 Welcome to the home lab show episode 23 sink thing. This is a fun tool, me and Jay been using it for a while. And I said, you know, we thought we did a video on it already. We're like, okay, but we haven't. So we have to now. Yeah. I kind of thought like we probably should have done this like a long time ago because we've been talking about this for so long. And I was surprised when I noticed that we didn't have an episode about it yet. Yeah. And I think the reason we didn't have a dedicated episode about it is because the honorable mentions it's had across several videos as being one of the popular things to run on your NAS and, you know, ways you can sync. When Wendell was on, we talked about syncing things without using commercial software where you maintain the entire privacy yourself and syncing comes up because it's open source and fits that transport. There's a few competing products out there, but they're not open source. They're not always free and they don't have all the features of syncing. So that's one of the reasons we decided, right? This needs its own dedicated video because there's a lot to talk about here. And what we're gonna be breaking down a lot is use cases and documentation and how the protocol works and lots of little nuanced details. But before we dive into that and a place you can run syncing and this is a scenario we're gonna talk about would be Linode. You can put your syncing on Linode and we're gonna cover zero trust because we like Linode, but trusting your data to be in the cloud, it's always something of things can happen. So that is at least one of the topics. But on that topic of how do you get Linode? We have an offer code, don't we Jay? I sure do. And if I remember correctly, that gets you $100 in free credit. That's good for I think three months towards a new account. So you could set up sync thing. You could also maybe combine it with zero tier. There's all kinds of cool things you could do with a sync thing, the zero trust thing you mentioned we could do as well. The stack scripts, it's very easy to use and it's awesome. And if you've listening to this and downloaded this podcast, you've downloaded it from Linode servers. We don't just have them as a sponsor, they are actually the place where we host the homelab.show. And Jay has all of his infrastructure on there. I'm slowly on my way to migration because migration is time consuming. So he still wants to call me out for not having everything on Linode. I've done some videos on it, but yes, some of my stuff is scattered around elsewhere and some of it's even self-hosted. So, but Linode's been a great friend of the show here and a great and easy way to get started. If you don't have a lab in your house, you can use their lab in the cloud. So thanks Linode for sponsoring the show. Much appreciated. Now, I'm gonna read some of the things from sync thing here. This is really just great, just the highlights of it here. Private and secure, private. None of your data is ever stored anywhere else other than on your computers. What they mean by that is anywhere you set this up. Encrypted, all communication is secured using TLS. The encryption used includes perfect forward secrecy to prevent any eShrapper from ever gaining access to your data. This is awesome. So it's not like if they got the keys and had a capture, they can get it. That's what perfect forward secrecy adds another layer on top of that. And by the way, if you're curious to what depths that their security protocol works, you can go deep. The documentation is great and well documented in terms of how they handle encryption and how they handle all the security in there, which is really slick. I like the fact that any company, and this is something a lot of the open source products and sync thing especially has been doing for a while and we're starting to see like a demand from some of the commercial vendors is we wanna know how you built your security because with supply chain style attacks and people not implementing things in the most secure manner opens us up to a lot of threat surface. So I love seeing that they've taken the time and not recently, but since the beginning to really document how the protocol works for those of you that really wanna go deep, they can go as deep as you want in documentation. You can get lost in it for a little while. It's also just good learning. So that's, I don't know if you've ever taken the time to read through some of the stuff in there, Jay, but it's authenticated. Every device is identified by cryptographic certificates. Only devices you have explicitly allowed can connect to other devices. This is part of the challenge, I would say, was think thing that gets confused when people first start with it because it is a challenge and accept back and forth. So even if I were to expose my credentials and logins and everything for like the key for my sync thing, it doesn't get you in because you need to present the key from one sync thing to another. And if I publicly expose that, you would be able to try to join my sync thing session. But then I still have to implicitly accept. I mean, you can override this, but at least by default, you have to accept those connections. This is, makes it a little more difficult because people like, hey, I put the credentials from one to the other and I put the address in and it didn't do anything. I'm like, go in, wait a minute, you'll see it pop up that you would like to accept this connection. You have to implicitly say yes. And they're like, oh, okay. It's an important little side note there, but it actually one more layer because they don't make it easy for you to accidentally leave this exposed and have people just jump into it. Open protocol, the protocol