diff --git a/AUTHORS b/AUTHORS index 937e33cc4..85fbef6c5 100644 --- a/AUTHORS +++ b/AUTHORS @@ -240,6 +240,7 @@ Vladimir Rusinov wangguoliang William A. Kennington III (wkennington) Wulf Weich (wweich) +xarx00 Xavier O. (damajor) xjtdy888 (xjtdy888) Yannic A. (eipiminus1) diff --git a/gui/default/syncthing/core/aboutModalView.html b/gui/default/syncthing/core/aboutModalView.html index 444d5db5f..077d0e990 100644 --- a/gui/default/syncthing/core/aboutModalView.html +++ b/gui/default/syncthing/core/aboutModalView.html @@ -14,7 +14,7 @@

Copyright © 2014-2019 the following Contributors:

-Jakob Borg, Audrius Butkevicius, Simon Frei, Alexander Graf, Alexandre Viau, Anderson Mesquita, Antony Male, Ben Schulz, Caleb Callaway, Daniel Harte, Evgeny Kuznetsov, Lars K.W. Gohlke, Lode Hoste, Michael Ploujnikov, Nate Morrison, Philippe Schommers, Ryan Sullivan, Sergey Mishin, Stefan Tatschner, Wulf Weich, dependabot-preview[bot], greatroar, Aaron Bieber, Adam Piggott, Adel Qalieh, Alan Pope, Alberto Donato, Alessandro G., Alex Xu, Aman Gupta, Andrew Dunham, Andrew Rabert, Andrey D, André Colomb, Anjan Momi, Antoine Lamielle, Aranjedeath, Arkadiusz Tymiński, Arthur Axel fREW Schmidt, Artur Zubilewicz, Aurélien Rainone, BAHADIR YILMAZ, Bart De Vries, Ben Curthoys, Ben Shepherd, Ben Sidhom, Benedikt Heine, Benedikt Morbach, Benno Fünfstück, Benny Ng, Boqin Qin, Boris Rybalkin, Brandon Philips, Brendan Long, Brian R. Becker, Carsten Hagemann, Cathryne Linenweaver, Cedric Staniewski, Chris Howie, Chris Joel, Chris Tonkinson, Colin Kennedy, Cromefire_, Cyprien Devillez, Dale Visser, Dan, Daniel Bergmann, Daniel Martí, Darshil Chanpura, David Rimmer, Denis A., Dennis Wilson, Dmitry Saveliev, Domenic Horner, Dominik Heidler, Elias Jarlebring, Elliot Huffman, Emil Hessman, Erik Meitner, Federico Castagnini, Felix Ableitner, Felix Unterpaintner, Francois-Xavier Gsell, Frank Isemann, Gilli Sigurdsson, Graham Miln, Han Boetes, Harrison Jones, Heiko Zuerker, Hugo Locurcio, Iain Barnett, Ian Johnson, Ilya Brin, Iskander Sharipov, Jaakko Hannikainen, Jacek Szafarkiewicz, Jacob, Jake Peterson, James Patterson, Jaroslav Malec, Jaya Chithra, Jens Diemer, Jerry Jacobs, Jochen Voss, Johan Andersson, Johan Vromans, John Rinehart, Jonas Thelemann, Jonathan Cross, Jose Manuel Delicado, Jörg Thalheim, Kalle Laine, Karol Różycki, Keith Turner, Kelong Cong, Ken'ichi Kamada, Kevin Allen, Kevin Bushiri, Kevin White, Jr., Kurt Fitzner, Laurent Arnoud, Laurent Etiemble, Leo Arias, Liu Siyuan, Lord Landon Agahnim, Lukas Lihotzki, Majed Abdulaziz, Marc Laporte, Marc Pujol, Marcin Dziadus, Marcus Legendre, Mario Majila, Mark Pulford, Mateusz Naściszewski, Mateusz Ż, Matic Potočnik, Matt Burke, Matt Robenolt, Matteo Ruina, Maurizio Tomasi, Max Schulze, MaximAL, Maxime Thirouin, Michael Jephcote, Michael Rienstra, Michael Tilli, Mike Boone, MikeLund, MikolajTwarog, Mingxuan Lin, Nicholas Rishel, Nico Stapelbroek, Nicolas Braud-Santoni, Nicolas Perraut, Niels Peter Roest, Nils Jakobi, NinoM4ster, Nitroretro, NoLooseEnds, Oliver Freyermuth, Otiel, Oyebanji Jacob Mayowa, Pablo, Pascal Jungblut, Paul Brit, Pawel Palenica, Paweł Rozlach, Peter Badida, Peter Dave Hello, Peter Hoeg, Peter Marquardt, Phil Davis, Phill Luby, Pier Paolo Ramon, Piotr Bejda, Pramodh KP, Richard Hartmann, Robert Carosi, Robin Schoonover, Roman Zaynetdinov, Ross Smith II, Ruslan Yevdokymov, Sacheendra Talluri, Scott Klupfel, Shaarad Dalvi, Simon Mwepu, Sly_tom_cat, Stefan Kuntz, Suhas Gundimeda, Taylor Khan, Thomas Hipp, Tim Abell, Tim Howes, Tobias Nygren, Tobias Tom, Tom Jakubowski, Tomasz Wilczyński, Tommy Thorn, Tully Robinson, Tyler Brazier, Tyler