1SYNCTHING-CONFIG(5)                Syncthing               SYNCTHING-CONFIG(5)
2
3
4

NAME

6       syncthing-config - Syncthing Configuration
7

SYNOPSIS

9          $HOME/.config/syncthing
10          $HOME/Library/Application Support/Syncthing
11          %LOCALAPPDATA%\Syncthing
12

DESCRIPTION

14       New  in  version  1.5.0: Database and config can now be set separately.
15       Previously the database was always located in the same directory as the
16       config.
17
18
19       Syncthing  uses  a  single  directory to store configuration and crypto
20       keys.  Syncthing also has a database, which is often stored in this di‐
21       rectory  too.   The config location defaults to $HOME/.config/syncthing
22       (Unix-like), $HOME/Library/Application Support/Syncthing (Mac), or %LO‐
23       CALAPPDATA%\Syncthing (Windows). It can be changed at runtime using the
24       --config flag. In this directory the following files are located:
25
26       config.xml
27              The configuration file, in XML format.
28
29       cert.pem, key.pem
30              The device’s ECDSA public and private key. These form the  basis
31              for the device ID. The key must be kept private.
32
33       https-cert.pem, https-key.pem
34              The  certificate and key for HTTPS GUI connections. These may be
35              replaced with a custom certificate for HTTPS as desired.
36
37       csrftokens.txt
38              A list of recently issued CSRF tokens  (for  protection  against
39              browser cross site request forgery).
40
41       The database is stored either in the same directory as the config (usu‐
42       ally the default), but may also be located in one of the following  di‐
43       rectories (Unix-like platforms only):
44
45       • If  a  database  exists in the old default location, that location is
46         still used.
47
48       • If $XDG_DATA_HOME is set, use $XDG_DATA_HOME/syncthing.
49
50       • If ~/.local/share/syncthing exists, use that location.
51
52       • Use the old default location (same as config).
53
54       The location of the database can be changed using the --data flag.  The
55       --home  flag  sets both config and database locations at the same time.
56       The database contains the following files:
57
58       index-*.db
59              A directory holding the database with metadata and hashes of the
60              files currently on disk and available from peers.
61