is a documented specification, no hidden magic, open source, of course that's near and dear to our hearts because we can look at it, we can see the code, we can audit the code. Open development, any bugs found are immediately visible for anyone browse, no hidden flaws. And open discourse development and usage is always open for discussion. They have forums and things like that so you can engage with everyone there. Now, one of the things that will go a step further is the file that actually controls all the configuration, no magic there either, it's all XML. And I believe Jay, you did some work with Ansible on that. Oh yeah, my whole setup, other than accepting nodes, that's the only thing. Other than that, it's completely Ansible. Like I have a whole Ansible playbook that goes through, sets up the username, the password, hash, the dark mode is enabled, all those things, it's great. Oh yeah, by the way, it has dark mode. It has dark mode, yep. But this is one of the cool things about it is having a backend XML file. So not only do you get to configure it, now it has a web interface that you can manage it through that, but for those of you that want to do scripted installs and actually tell people about your use case shakes. I don't, you're the first person who's ever heard do this with a bunch of Raspberry Pi's but I think this is clever. Yeah, so I mean, one thing I want to mention too is that the use case, I mean, it's basically what you said but in general, it's getting data for me to be, right? You have two devices, you want them to have a folder that has the same data inside of it. And immediately you think of your documents, right? And maybe your pictures and things like that, that's all fair game. It doesn't really matter what you sync. But I also have Retro Pi's all over the house. I'm a big time retro gamer. I'm probably gonna be starting a retro gaming channel sometime this fall as a secondary thing that's so much I love retro gaming. So Retro Pi's are on every TV and sync thing is on every Retro Pi. So all the save files are synced via sync thing. So I could play Super Mario World on one TV, just close it down and then go to the bedroom and bring it up and there you go. Same save file, it's right there. So all of my save files for my games are synced and if you use your imagination, that's where I think sync thing really shines because it's not just your files, just think about other things that you want to be the same on different nodes. And I think you could probably come up with some pretty useful ideas. Yeah, one of the things that we should probably get out of the way is what sync thing is not. This is a problem is saying that it's like Dropbox, for example, the way Dropbox would synchronize files or OneDrive would synchronize files. And your two common commercial ones or Google Drive is not exactly accurate because it synchronizes everything in directory A and directory A on another computer. It will synchronize those directories. It does have some conflict management systems in there. So if two people were editing at the same time and sync thing wasn't synchronizing and we both save at the same time and then we tell it to sync, it'll have some conflict resolution, it'll give them names. So it does have methods to deal with this but what it doesn't have at the moment, and I don't know that there's any plans on the horizon for this particular feature is something you may get with OneDrive. So let's say I have 10 terabytes of data and I'd like to share it with Jay. Jay's like, oh, I wanted to share it on this computer but I only want a couple of files out there. I don't want to sync the whole 10 terabytes. It doesn't have that as an option. So when you sync a folder, it syncs the folder. It doesn't have like Dropbox would be an easy example because they got the option to or even OneDrive. You can right click and say only download these things or make them available when I click on them. There's some nuance that can be done there is that is not how sync thing works. That's something that a lot of people question because they're looking for an alternative. They want to synchronize something to their smaller device without as much storage as their main device. You kind of have to sync a sub folder to be able to do that or just the critical data you want. But if you sync an entire 10 terabyte folder, then 10 terabytes gets synchronized across each node. So this is- Right. Yeah. And it's important to note you can exclude though which isn't really a solution to that, but it could be. So it's a perfect example for my business. I'm making YouTube videos, right? And these 4K videos are huge and sync thing absolutely synchronizes my projects folder with every computer because if I'm working on a video, I don't care what computer I'm on, I want to edit that video wherever I am. That's usually done on my desktop. But that being said, I want my data everywhere. But every now and then if I'm using a laptop that has a 200 gig hard drive, I absolutely don't want my YouTube folder to be synced to that laptop. And this has happened. If I don't put that exclude in there, the entire drive is completely filled up because I have, I think 400 gigs of raw video files in there right now. So it's gonna just totally take over that drive. So I could literally just put an exclude. I have a folder called WIP work in progress. I just put that in there, tell it to ignore it and then it won't sync that folder. So you have some flexibility there, but that's an exclusion kind of thing, which may or may not be a solution. Yeah, and the problem with exclusions are, I mean, you can say exclude all of these type of files, but if you load some other oversized file on here, it will sync that