Kropp, Unrud, Veeti Paananen, Victor Buinsky, Vil Brekin, Vladimir Rusinov, William A. Kennington III, Xavier O., Yannic A., andresvia, andyleap, boomsquared, chenrui, chucic, dependabot[bot], derekriemer, desbma, georgespatton, ghjklw, janost, jaseg, jelle van der Waa, klemens, marco-m, mv1005, otbutz, perewa, rubenbe, wangguoliang, xjtdy888, 佛跳墙 +Jakob Borg, Audrius Butkevicius, Simon Frei, Alexander Graf, Alexandre Viau, Anderson Mesquita, Antony Male, Ben Schulz, Caleb Callaway, Daniel Harte, Evgeny Kuznetsov, Lars K.W. Gohlke, Lode Hoste, Michael Ploujnikov, Nate Morrison, Philippe Schommers, Ryan Sullivan, Sergey Mishin, Stefan Tatschner, Wulf Weich, dependabot-preview[bot], greatroar, Aaron Bieber, Adam Piggott, Adel Qalieh, Alan Pope, Alberto Donato, Alessandro G., Alex Xu, Aman Gupta, Andrew Dunham, Andrew Rabert, Andrey D, André Colomb, Anjan Momi, Antoine Lamielle, Aranjedeath, Arkadiusz Tymiński, Arthur Axel fREW Schmidt, Artur Zubilewicz, Aurélien Rainone, BAHADIR YILMAZ, Bart De Vries, Ben Curthoys, Ben Shepherd, Ben Sidhom, Benedikt Heine, Benedikt Morbach, Benno Fünfstück, Benny Ng, Boqin Qin, Boris Rybalkin, Brandon Philips, Brendan Long, Brian R. Becker, Carsten Hagemann, Cathryne Linenweaver, Cedric Staniewski, Chris Howie, Chris Joel, Chris Tonkinson, Colin Kennedy, Cromefire_, Cyprien Devillez, Dale Visser, Dan, Daniel Bergmann, Daniel Martí, Darshil Chanpura, David Rimmer, Denis A., Dennis Wilson, Dmitry Saveliev, Domenic Horner, Dominik Heidler, Elias Jarlebring, Elliot Huffman, Emil Hessman, Erik Meitner, Federico Castagnini, Felix Ableitner, Felix Unterpaintner, Francois-Xavier Gsell, Frank Isemann, Gilli Sigurdsson, Graham Miln, Han Boetes, Harrison Jones, Heiko Zuerker, Hugo Locurcio, Iain Barnett, Ian Johnson, Ilya Brin, Iskander Sharipov, Jaakko Hannikainen, Jacek Szafarkiewicz, Jacob, Jake Peterson, James Patterson, Jaroslav Malec, Jaya Chithra, Jens Diemer, Jerry Jacobs, Jochen Voss, Johan Andersson, Johan Vromans, John Rinehart, Jonas Thelemann, Jonathan Cross, Jose Manuel Delicado, Jörg Thalheim, Kalle Laine, Karol Różycki, Keith Turner, Kelong Cong, Ken'ichi Kamada, Kevin Allen, Kevin Bushiri, Kevin White, Jr., Kurt Fitzner, Laurent Arnoud, Laurent Etiemble, Leo Arias, Liu Siyuan, Lord Landon Agahnim, Lukas Lihotzki, Majed Abdulaziz, Marc Laporte, Marc Pujol, Marcin Dziadus, Marcus Legendre, Mario Majila, Mark Pulford, Mateusz Naściszewski, Mateusz Ż, Matic Potočnik, Matt Burke, Matt Robenolt, Matteo Ruina, Maurizio Tomasi, Max Schulze, MaximAL, Maxime Thirouin, Michael Jephcote, Michael Rienstra, Michael Tilli, Mike Boone, MikeLund, MikolajTwarog, Mingxuan Lin, Nicholas Rishel, Nico Stapelbroek, Nicolas Braud-Santoni, Nicolas Perraut, Niels Peter Roest, Nils Jakobi, NinoM4ster, Nitroretro, NoLooseEnds, Oliver Freyermuth, Otiel, Oyebanji Jacob Mayowa, Pablo, Pascal Jungblut, Paul Brit, Pawel Palenica, Paweł Rozlach, Peter Badida, Peter Dave Hello, Peter Hoeg, Peter Marquardt, Phil Davis, Phill Luby, Pier Paolo Ramon, Piotr Bejda, Pramodh KP, Richard Hartmann, Robert Carosi, Robin Schoonover, Roman Zaynetdinov, Ross Smith II, Ruslan Yevdokymov, Sacheendra Talluri, Scott Klupfel, Shaarad Dalvi, Simon Mwepu, Sly_tom_cat, Stefan Kuntz, Suhas Gundimeda, Taylor Khan, Thomas Hipp, Tim Abell, Tim Howes, Tobias Nygren, Tobias Tom, Tom Jakubowski, Tomasz Wilczyński, Tommy Thorn, Tully Robinson, Tyler Brazier, Tyler Kropp, Unrud, Veeti Paananen, Victor Buinsky, Vil Brekin, Vladimir Rusinov, William A. Kennington III, Xavier O., Yannic A., andresvia, andyleap, boomsquared, chenrui, chucic, dependabot[bot], derekriemer, desbma, georgespatton, ghjklw, janost, jaseg, jelle van der Waa, klemens, marco-m, mv1005, otbutz, perewa, rubenbe, wangguoliang, xarx00, xjtdy888, 佛跳墙
