Multiple Sync Instances - Ubuntu/Raspbian Server

[jake.sadie]

Many years ago I set up a BitTorrent sync as the solution of choice for our research group to sync/backup individual user files to the server. I used a solution similar to the one described here (https://www.8layer8.com/?p=1082) to create config files for each user which pointed to their individual sync directories. The config files would include hard-coded directory keys. Each user would then connect to these folders with their keys in order to simply backup their data onto the server.

With the move to Resilio Sync, I haven't seen any documentation around using this method (or something similar) to achieve the same end goal. Has anyone had success in implementing multiple instances for different users on their server?

 

[jdrch]

Quote

I haven't seen any documentation around using this method

Linux documentation used to be bad, but how about this link? After installing, scroll down to the Managing Sync section. Seems to me that you should be able to grant the rslsync user R/W access to the folders of the users on the server by adding it to the same user group they're in, then checking for and granting (if necessary) R/W permissions on the synced folders themselves.

Another option: since each user has their own home directory on the server, it stands to reason they also have accounts on the server. That means all you have to do is install Sync to each account and have them each configure it. AFAIK the only problem with this approach is Sync won't run if the user isn't logged in, though I think you can change that behavior with the proper systemctl command. Personally I was never able to get Sync to run at startup on Linux Mint without me logged in, but you sound like you're better at Linux than I am.

Hope that helps!

[iswrong]

8 hours ago, jdrch said:

Linux documentation used to be bad, but how about this link? After installing, scroll down to the Managing Sync section. Seems to me that you should be able to grant the rslsync user R/W access to the folders of the users on the server by adding it to the same user group they're in, then checking for and granting (if necessary) R/W permissions on the synced folders themselves.

I don't think it is a good security practice to give sync blanket group access (unless you want sync to backup the complete user account). On most Linux distributions, the primary group of a user is unique (e.g. a user 'john' would be in the group 'john'). If you use a modern filesystem, you could use access control lists to give sync access to specific folders. See 'man setfacl', something like the following should do the trick:

setfacl -d -m user:rlsync:rwx somedir

The '-d' flag makes the ACL a default ACL for the directory (so that the ACLs are inherited by files created in somedir).

Quote

Another option: since each user has their own home directory on the server, it stands to reason they also have accounts on the server. That means all you have to do is install Sync to each account and have them each configure it. AFAIK the only problem with this approach is Sync won't run if the user isn't logged in, though I think you can change that behavior with the proper systemctl command. Personally I was never able to get Sync to run at startup on Linux Mint without me logged in, but you sound like you're better at Linux than I am.

That's easy to do with systemd. I have once written up the configuration here:

https://danieldk.eu/Posts/2015-10-18-erp.html

'btsync' just becomes 'rlsync'.

[jdrch]

Fair enough. Security vs. convenience, I guess. Manually setting ACLs is a major PITA, but yes, it does create a more secure setup. Thanks for the systemd writeup.