one. So yeah, it's not the most ideal one. The way we do it here, our functional use case for the business is we have a shared business folder with a few of the staff here for when we have some certain documents that we need. And we have a design folder for when we need some of the design stuff done. We'll just drop it in there and it's immediately synced between the people that it's relevant to. So each share is its own thing. Now the cool thing is was synced thing because it can be transported over the internet that works on my desktop here or anything I save. I immediately can open up and have on my laptop at home and you can have intermediaries in between. But let's roll all the way backwards to the basics here. Something that I want to start with is, how do you load it and how do you get it set up? And this is good news. If you're on Windows, you're on Mac, you're on Android, no problem, they've got, they even have an F-Troid for those of you that don't even want to use the normal Google Play Market but there is available in the Google Play Market. There is no official support for iPhone at the moment. So there's nothing for the iPhone but you can run this on Linux, Windows, FreeBSD, OpenBSD, NetBSD. I don't know what Alumos is but Slaris is on there too. Yup, and a couple of things about the installation because there's some options here. When it comes to Linux, so I could speak more intelligently about that. There's generally two ways of installing it on Linux, on a Linux distro. You can install the repository, they make repositories available for the popular distros. So you could add that repository and then apt install or yum install, whatever you do and get sync thing in your system but you can also download a tar ball. That's just, no repository, it's just the binary in a tar ball, you can extract it and run it wherever you want. Now, one benefit of that is it can update itself. So if you're running the binary somewhere, you can actually choose the option to automatically update and the binary will get replaced with the new version automatically. Whereas if you use a repository, you're going to need to install the update there through however you install updates on your distro. So you have flexibility there. So if you're going to script it, if you want to do the repository, you can script the adding of the repository and also the installing of the package or you could even just simplify it to having the version of W get that your automation solution uses to pull the binary, extract it, put it where it needs to go. If you download the binary, you'll have to download a service file, like a system D unit file for it so that way you can enable the service. But from what I've seen, if you use the repository, you get a unit file automatically so you can enable it per user or for the whole system. So you could have a system-wide sync or you can enable it for just your user, which is probably better because if it's a multi-user system, if you have other people using that computer, shared computer, you probably don't want like everything syncing to everything. And when you install it, you actually get a web console that's built right in and by default, it's going to use port 8384 and that's going to be right on your system. You can go localhost colon 8384 to access it and by default, no other computer can access it. So if you have another computer on the LAN, they can't go to your computer's IP address, port 8384 and expect to see your web console because it won't let anyone else other than localhost in. You can override this if it's a server, for example, but you have that flexibility to kind of decide if you want that web console, like in the case of a server to be LAN-wide or just keep the default and not let anyone else in. So you have a lot of flexibility as far as how you can install it on Linux. Yeah, it's pretty simple. And I seen someone in the chat mentioned Raspberry Pis and as Jay said in the RetroPi, I will expand the Linux is actually available for a lot of different compilations on there. So whichever one works for you. And I've done some videos before and setting this up even on like true NAS and some of the advantages you have there when you set it up are going to be that the NAS usually is designed to be on all the time versus my computer's not. So when you're thinking about where to install all this, it's not necessarily because this is where you can run a problem. For example, my laptop I leave at home unless I'm traveling and then my desktops, well, it just stays here at the office and the desktop gets turned off when I leave, my laptop's off until I get home. Obviously if I had sync thing on each of these, they are on and off at opposite times and I don't wanna leave Mono all the time to give him a sync. This is where you can have a series of intermediary nodes and free NAS is a popular or true NAS is a popular solution for this where you can load it on there. Now the cool thing is you don't even have to worry about the repository. You can auto install it. It's part of, well, true NAS scale has been released and I haven't tested on true NAS scale but I'm sure it works fine but it's been long time available on true NAS core so you can install it on true NAS core. Now a little bit of a twist when it does it on true NAS core because it puts it as a Nginx of the reverse proxy on it. I'm not exactly sure why the package is installed that way. I talk about and I have a video of how to install the manual way on there. Downside is when you saw it manually you then have to figure out because there's no way to get to the interface. Easy, my solution, my video is just using SSH forwarding to binding that 8384 to localhost to do this. And this is something