CONFIG FILE FORMAT

63       The  following  shows  an  example of a default configuration file (IDs
64       will differ):
65
66       NOTE:
67          The config examples are present for illustration. Do not  copy  them
68          entirely  to use as your config. They are likely out-of-date and the
69          values may no longer correspond to the defaults.
70
71          <configuration version="30">
72              <folder id="default" label="Default Folder" path="/Users/jb/Sync/" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
73                  <filesystemType>basic</filesystemType>
74                  <device id="3LT2GA5-CQI4XJM-WTZ264P-MLOGMHL-MCRLDNT-MZV4RD3-KA745CL-OGAERQZ"></device>
75                  <minDiskFree unit="%">1</minDiskFree>
76                  <versioning></versioning>
77                  <copiers>0</copiers>
78                  <pullerMaxPendingKiB>0</pullerMaxPendingKiB>
79                  <hashers>0</hashers>
80                  <order>random</order>
81                  <ignoreDelete>false</ignoreDelete>
82                  <scanProgressIntervalS>0</scanProgressIntervalS>
83                  <pullerPauseS>0</pullerPauseS>
84                  <maxConflicts>-1</maxConflicts>
85                  <disableSparseFiles>false</disableSparseFiles>
86                  <disableTempIndexes>false</disableTempIndexes>
87                  <paused>false</paused>
88                  <weakHashThresholdPct>25</weakHashThresholdPct>
89                  <markerName>.stfolder</markerName>
90                  <copyOwnershipFromParent>false</copyOwnershipFromParent>
91                  <modTimeWindowS>0</modTimeWindowS>
92                  <maxConcurrentWrites>2</maxConcurrentWrites>
93                  <disableFsync>false</disableFsync>
94                  <blockPullOrder>standard</blockPullOrder>
95                  <copyRangeMethod>standard</copyRangeMethod>
96              </folder>
97              <device id="3LT2GA5-CQI4XJM-WTZ264P-MLOGMHL-MCRLDNT-MZV4RD3-KA745CL-OGAERQZ" name="syno" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
98                  <address>dynamic</address>
99                  <paused>false</paused>
100                  <autoAcceptFolders>false</autoAcceptFolders>
101                  <maxSendKbps>0</maxSendKbps>
102                  <maxRecvKbps>0</maxRecvKbps>
103                  <maxRequestKiB>0</maxRequestKiB>
104                  <remoteGUIPort>0</remoteGUIPort>
105              </device>
106              <gui enabled="true" tls="false" debugging="false">
107                  <address>127.0.0.1:8384</address>
108                  <apikey>k1dnz1Dd0rzTBjjFFh7CXPnrF12C49B1</apikey>
109                  <theme>default</theme>
110              </gui>
111              <ldap></ldap>
112              <options>
113                  <listenAddress>default</listenAddress>
114                  <globalAnnounceServer>default</globalAnnounceServer>
115                  <globalAnnounceEnabled>true</globalAnnounceEnabled>
116                  <localAnnounceEnabled>true</localAnnounceEnabled>
117                  <localAnnouncePort>21027</localAnnouncePort>
118                  <localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>
119                  <maxSendKbps>0</maxSendKbps>
120                  <maxRecvKbps>0</maxRecvKbps>
121                  <reconnectionIntervalS>60</reconnectionIntervalS>
122                  <relaysEnabled>true</relaysEnabled>
123                  <relayReconnectIntervalM>10</relayReconnectIntervalM>
124                  <startBrowser>true</startBrowser>
125                  <natEnabled>true</natEnabled>
126                  <natLeaseMinutes>60</natLeaseMinutes>
127                  <natRenewalMinutes>30</natRenewalMinutes>
128                  <natTimeoutSeconds>10</natTimeoutSeconds>
129                  <urAccepted>0</urAccepted>
130                  <urSeen>0</urSeen>
131                  <urUniqueID></urUniqueID>
132                  <urURL>https://data.syncthing.net/newdata</urURL>
133                  <urPostInsecurely>false</urPostInsecurely>
134                  <urInitialDelayS>1800</urInitialDelayS>
135                  <restartOnWakeup>true</restartOnWakeup>
136                  <autoUpgradeIntervalH>12</autoUpgradeIntervalH>
137                  <upgradeToPreReleases>false</upgradeToPreReleases>
138                  <keepTemporariesH>24</keepTemporariesH>
139                  <cacheIgnoredFiles>false</cacheIgnoredFiles>
140                  <progressUpdateIntervalS>5</progressUpdateIntervalS>
141                  <limitBandwidthInLan>false</limitBandwidthInLan>
142                  <minHomeDiskFree unit="%">1</minHomeDiskFree>
143                  <releasesURL>https://upgrades.syncthing.net/meta.json</releasesURL>
144                  <overwriteRemoteDeviceNamesOnConnect>false</overwriteRemoteDeviceNamesOnConnect>
145                  <tempIndexMinBlocks>10</tempIndexMinBlocks>
146                  <trafficClass>0</trafficClass>
147                  <defaultFolderPath>~</defaultFolderPath>
148                  <setLowPriority>true</setLowPriority>
149                  <maxFolderConcurrency>0</maxFolderConcurrency>
150                  <crashReportingURL>https://crash.syncthing.net/newcrash</crashReportingURL>
151                  <crashReportingEnabled>true</crashReportingEnabled>
152                  <stunKeepaliveStartS>180</stunKeepaliveStartS>
153                  <stunKeepaliveMinS>20</stunKeepaliveMinS>
154                  <stunServer>default</stunServer>
155                  <databaseTuning>auto</databaseTuning>
156                  <maxConcurrentIncomingRequestKiB>0</maxConcurrentIncomingRequestKiB>
157              </options>
158          </configuration>
159

CONFIGURATION ELEMENT

161          <configuration version="30">
162              <folder></folder>
163              <device></device>
164              <gui></gui>
165              <ldap></ldap>
166              <options></options>
167              <ignoredDevice>5SYI2FS-LW6YAXI-JJDYETS-NDBBPIO-256MWBO-XDPXWVG-24QPUM4-PDW4UQU</ignoredDevice>
168              <ignoredFolder>bd7q3-zskm5</ignoredFolder>
169          </configuration>
170
171       This is the root element. It has one attribute:
172
173       version
174              The config version. Increments whenever a change  is  made  that
175              requires migration from previous formats.
176
177       It  contains the elements described in the following sections and these
178       two additional child elements:
179
180       ignoredDevice
181              Contains the ID of the device that should be ignored. Connection
182              attempts  from  this  device are logged to the console but never
183              displayed in the web GUI.
184
185       ignoredFolder
186              Contains the ID of the  folder  that  should  be  ignored.  This
187              folder  will always be skipped when advertised from a remote de‐
188              vice, i.e. this will be logged, but  there  will  be  no  dialog
189              shown in the web GUI.
190

