Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[syncthing] Mount only /media, /share and /backups #458

Closed
salim-b opened this issue Jan 13, 2024 · 10 comments · Fixed by #467 or #470
Closed

[syncthing] Mount only /media, /share and /backups #458

salim-b opened this issue Jan 13, 2024 · 10 comments · Fixed by #467 or #470
Labels
syncthing syncthing Addon

Comments

@salim-b
Copy link
Contributor

salim-b commented Jan 13, 2024

I was wondering whether we should limit the mounts (map in config.yaml) by

  • mounting ssl read-only, i.e. remove the :rw, or even completely removing ssl. Why does Syncthing need access to custom certs in the first place? We have Ingress for that, no?
  • removing addons:rw. What is the use case for Syncthing having access to local add-ons? Not even the official File editor add-on has access to addons since it's deemed confusing for non-developers.
@Poeschl Poeschl added the syncthing syncthing Addon label Jan 13, 2024
@salim-b salim-b mentioned this issue Jan 14, 2024
Closed
@salim-b
Copy link
Contributor Author

salim-b commented Jan 14, 2024

We should reconsider this since people actually like to sync HA-internal files, it appears. So maybe even do the opposite of the above and expose all_addon_configs:rw and homeassistant_config:rw, too?

@Poeschl
Copy link
Owner

Poeschl commented Jan 14, 2024

I would suggest that we enable the mount but add a warning in the addon Readme about the security risk.

@jwinston100
Copy link

I would just like to second the idea of allowing exposure to /config perhaps with a warning, as I personally have been using Syncthing to edit files in /config via other devices.

@salim-b
Copy link
Contributor Author

salim-b commented Jan 14, 2024

I would suggest that we enable the mount but add a warning in the addon Readme about the security risk.

That sounds reasonable.

I think that people could generally use some guidance with the different persistent directories available to Syncthing. Maybe we should just include a table similar to this one with a short explanation of each dir? Unfortunately, the official documentation about these dirs (documented under the map key) is very sparse, so just linking to it is not really an option.

@Poeschl
Copy link
Owner

Poeschl commented Jan 14, 2024

@salim-b The table is a nice idea. That would be a great thing to have.

@MJeka
Copy link

MJeka commented Jan 25, 2024

How to sync /config folder? I have several redundant servers that need to have up-to-date information with automatic synchronization of configuration files

@alucryd
Copy link

alucryd commented Feb 26, 2024

Being able to sync /config would be great indeed, that was the sole reason I looked into a syncthing add-on in the first place.

@jwinston100
Copy link

I agree with @alucryd. I had mentioned this issue before. The /config directory is the only one I have ever used, as it lets me edit automations.yaml, configuration.yaml, etc. on other devices. I had to roll back to a previous version and turn off auto-update. I hope a future version allows us to access that directory.

@salim-b salim-b mentioned this issue Mar 8, 2024
Merged
@salim-b
Copy link
Contributor Author

salim-b commented Mar 8, 2024

@salim-b The table is a nice idea. That would be a great thing to have.

See #467.

@jwinston100
Copy link

Thank you @salim-b for helping to fix this issue!

@Poeschl Poeschl mentioned this issue Mar 24, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
syncthing syncthing Addon
Projects
None yet
Milestone
No milestone
5 participants
@alucryd @MJeka @Poeschl @salim-b @jwinston100