you'll run into anytime you set this up on a headless server, there's one or two things you can do. Set it up on a headless server, use SSH to manage it via the web interface or more like what Jay has done, learn how the XML file works and edit, you can manually just go and edit the syncing XML file and change all the options, for example, where it binds to and whether or not you want it to be accessible against the actual interface. Or keep it secure all the time and only use SSH forwarding because that way you don't have to have anything more than SSH open on that particular machine and you can keep the management interface closed on syncing because syncing has two ports it's gonna use. One's the management interface and the other one is the actual the transport layer interface. So both do have encryption, but something worth noting is the out-of-the-box config is with no SSL on syncing. I think that's still the out-of-box config when you install this right now. It's localhost so it's not risk other than it is transferring in an unencrypted manner. So if you don't check the encrypted box and add the SSL you would also then be passing things across plain texting your management interface. Just something to consider when you're setting these up on the system. Yep, another thing that could be considered is having if you have like multiple hardware servers this may not work so well if you have like an all-in-one VM server that's all everything to you. But if you have like a virtualization solution as something like TrueNAS for example what you can consider doing is setting up a data store in TrueNAS or syncing, expose it via NFS and then on the virtualization solution set up a VM and then just give it 16 gigs of storage. You don't need much. Have it mount the NFS store on the TrueNAS and you could use something like auto FS so it's automatically mounting that and disconnects it whenever it's not being used and it's so quick syncing I'll never know that it was never not mounted but what really makes this work is that there's a special folder that syncing creates in its shares and if that folder is missing it won't sync. So for example, if you did manage to get to a situation where you're not mounting the NFS store which would mean the mount directory is empty syncing things like hold on that folder I'm expecting to find it's not there I am not syncing anything which protects you from syncing an empty directory to other things. So that's why you could use NFS in that way that avoids the TrueNAS delay and the plugin being updated for example and it gives you the full control to have that going on. So if you use your creativity in your home lab which is kind of the point you could come up with a really awesome solution and also think about what you want synced to what else you want it synced to? For example, do you want if you have like three laptops do you want them to sync together? I don't do that. What I do is I have TrueNAS in the middle and every device syncs to it. So you could think of it like a spoke mentality here we have something in the middle and every device syncs. So if your laptop you update a file there and then it syncs to TrueNAS then the TrueNAS is going to sync to the other nodes but one thing I'll caution everyone on though is absolutely make sure you have NTP on all of your system. Be sure to think thing because if the time is not synchronized some wacky stuff will happen will happen and I ran into this the other day because I deleted a folder. It was an empty folder. So I deleted it. You know, I don't want that folder and it came right back. So I deleted it came back, deleted it came back. Okay, the time's wrong on one of the other nodes because one of the other nodes is in, you know on a future date to where that folder does exist. So sync thing is going to use that to decide well, yeah, this time it's there and that's newer. So it needs to be present on all the other nodes. So just make sure that you not only install NTP but test it, look at your clock, make sure it's synchronized before you install any synchronization solution and you'll save yourself a lot of trouble later. Right, a few things to talk a little bit about. Now, like Jay mentioned kind of the hub spoke where everything's going to synchronize to that. You can also go a step further and this is actually how mine set up because as I said, my computer's not on all the time and my laptop's not all the time. I actually have them synchronizing to TrueNAS. I have a TrueNAS here at the office that synchronizes to and then another TrueNAS via VPN at home that stays in sync. So I have technically always more than one copy of my data. So it's in real time any data that gets dropped there is synchronized on TrueNAS locally here and then actually under a restricted rule by the way, not just a rule that allows it to go to my house but I actually have it on a trickle rule as I call it. If I drop a big file on there, I don't want to take up all my bandwidth. So I actually have it set to restrict to it sends it there over time. This is one of the fun things when you're doing this offsite you want the file to start synchronizing right away but not necessarily taking up all your bandwidth. So you can actually build it out like that. So it will synchronize. And we've actually worked with people set this up at offices like this where they have some graphics and they're like, look, we're not worried about them getting that file right away. We are worried about using up all of our bandwidth if they drop a big file in the middle of the day. As long as it gets there eventually, we're fine. So there's added rules you can do like that either via the firewall restriction or syncing itself lets you set limitations