FOLDER ELEMENT

192          <folder id="default" label="Default Folder" path="/Users/jb/Sync/" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
193              <filesystemType>basic</filesystemType>
194              <device id="3LT2GA5-CQI4XJM-WTZ264P-MLOGMHL-MCRLDNT-MZV4RD3-KA745CL-OGAERQZ"></device>
195              <minDiskFree unit="%">1</minDiskFree>
196              <versioning></versioning>
197              <copiers>0</copiers>
198              <pullerMaxPendingKiB>0</pullerMaxPendingKiB>
199              <hashers>0</hashers>
200              <order>random</order>
201              <ignoreDelete>false</ignoreDelete>
202              <scanProgressIntervalS>0</scanProgressIntervalS>
203              <pullerPauseS>0</pullerPauseS>
204              <maxConflicts>-1</maxConflicts>
205              <disableSparseFiles>false</disableSparseFiles>
206              <disableTempIndexes>false</disableTempIndexes>
207              <paused>false</paused>
208              <weakHashThresholdPct>25</weakHashThresholdPct>
209              <markerName>.stfolder</markerName>
210              <copyOwnershipFromParent>false</copyOwnershipFromParent>
211              <modTimeWindowS>0</modTimeWindowS>
212              <maxConcurrentWrites>2</maxConcurrentWrites>
213              <disableFsync>false</disableFsync>
214              <blockPullOrder>standard</blockPullOrder>
215              <copyRangeMethod>standard</copyRangeMethod>
216          </folder>
217
218       One  or  more folder elements must be present in the file. Each element
219       describes one folder. The following attributes may be set on the folder
220       element:
221
222       id     The folder ID, which must be unique. (mandatory)
223
224       label  The  label of a folder is a human readable and descriptive local
225              name. May be different on each device, empty,  and/or  identical
226              to other folder labels. (optional)
227
228       path   The path to the directory where the folder is stored on this de‐
229              vice; not sent to other devices. (mandatory)
230
231       type   Controls how the folder is handled by Syncthing. Possible values
232              are:
233
234              sendreceive
235                     The  folder is in default mode. Sending local and accept‐
236                     ing remote changes.  Note that this type  was  previously
237                     called “readwrite” which is deprecated but still accepted
238                     in incoming configs.
239
240              sendonly
241                     The folder is in “send only” mode – it will not be  modi‐
242                     fied  by  Syncthing  on this device.  Note that this type
243                     was previously called “readonly” which is deprecated  but
244                     still accepted in incoming configs.
245
246              receiveonly
247                     The folder is in “receive only” mode – it will not propa‐
248                     gate changes to other devices.
249
250       rescanIntervalS
251              The rescan interval, in seconds. Can be set to 0 to disable when
252              external plugins are used to trigger rescans.
253
254       fsWatcherEnabled
255              If  set to true, this detects changes to files in the folder and
256              scans them.
257
258       fsWatcherDelayS
259              The duration during which changes detected are accumulated,  be‐
260              fore  a scan is scheduled (only takes effect if fsWatcherEnabled
261              is set to true).
262
263       ignorePerms
264              True if the folder should ignore permissions.
265
266       autoNormalize
267              Automatically correct UTF-8 normalization errors found  in  file
268              names.
269
270       The following child elements may exist:
271
272       device These  must  have  the id attribute and can have an introducedBy
273              attribute, identifying the device that introduced  us  to  share
274              this  folder  with the given device.  If the original introducer
275              unshares this folder with this device, our  device  will  follow
276              and  unshare the folder (subject to skipIntroductionRemovals be‐
277              ing false on the introducer device).  All mentioned devices  are
278              those  that  will  be sharing the folder in question.  Each men‐
279              tioned device must have a separate device element later  in  the
280              file.   It  is customary that the local device ID is included in
281              all folders.  Syncthing will currently add this automatically if
282              it is not present in the configuration file.
283
284       minDiskFree
285              The  minimum required free space that should be available on the
286              disk this folder resides. The folder will be  stopped  when  the
287              value  drops  below the threshold. Accepted units are %, kB, MB,
288              GB and TB. Set to zero to disable.
289
290       versioning
291              Specifies a versioning configuration.
292
293       SEE ALSO:
294          versioning
295
296       copiers, pullers, hashers
297              The number of copier, puller and hasher routines to  use,  or  0
298              for  the system determined optimums. These are low level perfor‐
299              mance options for advanced users only; do not change unless  re‐
300              quested to or you’ve actually read and understood the code your‐
301              self. :)
302
303       order  The order in which needed files should be pulled from the  clus‐
304              ter.  The possibles values are:
305
306              random Pull  files in random order. This optimizes for balancing
307                     resources among the devices in a cluster.
308
309              alphabetic
310                     Pull files ordered by file name alphabetically.
311
312              smallestFirst, largestFirst
313                     Pull files ordered by file  size;  smallest  and  largest
314                     first respectively.
315
316              oldestFirst, newestFirst
317                     Pull  files ordered by modification time; oldest and new‐
318                     est first respectively.
319
320              Note that the scanned files are sent in batches and the  sorting
321              is  applied only to the already discovered files. This means the
322              sync might start with a 1 GB file even if there  is  1  KB  file
323              available  on  the source device until the 1 KB becomes known to
324              the pulling device.
325
326       ignoreDelete
327              WARNING:
328                 Enabling this is highly discouraged - use at your  own  risk.
329                 You have been warned.
330
331              When  set  to true, this device will pretend not to see instruc‐
332              tions to delete files from other devices.
333
334       scanProgressIntervalS
335              The interval in seconds with which scan progress information  is
336              sent  to  the  GUI. Setting to 0 will cause Syncthing to use the
337              default value of two.
338
339       pullerPauseS
340              Tweak for rate limiting  the  puller  when  it  retries  pulling
341              files. Don’t change this unless you know what you’re doing.
342
343       maxConflicts
344              The  maximum  number  of  conflict copies to keep around for any
345              given file.  The default, -1, means an unlimited number. Setting
346              this to 0 disables conflict copies altogether.
347
348       disableSparseFiles
349              By default, blocks containing all zeros are not written, causing
350              files to be sparse on filesystems  that  support  this  feature.
351              When set to true, sparse files will not be created.
352
353       disableTempIndexes
354              By  default, devices exchange information about blocks available
355              in transfers that are still in progress, which allows other  de‐
356              vices  to  download  parts of files that are not yet fully down‐
357              loaded on your own device,  essentially  making  transfers  more
358              torrent  like.  When  set  to  true, such information is not ex‐
359              changed for this folder.
360
361       paused True if this folder is (temporarily) suspended.
362
363       weakHashThresholdPct
364              Use weak hash if more than the given percentage of the file  has
365              changed. Set to -1 to always use weak hash. Default is 25.
366
367       markerName
368              Name  of  a  directory  or file in the folder root to be used as
369              marker-faq. Default is .stfolder.
370
371       copyOwnershipFromParent
372              On Unix systems, tries to copy file/folder  ownership  from  the
373              parent directory (the directory it’s located in).  Requires run‐
374              ning Syncthing as a privileged user, or granting  it  additional
375              capabilities (e.g. CAP_CHOWN on Linux).
376
377       modTimeWindowS
378              Allowed  modification  timestamp difference when comparing files
379              for equivalence. To be used on file systems which have  unstable
380              modification  timestamps  that might change after being recorded
381              during the last write operation. Default is 2  on  Android  when
382              the folder is located on a FAT partition, and 0 otherwise.
383
384       maxConcurrentWrites
385              Maximum number of concurrent write operations while syncing. In‐
386              creasing this might increase or decrease disk  performance,  de‐
387              pending on the underlying storage. Default is 2.
388
389       disableFsync
390
391          WARNING:
392              This is a known insecure option - use at your own risk.
393
394          Disables committing file operations to disk before recording them in
395          the database.  Disabling fsync can lead to data corruption.
396
397       blockPullOrder
398              Order in which the blocks of a file are downloaded. This  option
399              controls  how quickly different parts of the file spread between
400              the connected devices, at the cost  of  causing  strain  on  the
401              storage.
402
403              Available options:
404
405              standard (default):
406                     The  blocks  of  a file are split into N equal continuous
407                     sequences, where N is the number  of  connected  devices.
408                     Each  device  starts  downloading its own sequence, after
409                     which it picks other devices sequences  at  random.  Pro‐
410                     vides  acceptable  data distribution and minimal spinning
411                     disk strain.
412
413              random:
414                     The blocks of a file are downloaded in  a  random  order.
415                     Provides  great  data  distribution,  but  very taxing on
416                     spinning disk drives.
417
418              inOrder:
419                     The blocks of a file are  downloaded  sequentially,  from
420                     start  to  finish. Spinning disk drive friendly, but pro‐
421                     vides no improvements to data distribution.
422
423       copyRangeMethod
424              Provides a choice of method for copying data between files. This
425              can  be  used to optimise copies on network filesystems, improve
426              speed of large copies or  clone  the  data  using  copy-on-write
427              functionality if the underlying filesystem supports it.
428
429              See folder-copyRangeMethod for details.
430

DEVICE ELEMENT

432          <device id="5SYI2FS-LW6YAXI-JJDYETS-NDBBPIO-256MWBO-XDPXWVG-24QPUM4-PDW4UQU" name="syno" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="2CYF2WQ-AKZO2QZ-JAKWLYD-AGHMQUM-BGXUOIS-GYILW34-HJG3DUK-LRRYQAR">
433              <address>dynamic</address>
434              <paused>false</paused>
435              <autoAcceptFolders>false</autoAcceptFolders>
436              <maxSendKbps>0</maxSendKbps>
437              <maxRecvKbps>0</maxRecvKbps>
438              <maxRequestKiB>0</maxRequestKiB>
439              <remoteGUIPort>0</remoteGUIPort>
440          </device>
441          <device id="2CYF2WQ-AKZO2QZ-JAKWLYD-AGHMQUM-BGXUOIS-GYILW34-HJG3DUK-LRRYQAR" name="syno local" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
442              <address>tcp://192.0.2.1:22001</address>
443              <paused>true</paused>
444              <allowedNetwork>192.168.0.0/16</allowedNetwork>
445              <autoAcceptFolders>false</autoAcceptFolders>
446              <maxSendKbps>100</maxSendKbps>
447              <maxRecvKbps>100</maxRecvKbps>
448              <maxRequestKiB>65536</maxRequestKiB>
449              <remoteGUIPort>8384</remoteGUIPort>
450          </device>
451
452       One  or  more device elements must be present in the file. Each element
453       describes a device participating in the cluster. It is customary to in‐
454       clude  a  device element for the local device; Syncthing will currently
455       add one if it is not present. The following attributes may  be  set  on
456       the device element:
457
458       id     The device ID. (mandatory)
459
460       name   A friendly name for the device. (optional)
461
462       compression
463              Whether  to  use  protocol  compression when sending messages to
464              this device.  The possible values are:
465
466              metadata
467                     Compress metadata packets,  such  as  index  information.
468                     Metadata  is usually very compression friendly so this is
469                     a good default.
470
471              always Compress all packets, including file data. This is recom‐
472                     mended  if  the  folders contents are mainly compressible
473                     data such as documents or text files.
474
475              never  Disable all compression.
476
477       introducer
478              Set to true if this device should be trusted as  an  introducer,
479              i.e.  we  should copy their list of devices per folder when con‐
480              necting.
481
482       SEE ALSO:
483          introducer
484
485       skipIntroductionRemovals
486              Set to true if you wish to follow  only  introductions  and  not
487              de-introductions.  For example, if this is set, we would not re‐
488              move a device that we were introduced to even  if  the  original
489              introducer is no longer listing the remote device as known.
490
491       introducedBy
492              Defines which device has introduced us to this device. Used only
493              for following de-introductions.
494
495       certName
496              The device certificate’s common name, if it is not  the  default
497              “syncthing”.
498
499       From  the  following child elements at least one address child must ex‐
500       ist.
501
502       address
503              Contains an address or host name to use when attempting to  con‐
504              nect to this device.  Entries other than dynamic need a protocol
505              specific prefix.  For  the  TCP  protocol  the  prefixes  tcp://
506              (dual-stack),  tcp4:// (IPv4 only) or tcp6:// (IPv6 only) can be
507              used.   The  prefixes  for  the  QUIC  protocol  are  analogous:
508              quic://,  quic4://  and quic6:// Note that IP addresses need not
509              use IPv4 or IPv6 prefixes; these are optional. Accepted  formats
510              are:
511
512              IPv4 address (tcp://192.0.2.42)
513                     The default port (22000) is used.
514
515              IPv4 address and port (tcp://192.0.2.42:12345)
516                     The address and port is used as given.
517
518              IPv6 address (tcp://[2001:db8::23:42])
519                     The default port (22000) is used. The address must be en‐
520                     closed in square brackets.
521
522              IPv6 address and port (tcp://[2001:db8::23:42]:12345)
523                     The address and port is used as given. The  address  must
524                     be enclosed in square brackets.
525
526              Host name (tcp6://fileserver)
527                     The  host  name  will be used on the default port (22000)
528                     and connections will be attempted only via IPv6.
529
530              Host name and port (tcp://fileserver:12345)
531                     The host name will be used on the given port and  connec‐
532                     tions will be attempted via both IPv4 and IPv6, depending
533                     on name resolution.
534
535              dynamic
536                     The word dynamic (without any prefix) means to use  local
537                     and global discovery to find the device.
538
539              You  can  set multiple addresses and combine it with the dynamic
540              keyword for example:
541
542                 <device id="...">
543                     <address>tcp://192.0.2.1:22001</address>
544                     <address>quic://192.0.1.254:22000</address>
545                     <address>dynamic</address>
546                 </device>
547
548       paused True if synchronization with this devices is (temporarily)  sus‐
549              pended.
550
551       allowedNetwork
552              If given, this restricts connections to this device to only this
553              network (see allowed-networks).
554
555       maxSendKbps
556              Maximum send rate to use for this device. Unit is kibibytes/sec‐
557              ond, despite the config name looking like kilobits/second.
558
559       maxRecvKbps
560              Maximum   receive   rate   to  use  for  this  device.  Unit  is
561              kibibytes/second, despite the config  name  looking  like  kilo‐
562              bits/second.
563
564       maxRequestKiB
565              Maximum  amount  of data to have outstanding in requests towards
566              this device.  Unit is kibibytes.
567
568       remoteGUIPort
569              If set to a positive integer, the GUI will display an HTTP  link
570              to  the  IP address which is currently used for synchronization.
571              Only the TCP port is exchanged for  the  value  specified  here.
572              Note  that  any  port forwarding or firewall settings need to be
573              done manually and the link will probably not work for link-local
574              IPv6 addresses because of modern browser limitations.
575

