Syncthing is an open source sync tool between different devices, it is free to use, and point to point sharing service.
The K8s Deployment File for Syncthing
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: syncthing-pv-claim labels: app: syncthing spec: storageClassName: local-path accessModes: - ReadWriteOnce resources: requests: storage: 10Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: syncthing labels: app: syncthing spec: replicas: 1 selector: matchLabels: app: syncthing strategy: type: Recreate template: metadata: labels: app: syncthing spec: nodeSelector: kubernetes.io/arch: arm64 persistant-prefered: '1' containers: - image: syncthing/syncthing:1.18 name: syncthing resources: limits: memory: "256Mi" cpu: "500m" ports: - containerPort: 8384 name: syncthing protocol: TCP - containerPort: 22000 protocol: TCP name: to-listen - containerPort: 22000 protocol: UDP name: to-discover volumeMounts: - name: syncthing-persistent-storage mountPath: /var/syncthing volumes: - name: syncthing-persistent-storage persistentVolumeClaim: claimName: syncthing-pv-claim --- apiVersion: v1 kind: Service metadata: name: syncthing-service labels: app: syncthing spec: ports: - name: http port: 32080 targetPort: 8384 protocol: TCP - protocol: TCP port: 32000 targetPort: 22000 name: to-listen - protocol: UDP port: 32000 targetPort: 22000 name: to-discover selector: app: syncthing type: NodePort # if we use NodePort here so custom port, such as 22000, 8383 will be exposed through 32000 and 32080 at instance ip # we cannot use cluster ip only here because it will not expose the ports https://stackoverflow.com/questions/41509439/whats-the-difference-between-clusterip-nodeport-and-loadbalancer-service-types # we need to enable the ports in firewall to support syncthing if use cluster ip
Why Use NodePort as Service Type in K8s Config?
Here we use NodePort for the service type, instead of ClusterIP, the reason is that Syncthing requires some specific port for connection, and it needs a volume to store the data. There is a hack to make it use ClusterIP and binding ingress and domain, let me know in comments if you prefer using a domain name and ClusterIP instead of IP address + Node Port.
P.S. Solution Based On Syncthing
- KeePass + Syncthing, as a password maanger.
- How to make it in short:
- Syncthing supports encryption, (i.e. use a remote syncthing instance as an untrudsted device)
- Put keepass db into a shared folder, but not the key
- Manually copy the key across devices
- Now you will have a self hosted password manager across as many devices as you want
- How to make it in short:
- Syncthing can be used as a back-up service
- More about syncthing
- privacy and security of syncthing