to how the data will be transferred. And to go a little further is, let's talk about file revisioning. This is a really cool feature. You can set all kinds of file revisioning options. So that way of something catastrophic let's say ransomware occurs because this has come up a couple of times on the show like, hey, what if I'm using syncing and it synchronizes all the ransomware? Well, good news. You can on the other end of syncing, go in there it'll see all the changes and start synchronizing you can stop it and then you can roll back to previous revisions provided when you set that share up you have that revisioning turned on. It's really easy to turn on and you can turn it on after you create the share as well. I believe there's a few other options where you can make it where the syncs only happen one way that way deletes don't happen the other way. So there's a couple of little more advanced ones but generally the file revisioning and you can set however many days you can even go really advanced and set because one of the channels of revisioning it can be a storage problem. You can specify that the revisions go to a different functional part of the drive. So you can actually on the back end of the server have more than one mount and you tell syncing to say revision but put all my revisions over here so they actually can be on a completely different mount point inside of Linux or Windows for all that matters. It's really nice because they give you some granular control. They have like trash can standard revisioning they have keep five version revisioning they have like a staggered versioning they have some fine tuning you can do in there of what you do or don't want revised. So it's actually a really nice granular way that you can do it. Yeah and to piggyback off of that you could really kind of just set this up the way that makes sense for you as the user. So an example in my case is that my documents folder has 90 days of revisions. My documents folder is teensy. I mean you're talking just some word processing documents in there. I mean it's probably less than a couple hundred megabytes at this point. So and that's where I keep some of my documents in there. So 90 days of revisions is still really small. But when you think about my work in progress folder for YouTube that's extremely large. So I really don't want 90 days of raw video files in there. I only need a couple of days to process or edit what I'm working on. So I have I think I have it like three or seven days or something like that of revisions. So that way I'm not you know stacking videos upon videos upon videos which I have done and it did result in my true NASA actually completely getting full. We're not going to talk about that. So but I mean you can set that up however it makes sense and I have used the one way sync thing on there where it only goes one direction. So I'll use the retro pi as an example of that because the save files are going to be syncing two ways because that's what you want right. But yeah roms the games themselves are one way. They don't sync back because if a device that doesn't have VCC memory in it a ZFS file system I don't want bit rot syncing back the other way. I trust that data on true NAS not so much on the end points. So I'll make sure that true NAS is sending the files not receiving changes to those files which means also that anytime I want to add a new file I have to add it to the true NAS and I just use SCP for that but I'm okay with that. So that way true NAS sends the files out. What I don't like about it though is true NAS will still or excuse me sync thing will still detect the change on the node even though it's not syncing both ways and ask you to click a button to override it and haven't found a way to make it automatically purge changes. It just won't sync it but it'll still show like an exclamation mark and say, hey dude you got a problem here. Yeah, no I don't want that syncing. So I click the button every so often and I'm not even sure what changes which actually makes me very happy that I'm syncing only one way because something is changing and I don't like that. So that puts me in control of it. Yeah, another thing to note when you're getting these devices all to talk to each other is whether or not you want to use the syncing relaying servers. The default option is on and with the relaying servers and discovery servers are ways that you can use all the nodes and put in the IDs. It'll actually do local network discovery and to find other nodes on there to join and say, hey would you like to get these talking to each other on the same local subnet and then they have their external discovery servers. Now they're not sending any data they're just using some really basic tools. I believe they, if I'm not mistaken they're just doing some firewall and NAT traversal whole punching if I think it's the methodology they're using to get this work but I usually turn this off especially because it's for my business and we implicitly list and this is a nice feature instead of letting it do any type of auto discovery I go right in and I implicitly list TCPI I think it's like TCP colon slash slash they have the nomenclature in there and you put the IP address or DNS host name of the device and the port number you want it on and you can implicitly connect each one of the devices without using any of their discovery tools. I get the choice to use them they make things easier. I've had someone comment, well hey this thing's kind of beaconing out to these servers I'm like yeah the servers are literally labeled syncing in their host name that it calls out to it's nothing, not a big deal it's just to make the product easier to use but one check box way of configuration will