GUI ELEMENT

577          <gui enabled="true" tls="false" debugging="false">
578              <address>127.0.0.1:8384</address>
579              <apikey>l7jSbCqPD95JYZ0g8vi4ZLAMg3ulnN1b</apikey>
580              <theme>default</theme>
581          </gui>
582
583       There  must  be  exactly one gui element. The GUI configuration is also
584       used by the rest-api and the event-api. The following attributes may be
585       set on the gui element:
586
587       enabled
588              If not true, the GUI and API will not be started.
589
590       tls    If set to true, TLS (HTTPS) will be enforced. Non-HTTPS requests
591              will be redirected to HTTPS. When set to false, TLS  connections
592              are still possible but not required.
593
594       debugging
595              This enables profiling and additional debugging endpoints in the
596              rest-api.
597
598       The following child elements may be present:
599
600       address
601              Set the listen address. One address element must be present. Al‐
602              lowed address formats are:
603
604              IPv4 address and port (127.0.0.1:8384)
605                     The address and port are used as given.
606
607              IPv6 address and port ([::1]:8384)
608                     The  address and port are used as given. The address must
609                     be enclosed in square brackets.
610
611              Wildcard and port (0.0.0.0:12345, [::]:12345, :12345)
612                     These are equivalent and will result in Syncthing listen‐
613                     ing on all interfaces via both IPv4 and IPv6.
614
615              UNIX socket location (/var/run/st.sock)
616                     If  the  address is an absolute path it is interpreted as
617                     the path to a UNIX socket.
618
619       unixSocketPermissions
620              When address is set to a UNIX socket location, set  this  to  an
621              octal value to override the default permissions of the socket.
622
623       user   Set to require authentication.
624
625       password
626              Contains the bcrypt hash of the real password.
627
628       apikey If  set,  this is the API key that enables usage of the REST in‐
629              terface.
630
631       insecureAdminAccess
632              If true, this allows access to the web GUI  from  outside  (i.e.
633              not  localhost)  without authorization. A warning will displayed
634              about this setting on startup.
635
636       theme  The name of the theme to use.
637
638       authMode
639              Authentication mode to use. If not present,  the  authentication
640              mode  (static)  is  controlled  by the presence of user/password
641              fields for backward compatibility.
642
643              static Authentication using user and password.
644
645              ldap   LDAP authentication. Requires ldap top level config  sec‐
646                     tion to be present.
647

LDAP ELEMENT

649          <ldap>
650              <address>localhost:389</address>
651              <bindDN>cn=%s,ou=users,dc=syncthing,dc=net</bindDN>
652              <transport>nontls</transport>
653              <insecureSkipVerify>false</insecureSkipVerify>
654          </ldap>
655
656       The ldap element contains LDAP configuration options.
657
658       address
659              LDAP server address (server:port).
660
661       bindDN BindDN  for  user authentication.  Special %s variable should be
662              used to pass username to LDAP.
663
664       transport
665
666          nontls Non secure connection.
667
668          tls    TLS secured connection.
669
670          starttls
671                 StartTLS connection mode.
672
673       insecureSkipVerify
674              Skip verification (true or false).
675

