~~

~~networking.firewall.allowedTCPPorts = [ 22000 ];~~

</syntaxHighlight>

~~If running a headless server, you should also change guiAddress to a publicly visible one (or just 0.0.0.0:8384, for example).~~

=== Firewall ===

You will probably have to open a few ports in the firewall:

You will ~~also~~ probably have to open a few ports in the firewall:

# Syncthing ports: 8384 for remote access to GUI

Line 71:

Line 65:

networking.firewall.allowedUDPPorts = [ 22000 21027 ];

</syntaxHighlight>

Syncthing uses port 22000 to facilitate discovery of nodes on the local area network. If this port is blocked by the firewall, nodes will have to go all the way to the announce servers, then use a bridge to tunnel through NAT. This is much slower than just sending data in a "node1 -> router -> node2" path.

=== Web GUI ===

If running a headless server, you should also change guiAddress to a publicly visible one (or just 0.0.0.0:8384, for example).

It is also a good idea to protect the web GUI with a username and password:

@@ Line 53: / Line 53: @@
    };
 };
-# syncthing uses port 22000 to facilitate discovery of nodes on the local area network
-# if this port is blocked by the firewall, nodes will have to go all the way to the announce servers, then use a bridge to tunnel through NAT.
-# this is much slower than just sending data in a "node1 -> router -> node2" path
-networking.firewall.allowedTCPPorts = [ 22000 ];
 </syntaxHighlight>
-If running a headless server, you should also change guiAddress to a publicly visible one (or just 0.0.0.0:8384, for example).
+=== Firewall ===
+You will probably have to open a few ports in the firewall:
-You will also probably have to open a few ports in the firewall:
 <syntaxHighlight lang="nix">
     # Syncthing ports: 8384 for remote access to GUI
@@ Line 71: / Line 65: @@
     networking.firewall.allowedUDPPorts = [ 22000 21027 ];
 </syntaxHighlight>
+Syncthing uses port 22000 to facilitate discovery of nodes on the local area network. If this port is blocked by the firewall, nodes will have to go all the way to the announce servers, then use a bridge to tunnel through NAT. This is much slower than just sending data in a "node1 -> router -> node2" path.
+=== Web GUI ===
+If running a headless server, you should also change guiAddress to a publicly visible one (or just 0.0.0.0:8384, for example).
 It is also a good idea to protect the web GUI with a username and password: