A _dev/2018/setup-syncthing-on-debian-server-with-nginx-reverse-proxy.md => _dev/2018/setup-syncthing-on-debian-server-with-nginx-reverse-proxy.md +126 -0
@@ 0,0 1,126 @@
+---
+title: "How-To set-up syncthing on Debian 9 with NGINX reverse proxy"
+layout: post
+date: 2018-06-02 00:00:00 +0200
+category:
+ - dev
+ - sync
+tags:
+ - development
+ - digitalocean
+ - debian
+ - syncthing
+---
+
+## Minimum requirements
+
+- Debian 9 / Ubuntu 16.04+ Linux with 512MB RAM
+- As much free disk space, as data you're planning to store
+
+## Instructions
+
+### Prepare the system
+
+ sudo apt-get update && sudo apt-get upgrade && sudo apt-get install curl nginx
+
+### Set-up Syncthing
+
+#### 1) Installation
+
+ curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
+ echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
+ sudo apt-get update & sudo apt-get install syncthing
+
+#### 2) Configuration
+
+To generate our initial config, we need to run syncthing once.
+
+`syncthing`
+
+Once the initialization has completed, simply cancel with:
+
+`CTRL-C`
+
+Now open the config ...
+
+`nano ~/.config/syncthing/config.xml`
+
+and look for this section:
+
+ <gui enabled="true" tls="false">
+ <insecureSkipHostcheck>true</insecureSkipHostcheck> # ADD THIS
+ </gui>
+
+### Install SSL certificate, configure NGINX
+
+#### 1) Installation
+
+ sudo apt-get install certbot
+ sudo systemctl stop nginx
+
+Before you generate your certificates, make sure your domain is pointed at your server.
+
+`sudo certbot certonly --standalone -d syncthing.domain.com`
+
+#### 2) Configure NGINX
+
+Now we'll need to create a NGINX config, to serve our syncthing installation.
+
+`nano /etc/nginx/sites-available/syncthing.domain.com`
+
+Use this configuration
+
+ server {
+ listen 443 ssl;
+ server_name syncthing.domain.com;
+ ssl_certificate /etc/letsencrypt/live/syncthing.domain.com/cert.pem;
+ ssl_certificate_key /etc/letsencrypt/live/syncthing.domain.com/privkey.pem;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers HIGH:!aNULL:!MD5;
+
+ location / {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+
+ proxy_pass http://localhost:8384/;
+
+ proxy_read_timeout 600s;
+ proxy_send_timeout 600s;
+
+ auth_basic "RESTRICTED ACCESS";
+ auth_basic_user_file /etc/nginx/.htpasswd;
+ }
+ }
+
+Once you're done, activate your new configuration.
+
+ cp /etc/nginx/sites-available/syncthing.domain.com /etc/nginx/sites-enabled/syncthing.domain.com
+
+#### 3) Set-up password for NGINX
+
+Now we'll need to generate the password file NGINX will utilize to authenticate us against the syncthing frontend. While syncthing offers a separate authentication mechanism, you can't be careful enough!
+
+ sudo sh -c "echo -n 'USERNAME:' >> /etc/nginx/.htpasswd"
+ sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"
+
+### Run
+
+First we'll start NGINX
+
+`sudo systemctl start nginx`
+
+then we run syncthing...
+
+`syncthing`
+
+Your syncthing installation should be accessible via
+
+`https://syncthing.domain.com`
+
+## What's next? (Future Posts)
+
+1. Register syncthing as a service
+2. Set-up a firewall
+3. Store syncthing files, in encrypted archive
M resume.md => resume.md +12 -0
@@ 11,6 11,18 @@ sitemap:
For latest projects, kindly refer to my <a href="#independent-work">independent work</a>
+### SEDVentures Middle East, <location>Tehran, Iran</location>
+<date>Summer 2018</date>
+<position>Co-Founder</position>
+
+- Negotiate investor funding for our HQ in Ireland (SEDVentures Europe Limited)
+- Establish internal processes for all common operations such as hiring, reporting
+- Source, and interview candidates for marketing, development and sales
+- Research market conditions, evaluate individual ventures based on preset factors
+- Negotiate with suppliers on products and parts for individual ventures
+- Establish supply-chain for export to Europe: source, ship, pack, distribution
+- *Start-up fever: Everybody, everything.*
+
### Sky-Hype AG, <location>Schifflange, Luxembourg</location>
<date>2016-2018</date>
<position>Full-Stack Developer, Marketing</position>