OPTIONS ELEMENT

677          <options>
678              <listenAddress>default</listenAddress>
679              <globalAnnounceServer>default</globalAnnounceServer>
680              <globalAnnounceEnabled>true</globalAnnounceEnabled>
681              <localAnnounceEnabled>true</localAnnounceEnabled>
682              <localAnnouncePort>21027</localAnnouncePort>
683              <localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>
684              <maxSendKbps>0</maxSendKbps>
685              <maxRecvKbps>0</maxRecvKbps>
686              <reconnectionIntervalS>60</reconnectionIntervalS>
687              <relaysEnabled>true</relaysEnabled>
688              <relayReconnectIntervalM>10</relayReconnectIntervalM>
689              <startBrowser>true</startBrowser>
690              <natEnabled>true</natEnabled>
691              <natLeaseMinutes>60</natLeaseMinutes>
692              <natRenewalMinutes>30</natRenewalMinutes>
693              <natTimeoutSeconds>10</natTimeoutSeconds>
694              <urAccepted>0</urAccepted>
695              <urSeen>0</urSeen>
696              <urUniqueID></urUniqueID>
697              <urURL>https://data.syncthing.net/newdata</urURL>
698              <urPostInsecurely>false</urPostInsecurely>
699              <urInitialDelayS>1800</urInitialDelayS>
700              <restartOnWakeup>true</restartOnWakeup>
701              <autoUpgradeIntervalH>12</autoUpgradeIntervalH>
702              <upgradeToPreReleases>false</upgradeToPreReleases>
703              <keepTemporariesH>24</keepTemporariesH>
704              <cacheIgnoredFiles>false</cacheIgnoredFiles>
705              <progressUpdateIntervalS>5</progressUpdateIntervalS>
706              <limitBandwidthInLan>false</limitBandwidthInLan>
707              <minHomeDiskFree unit="%">1</minHomeDiskFree>
708              <releasesURL>https://upgrades.syncthing.net/meta.json</releasesURL>
709              <overwriteRemoteDeviceNamesOnConnect>false</overwriteRemoteDeviceNamesOnConnect>
710              <tempIndexMinBlocks>10</tempIndexMinBlocks>
711              <trafficClass>0</trafficClass>
712              <defaultFolderPath>~</defaultFolderPath>
713              <setLowPriority>true</setLowPriority>
714              <maxFolderConcurrency>0</maxFolderConcurrency>
715              <crashReportingURL>https://crash.syncthing.net/newcrash</crashReportingURL>
716              <crashReportingEnabled>true</crashReportingEnabled>
717              <stunKeepaliveStartS>180</stunKeepaliveStartS>
718              <stunKeepaliveMinS>20</stunKeepaliveMinS>
719              <stunServer>default</stunServer>
720              <databaseTuning>auto</databaseTuning>
721              <maxConcurrentIncomingRequestKiB>0</maxConcurrentIncomingRequestKiB>
722          </options>
723
724       The options element contains all other global configuration options.
725
726       listenAddress
727              The listen address for incoming sync connections. See Listen Ad‐
728              dresses for the allowed syntax.
729
730       globalAnnounceServer
731              A  URI  to a global announce (discovery) server, or the word de‐
732              fault to include the default servers. Any  number  of  globalAn‐
733              nounceServer elements may be present. The syntax for non-default
734              entries is that of an HTTP or HTTPS URL. A number of options may
735              be  added  as query options to the URL: insecure to prevent cer‐
736              tificate validation (required for HTTP URLs) and id=<device  ID>
737              to  perform certificate pinning. The device ID to use is printed
738              by the discovery server on startup.
739
740       globalAnnounceEnabled
741              Whether to announce this device to the global announce  (discov‐
742              ery) server, and also use it to look up other devices.
743
744       localAnnounceEnabled
745              Whether  to  send  announcements to the local LAN, also use such
746              announcements to find other devices.
747
748       localAnnouncePort
749              The port on which to listen and send  IPv4  broadcast  announce‐
750              ments to.
751
752       localAnnounceMCAddr
753              The  group  address and port to join and send IPv6 multicast an‐
754              nouncements on.
755
756       maxSendKbps
757              Outgoing data rate limit, in kibibytes per second.
758
759       maxRecvKbps
760              Incoming data rate limits, in kibibytes per second.
761
762       reconnectionIntervalS
763              The number of seconds to wait between each attempt to connect to
764              currently unconnected devices.
765
766       relaysEnabled
767              When  true, relays will be connected to and potentially used for
768              device to device connections.
769
770       relayReconnectIntervalM
771              Sets the interval, in minutes, between relay reconnect attempts.
772
773       startBrowser
774              Whether to attempt to start a browser to show the GUI when Sync‐
775              thing starts.
776
777       natEnabled
778              Whether  to  attempt  to perform a UPnP and NAT-PMP port mapping
779              for incoming sync connections.
780
781       natLeaseMinutes
782              Request a lease for this many minutes; zero to request a  perma‐
783              nent lease.
784
785       natRenewalMinutes
786              Attempt to renew the lease after this many minutes.
787
788       natTimeoutSeconds
789              When scanning for UPnP devices, wait this long for responses.
790
791       urAccepted
792              Whether  the  user  has accepted to submit anonymous usage data.
793              The default, 0, mean the user has not made a choice,  and  Sync‐
794              thing  will ask at some point in the future. -1 means no, a num‐
795              ber above zero means that that version of  usage  reporting  has
796              been accepted.
797
798       urSeen The  highest usage reporting version that has already been shown
799              in the web GUI.
800
801       urUniqueID
802              The unique ID sent together with  the  usage  report.  Generated
803              when usage reporting is enabled.
804
805       urURL  The URL to post usage report data to, when enabled.
806
807       urPostInsecurely
808              When  true,  the  UR URL can be http instead of https, or have a
809              self-signed certificate. The default is false.
810
811       urInitialDelayS
812              The time to wait from startup for the first usage report  to  be
813              sent.  Allows  the  system to stabilize before reporting statis‐
814              tics.
815
816       restartOnWakeup
817              Whether to perform a restart of Syncthing when  it  is  detected
818              that we are waking from sleep mode (i.e. an unfolding laptop).
819
820       autoUpgradeIntervalH
821              Check  for  a  newer  version after this many hours. Set to 0 to
822              disable automatic upgrades.
823
824       upgradeToPreReleases
825              If true, automatic upgrades include release candidates (see  re‐
826              leases).
827
828       keepTemporariesH
829              Keep  temporary  failed transfers for this many hours. While the
830              temporaries are kept, the data they contain need not  be  trans‐