turn off you can tell it it works perfectly fine without that on it's just not going to do any of the global because you have your global reach out discovery and then you have your local discovery now the downside of local discovery is whether or not you want noise on your network reaching out you have a server that's looking for friends that's up to you you don't want to server looking for friends because if you have other people on that particular segment of the network it will say hey would you like to be my friend you seem to be running syncing maybe you want that maybe you don't so it's really arbitrary when you're doing the discovery you said check those boxes and turn them off on my end I've had nothing but problems with that global discovery and I'm sure there's an easy solution it's less than perfect yeah I yeah tell me about it I spent some time trying to fix this and then I yeah I think Tom and I both came to the same conclusions separately so basically what would happen is or actually let me back up the way it's supposed to work is I have two computers on the LAN they're supposed to sync directly to each other if they have a syncing relationship they're not supposed to go out to the web public internet hit a relay and then come back into the network and that's exactly what was happening it doesn't make sense because they're on the LAN fully available firewall nothing they could talk to each other but for some reason it would just go out the internet and then back which you'll know if it's using a relay because the speed of transfer will be extremely slow like to the point where wait a few days and maybe you'll have your first sync done if you're lucky so I got really annoyed by this and I couldn't really figure out what was going on and then another thing that would happen is that sync thing would start restarting over and over again because the public IP is the same for all the nodes on my LAN which is of course how it works because you have one public IP for your internet connection but when sync things relay servers see there's like wait I have like a bunch of servers behind this firewall that's trying to sync with me and I can't tell them apart it was just a train wreck so I just disabled it and like Tom said I just manually put in the IP address there and it's been perfectly fine I don't even care if anything is able to hit the relay server I'm home all the time anyway so big deal right so I just turn all that stuff off and then it's a total LAN solution and that just fixed all my problems there's probably a there's a reason why it's going out and then back in when it's not supposed to I just haven't been able to figure out why that is unfortunately so you'll know that this is affecting you if you go to the logs right in the GUI and you see sync thing is restarting a lot that's yeah you're getting bit by this too yeah implicitly listening to them just saves you the trouble and generally speaking they are because you you can still have one reaching out for example this when I say implicitly listening does not mean I have to statically know where everything is and for example my laptop can wander between networks my laptop reaches out specifically to the free NAS the free NAS says you can accept connections a dynamic incoming connections from Tom's laptop because it may be on different networks depending on what I'm doing with it and it's allowed to always accept the connection and my system is always statically linking to the true NAS so you don't actually you can implicitly tell both of them to talk to each other that way it's less ideal you probably want to set up wherever your static devices such as your NAS device and then you would take each one of the devices like J's Raspberry Pi's and have them all talking to the device so they're making the implicit connection back that way so it's a little bit of nuance to getting it set up but that way we'll solve all these little discovery issues that are frequently like Jason kind of annoyances of trying to get them to work right I get it I get their intention but yeah sometimes the implementation of auto discovery can be a little bit challenging to say the least I haven't really played I haven't played to see if it's gotten better I know when I started using sync thing probably four or five years ago it's been a while I don't know exactly how long I've been using it but quite a while I remember it being worse it's gotten better about I don't know if it's great yet yeah I don't know why they're unfortunately yeah implicitly less now the functional protocol itself the thing that is really cool provided all the nodes are in sync is when you change something small about a file it doesn't always have to send the whole file it can realize the blocks that have changed within that file and synchronize it that way the protocol itself is actually very efficient very efficient at the way it looks at data and this helps to keep things in sync but there's an exception to one that doesn't occur and that's a new feature they added within I think the last year or so or less it's okay they're still calling it beta it's the untrusted encrypted devices this is an awesome exciting feature that they've really added what this allows you to do and this is our use case we talked about in the beginning of the show with Linode is let's say you need because something static for you could be your Linode server that's a great place but then you're going oh what if someone were to take over get into that cloud server then he would have all this data it's because the data in transport is all encrypted the data at rest is not encrypted with syncing it would be unusable if it was except when you set up untrusted nodes and if you were to