|
|
@@ -18,7 +18,11 @@ $ docker run -p 8384:8384 -p 22000:22000 \
|
|
|
syncthing/syncthing:latest
|
|
|
```
|
|
|
|
|
|
-Note that local device discovery will not work with the above command, resulting in poor local transfer rates if local device addresses are not manually configured.
|
|
|
+## Discovery
|
|
|
+
|
|
|
+Note that local device discovery will not work with the above command,
|
|
|
+resulting in poor local transfer rates if local device addresses are not
|
|
|
+manually configured.
|
|
|
|
|
|
To allow local discovery, the docker host network can be used instead:
|
|
|
|
|
|
@@ -32,3 +36,24 @@ $ docker run --network=host \
|
|
|
Be aware that syncthing alone is now in control of what interfaces and ports it
|
|
|
listens on. You can edit the syncthing configuration to change the defaults if
|
|
|
there are conflicts.
|
|
|
+
|
|
|
+## GUI Security
|
|
|
+
|
|
|
+By default Syncthing inside the Docker image listens on 0.0.0.0:8384 to
|
|
|
+allow GUI connections via the Docker proxy. This is set by the
|
|
|
+`STGUIADDRESS` environment variable in the Dockerfile, as it differs from
|
|
|
+what Syncthing would otherwise use by default. This means you should set up
|
|
|
+authentication in the GUI, like for any other externally reachable Syncthing
|
|
|
+instance. If you do not require the GUI, or you use host networking, you can
|
|
|
+unset the `STGUIADDRESS` variable to have Syncthing fall back to listening
|
|
|
+on 127.0.0.1:
|
|
|
+
|
|
|
+```
|
|
|
+$ docker pull syncthing/syncthing
|
|
|
+$ docker run -e STGUIADDRESS= \
|
|
|
+ -v /wherever/st-sync:/var/syncthing \
|
|
|
+ syncthing/syncthing:latest
|
|
|
+```
|
|
|
+
|
|
|
+With the environment variable unset Syncthing will follow what is set in the
|
|
|
+configuration file / GUI settings dialog.
|
Jakob Borg