diff --git a/man/stdiscosrv.1 b/man/stdiscosrv.1 index d4b000d16..7c65e8623 100644 --- a/man/stdiscosrv.1 +++ b/man/stdiscosrv.1 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "STDISCOSRV" "1" "May 12, 2020" "v1" "Syncthing" +.TH "STDISCOSRV" "1" "May 16, 2020" "v1" "Syncthing" .SH NAME stdiscosrv \- Syncthing Discovery Server . @@ -286,18 +286,30 @@ Use of a subdomain name without requiring a port number added to the URL .IP \(bu 2 Sharing an SSL certificate with multiple services on the same server .UNINDENT +.sp +Note that after this configuration, if the proxy uses a valid HTTPS +certificate, \fBclients should omit the\fP \fB?id=...\fP \fBparameter from the +discovery server URL on their configuration\fP\&. Client\-side validation will be +done by checking the visible proxy server’s HTTPS certificate. If, however, the +proxy uses a self\-signed or somehow invalid certificate, clients must still set +the \fB?id=...\fP parameter with the computed hash of the proxy’s +certificate. Using such setup is discouraged and is not covered in this page. +Always favour using valid and widely recognised certificates. .SS Requirements .INDENT 0.0 .IP \(bu 2 -Run the discovery server using the \-http flag \fBstdiscosrv \-http\fP\&. +Run the discovery server using the \-http flag: \fBstdiscosrv \-http\fP\&. .IP \(bu 2 -SSL certificate/key configured for the reverse proxy +SSL certificate/key configured for the reverse proxy. .IP \(bu 2 -The “X\-Forwarded\-For” http header must be passed through with the client’s -real IP address +The “X\-Forwarded\-For” HTTP header must be passed through with the client’s +real IP address. .IP \(bu 2 -The “X\-SSL\-Cert” must be passed through with the PEM\-encoded client SSL -certificate +The “X\-SSL\-Cert” HTTP header must be passed through with the PEM\-encoded +client SSL certificate. This will be present in POST requests and may be empty +in GET requests from clients. If you see syncthing\-discosrv outputting +\fBno certificates\fP when receiving POST requests, that’s because the proxy +is not passing this header through. .IP \(bu 2 The proxy must request the client SSL certificate but not require it to be signed by a trusted CA. @@ -372,6 +384,43 @@ server { .sp An example of automating the SSL certificates and reverse\-proxying the Discovery Server and Syncthing using Nginx, \fI\%Let’s Encrypt\fP <\fBhttps://letsencrypt.org/\fP> and Docker can be found \fI\%here\fP <\fBhttps://forum.syncthing.net/t/docker-syncthing-and-syncthing-discovery-behind-nginx-reverse-proxy-with-lets-encrypt/6880\fP>\&. +.SS Apache +.sp +The following lines must be added to the configuration: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +SSLProxyEngine On +SSLVerifyClient optional_no_ca +RequestHeader set X\-SSL\-Cert "%{SSL_CLIENT_CERT}s" +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +The following was observed to not be required at least under +Apache httpd 2.4.38, as the proxy module adds the needed header by default. +If you need to explicitly add the following directive, make sure to issue +\fBa2enmod remoteip\fP first. Then, add the following to your Apache httpd +configuration: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +RemoteIPHeader X\-Forwarded\-For +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +For more details, see also the recommendations in the +\fI\%Reverse Proxy Setup\fP <\fBhttps://docs.syncthing.net/users/reverseproxy.html\fP> +page. Note that that page is directed at setting up a proxy for the +Syncthing web UI. You should do the proper path and port adjustments to proxying +the discovery server and your particular setup. .SH SEE ALSO .sp \fBsyncthing\-networking(7)\fP, \fBsyncthing\-faq(7)\fP diff --git a/man/strelaysrv.1 b/man/strelaysrv.1 index 4bdaa7a00..3376952ac 100644 --- a/man/strelaysrv.1 +++ b/man/strelaysrv.1 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "STRELAYSRV" "1" "May 12, 2020" "v1" "Syncthing" +.TH "STRELAYSRV" "1" "May 16, 2020" "v1" "Syncthing" .SH NAME strelaysrv \- Syncthing Relay Server . diff --git a/man/syncthing-bep.7 b/man/syncthing-bep.7 index eb0134518..d1e7faf78 100644 --- a/man/syncthing-bep.7 +++ b/man/syncthing-bep.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-BEP" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-BEP" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-bep \- Block Exchange Protocol v1 . diff --git a/man/syncthing-config.5 b/man/syncthing-config.5 index cd60c6956..a4282abd7 100644 --- a/man/syncthing-config.5 +++ b/man/syncthing-config.5 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-CONFIG" "5" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-CONFIG" "5" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-config \- Syncthing Configuration . diff --git a/man/syncthing-device-ids.7 b/man/syncthing-device-ids.7 index 349de59e8..f42ccd680 100644 --- a/man/syncthing-device-ids.7 +++ b/man/syncthing-device-ids.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-DEVICE-IDS" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-DEVICE-IDS" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-device-ids \- Understanding Device IDs . diff --git a/man/syncthing-event-api.7 b/man/syncthing-event-api.7 index 7e3b4db6a..a8ca53f58 100644 --- a/man/syncthing-event-api.7 +++ b/man/syncthing-event-api.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-EVENT-API" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-EVENT-API" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-event-api \- Event API . diff --git a/man/syncthing-faq.7 b/man/syncthing-faq.7 index f6ed0f030..b3f00c4db 100644 --- a/man/syncthing-faq.7 +++ b/man/syncthing-faq.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-FAQ" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-FAQ" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-faq \- Frequently Asked Questions . @@ -64,34 +64,34 @@ Sync uses an undocumented, closed protocol with unknown security properties. The following things are \fIalways\fP synchronized: .INDENT 0.0 .IP \(bu 2 -File Contents +File contents .IP \(bu 2 -File Modification Times +File modification times .UNINDENT .sp The following may be synchronized or not, depending: .INDENT 0.0 .IP \(bu 2 -File Permissions (When supported by file system. On Windows, only the -read only bit is synchronized.) +File permissions (when supported by file system; on Windows only the +read only bit is synchronized) .IP \(bu 2 -Symbolic Links (synced, except on Windows, but never followed.) +Symbolic links (synced, except on Windows, but never followed) .UNINDENT .sp The following are \fInot\fP synchronized; .INDENT 0.0 .IP \(bu 2 -File or Directory Owners and Groups (not preserved) +File or directory owners and Groups (not preserved) .IP \(bu 2 -Directory Modification Times (not preserved) +Directory modification times (not preserved) .IP \(bu 2 -Hard Links (followed, not preserved) +Hard links and Windows directory junctions (followed, not preserved) .IP \(bu 2 -Extended Attributes, Resource Forks (not preserved) +Extended attributes, resource forks (not preserved) .IP \(bu 2 Windows, POSIX or NFS ACLs (not preserved) .IP \(bu 2 -Devices, FIFOs, and Other Specials (ignored) +Devices, FIFOs, and other specials (ignored) .IP \(bu 2 Sparse file sparseness (will become sparse, when supported by the OS & filesystem) .UNINDENT diff --git a/man/syncthing-globaldisco.7 b/man/syncthing-globaldisco.7 index e82890e02..f56289a24 100644 --- a/man/syncthing-globaldisco.7 +++ b/man/syncthing-globaldisco.