build a untrusted node using your Linode offer code that we have down below and you build up you build this out you would end up with a system that is blinded to what it's synchronizing this is a great feature so let's say you have some special configuration files but you're like man I really need this stuff backed up boy it would be a privacy concern for me to have this data anywhere else whether it's your personal data or anything else but it's really convenient to have it then you would just set up this encrypted untrusted node the password and encryption is all done on we'll use a laptop as an example so you set up your laptop with this on there and when you set up the untrusted node the untrusted node still goes through a similar process of being implicitly listed and connecting to it but it's blinded because you check a box on the reach out part on the laptop that says here's the password to encrypt it use something really long, high entropy and then this allows you to have your data at rest unencrypted as far as when it's on your computer and your computer is booted up but then synchronizing in an encrypted fashion and the landing point that Linode server you spun up for this never gets the password it only gets encrypted garbage not just encrypted garbage it doesn't even know folder names, file names it actually breaks things up into weird parsing it's kind of interesting I it definitely breaks it all up into garbage which is perfect and that's exactly what you want because there's not a way to even go through the metadata and make assumptions about what the files are the huge advantage of this of course is now if I wanted, for example I have a super secret set of documents I wanted to have my laptop and I got the password to this and I've set up this encrypted node and if something has a laptop all I have to do is remember that password recall that set it back up and now I can decrypt it again or what if I wanted to share things with Jay and I also have to do is make sure Jay has that password he can synchronize with it so me and Jay can work on a super secret project all of our data can be transported to this publicly available Linode server that without the password without all the implicit rules that are with it there is no way even if you had physical hands on access to all the data on it and cloned it you don't get anything out of there but me and Jay are able to use it completely synchronized completely transported across the internet but still encrypted in a way that anyone at any point whether they're if they hacked the Linode server they got in because you forgot and left SSH on with passwords and you set the password to be password they would not give them any insight to data this is really critical for when you want to get creative with some of your design ideas because server backups servers have a lot of little backup data servers can create like database exports those are pretty critical for the PFSense little XML file that XML file PFSense creates when you're backing up that would be really great Intel to have because all your VPN configuration and be in there so you don't just want that sync with syncing and then to some public server where it's offsite you want that all encrypted and it's kind of you know just a few of the use cases for using an encrypted untrusted node within there and by the way to make this a little bit more fun syncing has the ability for untrusted nodes to pass data to other untrusted nodes and other untrusted nodes so you can build a web of untrusted nodes and then connect to that web of them with the password and be able to pull down the data back one thing though untrusted node can't do file revisioning the untrusted node because it's so blind to the files it synchronizes if you have a minor change to a large file that file is going to get going to get resinked it doesn't have any way to understand revisioning it's kind of dumb in that aspect because you've blinded it from what the file is so offering any of those services like revisioning even if they were encrypted that would actually be leaking some metadata so they kind of made the decision that it's blind it's dumb it just collects encrypted blobs and holds them for you as long as you have the password so you still have to have your own strategy internally on how you may want to back things up but it's a really cool feature they've added like I said maybe in the last year or so and I'm impressed with it it's pretty cool being able to have that on there yeah I can see that being very useful absolutely yeah especially when you start like I said the server backup stuff it's so easy to load syncing on a server and just have it regularly backing up certain config files that may change as you make changes to the server and things like that it's nice because it offers a real time level of backup so if you create some backup job that just spits it out into the syncing directory every half hour and then syncing goes alright I found a new file let me synchronize it I found a new file let me synchronize it now you're keeping everything very up to date with a really secure transport layer yep yeah pretty pretty cool use cases for syncing for sure it is a it's a fun tool that runs on about everything I'm sure I think the I think we covered like this here I know someone is always going to ask and we I've got plenty of videos I've done a few videos on syncing for getting it set up for those you're looking for well what does it actually look like setting up I will probably do a twenty twenty one video coming up soon because well it doesn't look much different my video even from a few years ago is ninety nine percent accurate it just doesn't have some of the extra features that I