831              ferred again.
832
833       cacheIgnoredFiles
834              Whether  to cache the results of ignore pattern evaluation. Per‐
835              formance at the price of memory. Defaults to false as  the  cost
836              for evaluating ignores is usually not significant.
837
838       progressUpdateIntervalS
839              How  often  in seconds the progress of ongoing downloads is made
840              available to the GUI.
841
842       limitBandwidthInLan
843              Whether to apply bandwidth limits to devices in the same  broad‐
844              cast domain as the local device.
845
846       minHomeDiskFree
847              The  minimum required free space that should be available on the
848              partition holding the configuration and  index.  Accepted  units
849              are %, kB, MB, GB and TB.
850
851       releasesURL
852              The  URL from which release information is loaded, for automatic
853              upgrades.
854
855       alwaysLocalNet
856              Network that should be considered as local given in  CIDR  nota‐
857              tion.
858
859       overwriteRemoteDeviceNamesOnConnect
860              If  set,  device  names will always be overwritten with the name
861              given by remote on each connection. By default,  the  name  that
862              the remote device announces will only be adopted when a name has
863              not already been set.
864
865       tempIndexMinBlocks
866              When exchanging index information for incomplete transfers, only
867              take into account files that have at least this many blocks.
868
869       unackedNotificationID
870              ID of a notification to be displayed in the web GUI. Will be re‐
871              moved once the user acknowledged it (e.g. an  transition  notice
872              on an upgrade).
873
874       trafficClass
875              Specify  a type of service (TOS)/traffic class of outgoing pack‐
876              ets.
877
878       stunServer
879              Server to be used for STUN, given as ip:port.  The  keyword  de‐
880              fault  gets  expanded to stun.callwithus.com:3478, stun.counter‐
881              path.com:3478,  stun.counterpath.net:3478,  stun.ekiga.net:3478,
882              stun.ideasip.com:3478,              stun.internetcalls.com:3478,
883              stun.schlund.de:3478,     stun.sipgate.net:10000,      stun.sip‐
884              gate.net:3478,                          stun.voip.aebc.com:3478,
885              stun.voiparound.com:3478,  stun.voipbuster.com:3478,  stun.voip‐
886              stunt.com:3478 and stun.xten.com:3478 (this is the default).
887
888       stunKeepaliveSeconds
889              Interval in seconds between contacting a STUN server to maintain
890              NAT mapping. Default is 24 and you can set it to  0  to  disable
891              contacting STUN servers.
892
893       defaultFolderPath
894              The UI will propose to create new folders at this path. This can
895              be disabled by setting this to an empty string.
896
897       setLowPriority
898              Syncthing will attempt to lower its process priority at startup.
899              Specifically:  on Linux, set itself to a separate process group,
900              set the niceness level of that process group to nine and the I/O
901              priority  to  best  effort  level five; on other Unixes, set the
902              process niceness level to nine; on Windows, set the process pri‐
903              ority class to below normal. To disable this behavior, for exam‐
904              ple to control process priority yourself as  part  of  launching
905              Syncthing, set this option to false.
906
907   Listen Addresses
908       The  following  address  types are accepted in sync protocol listen ad‐
909       dresses.  If you want Syncthing to listen on  multiple  addresses,  you
910       can either: add multiple <listenAddress> tags in the configuration file
911       or enter several addresses separated by commas in the GUI.
912
913       Default listen addresses (default)
914              This is equivalent to tcp://0.0.0.0:22000,  quic://0.0.0.0:22000
915              and dynamic+https://relays.syncthing.net/endpoint.
916
917       TCP wildcard and port (tcp://0.0.0.0:22000, tcp://:22000)
918              These  are  equivalent and will result in Syncthing listening on
919              all interfaces, IPv4 and IPv6, on the specified port.
920
921       TCP IPv4 wildcard and port (tcp4://0.0.0.0:22000, tcp4://:22000)
922              These are equivalent and will result in Syncthing  listening  on
923              all interfaces via IPv4 only.
924
925       TCP IPv4 address and port (tcp4://192.0.2.1:22000)
926              This results in Syncthing listening on the specified address and
927              port, IPv4 only.
928
929       TCP IPv6 wildcard and port (tcp6://[::]:22000, tcp6://:22000)
930              These are equivalent and will result in Syncthing  listening  on
931              all interfaces via IPv6 only.
932
933       TCP IPv6 address and port (tcp6://[2001:db8::42]:22000)
934              This results in Syncthing listening on the specified address and
935              port, IPv6 only.
936
937       QUIC address and port (e.g. quic://0.0.0.0:22000)
938              Syntax is the same as for TCP, also quic4 and quic6 can be used.
939
940       Static relay address (relay://192.0.2.42:22067?id=abcd123...)
941              Syncthing will connect to and listen  for  incoming  connections
942              via the specified relay address.
943
944   Todo
945       Document available URL parameters.
946
947       Dynamic relay pool (dynamic+https://192.0.2.42/relays)
948              Syncthing  will  fetch  the  specified HTTPS URL, parse it for a
949              JSON payload describing relays, select a relay from  the  avail‐
950              able  ones and listen via that as if specified as a static relay
951              above.
952
953   Todo
954       Document available URL parameters.
955

SYNCING CONFIGURATION FILES

957       Syncing configuration files between devices (such that multiple devices
958       are  using the same configuration files) can cause issues. This is easy
959       to do accidentally if you sync your home folder between devices. A com‐
960       mon  symptom  of  syncing  configuration files is two devices ending up
961       with the same Device ID.
962
963       If you want to use Syncthing to backup your configuration files, it  is
964       recommended  that the files you are backing up are in a folder-sendonly
965       to prevent other devices from overwriting the per device configuration.
966       The  folder on the remote device(s) should not be used as configuration
967       for the remote devices.
968
969       If you’d like to sync your home folder in non-send only mode,  you  may
970       add  the folder that stores the configuration files to the ignore list.
971       If you’d also like to backup  your  configuration  files,  add  another
972       folder in send only mode for just the configuration folder.
973

AUTHOR

975       The Syncthing Authors
976
978       2014-2019, The Syncthing Authors
979
980
981
982
983v1                               Oct 17, 2021              SYNCTHING-CONFIG(5)
Impressum