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-GLOBALDISCO" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-GLOBALDISCO" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-globaldisco \- Global Discovery Protocol v3 . diff --git a/man/syncthing-localdisco.7 b/man/syncthing-localdisco.7 index ad55b9a57..7aa168cd1 100644 --- a/man/syncthing-localdisco.7 +++ b/man/syncthing-localdisco.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-LOCALDISCO" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-LOCALDISCO" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-localdisco \- Local Discovery Protocol v4 . diff --git a/man/syncthing-networking.7 b/man/syncthing-networking.7 index ba2856a8f..ff3dcb593 100644 --- a/man/syncthing-networking.7 +++ b/man/syncthing-networking.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-NETWORKING" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-NETWORKING" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-networking \- Firewall Setup . diff --git a/man/syncthing-relay.7 b/man/syncthing-relay.7 index a91b812d7..27a99c921 100644 --- a/man/syncthing-relay.7 +++ b/man/syncthing-relay.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-RELAY" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-RELAY" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-relay \- Relay Protocol v1 . diff --git a/man/syncthing-rest-api.7 b/man/syncthing-rest-api.7 index 8ed3d2678..ebd3f4404 100644 --- a/man/syncthing-rest-api.7 +++ b/man/syncthing-rest-api.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-REST-API" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-REST-API" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-rest-api \- REST API . diff --git a/man/syncthing-security.7 b/man/syncthing-security.7 index 30678600d..a5fc3df5c 100644 --- a/man/syncthing-security.7 +++ b/man/syncthing-security.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-SECURITY" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-SECURITY" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-security \- Security Principles . diff --git a/man/syncthing-stignore.5 b/man/syncthing-stignore.5 index 451eea730..1f0fa7106 100644 --- a/man/syncthing-stignore.5 +++ b/man/syncthing-stignore.5 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-STIGNORE" "5" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-STIGNORE" "5" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-stignore \- Prevent files from being synchronized to other nodes . diff --git a/man/syncthing-versioning.7 b/man/syncthing-versioning.7 index 8885eee86..e4264fe54 100644 --- a/man/syncthing-versioning.7 +++ b/man/syncthing-versioning.7 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING-VERSIONING" "7" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING-VERSIONING" "7" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing-versioning \- Keep automatic backups of deleted files by other nodes . diff --git a/man/syncthing.1 b/man/syncthing.1 index 33ad34e8f..d1e6ba45e 100644 --- a/man/syncthing.1 +++ b/man/syncthing.1 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SYNCTHING" "1" "May 12, 2020" "v1" "Syncthing" +.TH "SYNCTHING" "1" "May 16, 2020" "v1" "Syncthing" .SH NAME syncthing \- Syncthing .