mentioned it didn't have dark mode when I did the video so you really wanted yeah I don't think it had dark mode a few years ago actually I don't log into the interface very often it's kind of a set it and forget it tool so I I know it's working and it'll let me know if it's not working because I won't have my file synchronized so I kick it off on my computer starts and it'll pop the window up and I close it so I'm only blinded for a moment by its white background I've never said dark mode on it I know I didn't even I probably realize it had dark mode I don't think I've thought about dark mode until you mentioned it today so yeah it's kind of funny that I I said that because I barely ever look at it right it's not like I'm in the console every day that it's like habitually dark mode check done absolutely for whatever reason yeah there's a lot of features that sometimes you discover new things which is pretty cool and there's other features too like that are probably beyond scope because the documentation I mean we were to go over everything it probably be a whole series of videos and audio and podcasts just about this but it's yeah like you said it's easy to set up it's really simple it's it lets you get your data from point A to point B the only thing I think we didn't mention is that it gives you like this shared folder by default which I always delete and remove out of the interface because I want to sync the folders that are important to me so I always kill that folder but if you want to have like a common folder and you're OK with that you can leave it alone otherwise you could just remove that default sync folder that it will create in your home directory you can just remove it and then sync whatever you want and just add whatever folders matter to you. Yeah if you dive into I was just flip it through a documentation to make sure we covered everything here one of the things that is done here I didn't know this they have an option for custom upgrade server so if you wanted to have your own custom download links for the upgrade part that's even built in it's not like you have to tell it to upgrade from somewhere they actually have some options so you can go you can go crazy with this they have some command I didn't realize they've really added to the ability to do things from the command line. Yeah that's nice this is once again if you are going to do something like J's to me where you deploy with Ansible read through the documentation there's a lot they give you to really dive in and customize but for those you just want to get started with it and Linux have to get installed or in windows you can just download it really straightforward to get going at it. Sure is when you get over the discovery problems. Basically but you still have to know the verbiage and the syntax for the URL which honestly took me a little bit of time to figure out so don't do that first you know just just play around with it first and then you can explore that. Absolutely all right I think we have covered it I will leave links to syncthing.net it is a dot com it is a dot net check it out it's free it's open source there's no offer code needed to get started with it just go ahead and click it and get going decide all the places you want to put it I will leave a link to the video do you have any syncing videos Jay I do yeah it's still be current enough. Yeah we'll leave some links to the syncing videos we've done to get you some more visual input for those you that want to dive a little deeper in there and see it in action but yeah it's easy enough to get started with we definitely it's one of our favorite little tools that me and Jay been using for a number of years and we're hoping you'll enjoy it too. Yeah and I want to also just plug my proxmox series that came out today. Yes yes Jay Jay's proxmox series is out I retweeted at least one of them that you posted but there's a you've been asking about proxmox we did a homelab show about proxmox but if you want to dive right into Jay's videos those will be linked as well you can find them all on learnlinux.tv. Yeah and it's a 16 episode series the first five videos are out today and then new episodes I don't know how many each week the new episodes will be out every week at least one but I'm going to try for more than that each week until all 16 episodes are done the whole the whole series is completely filmed but I have to just get them edited so sometimes it takes a while but I think it's going to happen faster than other series so first five videos this week anywhere from one to three next week and I hope you guys like it. That's the editing is a big part of what we have to do here is is content creation is one thing and then processing all the content we create into something concise for your learning pleasure is a is a long arduous task. Once they get them edited then Sync thing won't have to sync 400 gigs of work in progress files anymore. Yeah. Yeah. But you know for those you want to have syncing scales it's syncing currently 400 gigs of proxmox videos. So I don't even know how much is syncing for me right now. I remember a couple of times I've looked in it's the small files that that they've improved because I remember one time I had it syncing all my photos which is in the seventy thousand range and I used to choke a little while on that it could get it done it just was really slow and they made that really a lot faster in recent years. So that's not even an issue anymore or computers are faster or a combination of it the code got better and computers got faster. So the overall experience was improved greatly by two fronts. All right you know where to find us all the links down below and thank you for everyone joining us. Appreciate it.