Syncthing Icon

Continuous file synchronization between 2 or more clients. It is simple, yet powerful, and fully-encrypted and private. Syncthing can be deployed with Docker, and there are native clients for Windows, Mac, Linux, BSD and Android.

Open Source

Syncthing Source Code




Open Source Continuous File Synchronization






26 Nov 13

Last Updated

18 May 24

Latest version


Primary Language



121,252 KB







Language Usage

Language Usage

Star History

Star History

Recent Commits

  • luchenhan (16 May 24)

    lib/db: Correct function name in comments (#9520)

  • WangXi (16 May 24)

    lib/connections: Use proper errors.Is check (#9538)

  • dependabot[bot] (16 May 24)

    build(deps): bump from 0.42.0 to 0.43.0 (#9522) Bumps []( from 0.42.0 to 0.43.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="">'s releases</a>.</em></p> <blockquote> <h2>v0.43.0</h2> <h2><em></em>: Launching a new Documentation Site</h2> <p>With this release, we're launching a new documentation site for the quic-go projects (quic-go itself, HTTP/3, webtransport-go, and soon, masque-go): <a href=""></a>.</p> <p>The documentation site aims to explain QUIC concepts and how they are made accessible using quic-go's API. This site replaces the wiki, and the ever-growing README files.</p> <p>A lot of work has gone into the documentation already, but we're by no means done yet. The entire source is public in <a href=""></a>, and we're happy about community contributions.</p> <h2>HTTP Datagrams (RFC 9297)</h2> <p>This release adds support for HTTP Datagrams (<a href="">RFC 9297</a>), both on the client and on the server side (<a href="">#4452</a>). HTTP Datagrams are used in WebTransport in CONNECT-UDP (<a href="">RFC 9298</a>), among others.</p> <p>The new API for HTTP Datagrams is described on the new documentation page: <a href="">HTTP Datagrams</a>. The integration of HTTP Datagram support necessitated a comprehensive refactor of the HTTP/3 package, resulting in several breaking API changes listed below.</p> <h2>Breaking Changes</h2> <ul> <li>quicvarint: functions now return an <code>int</code> instead the internal <code>protocol.ByteCount</code> (<a href="">#4365</a>)</li> <li>http3: <code>Server.SetQuicHeaders</code> was renamed to <code>SetQUICHeaders</code> (<a href="">#4377</a>)</li> <li>http3: <code>Server.QuicConfig</code> was renamed to <code>QUICConfig</code> (<a href="">#4384</a>)</li> <li>http3: <code>RoundTripper.QuicConfig</code> was renamed to <code>QUICConfig</code> (<a href="">#4385</a>)</li> <li>http3: <code>RoundTripOpt.CheckSettings</code> was removed (<a href="">#4416</a>). Use the new<code>SingleDestinationRoundTripper</code> API instead.</li> <li>http3: the <code>HTTPStreamer</code> interface is now implemented by the <code>http.ResponseWriter</code> (and not the <code>http.Request.Body</code>) (<a href="">#4469</a>)</li> <li>include the maximum payload size in the <code>DatagramTooLargeError</code> (<a href="">#4470</a>)</li> </ul> <h2>Other Notable Changes</h2> <ul> <li>GSO and ECN is disabled on kernel versions older than 5 (<a href="">#4456</a>)</li> <li>http3: logging can be controlled using an <code>slog.Logger</code> (<a href="">#4449</a>)</li> <li>http3: HEAD requests can now be sent in 0-RTT (<a href="">#4378</a>)</li> <li>http3: duplicate QPACK encoder and decoder streams are not rejected as required by the RFC (<a href="">#4388</a>)</li> <li>http3: Extended CONNECT are blocked until the server's SETTINGS are received, as required by the RFC (<a href="">#4450</a>)</li> <li>http3: HTTP/3 client connections aren't removed if <code>RoundTrip</code> errors due to a cancelled context (<a href="">#4448</a>). Thanks to <a href=""><code>@​GeorgeMac</code></a>!</li> <li>http3: sniff Content-Type when flushing the ResponseWriter (<a href="">#4412</a>). Thanks to <a href=""><code>@​WeidiDeng</code></a>!</li> <li>The <code>Context</code> exposed on the <code>quic.Stream</code> is now derived from the connection's context (<a href="">#4414</a>)</li> <li>The UDP send and receive buffer size was increased to 7 MiB (<a href="">#4455</a>). Thanks to <a href=""><code>@​bt90</code></a>!</li> </ul> <h2>Clarifications on the QUIC Stream State Machine</h2> <h3>Calling CancelWrite after Close</h3> <p>After a long and fruitful discussion (<a href="">#4404</a>), we decided to clarify that calling <code>CancelWrite</code> after <code>Close</code> on a <code>SendStream</code> (or a bidirectional stream) should cause a state transition from the &quot;Data Sent&quot; to the &quot;Reset Sent&quot; state, as described in <a href="">section 3.1 of RFC 9000</a>. This matches the current behavior of quic-go, however, it didn't match the API documentation (fixed in <a href="">#4419</a>).</p> <p>This means that stream data will not be delivered reliably if <code>CancelWrite</code> is called, and that this applies even if <code>Close</code> was called before.</p> <h3>Garbage Collection of Streams</h3> <p>This release also changes the way streams are garbage-collected (and the peer is granted additional limit to open a new stream), once they're not needed anymore, in a subtle way:</p> <ul> <li>for the send direction of streams: <a href="">#4445</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=""><code>93c4785</code></a> http3: sniff Content-Type when flushing the ResponseWriter (<a href="">#4412</a>)</li> <li><a href=""><code>c0250ce</code></a> include the maximum payload size in the DatagramTooLargeError (<a href="">#4470</a>)</li> <li><a href=""><code>34f4d14</code></a> http3: implement on the HTTPStreamer on the ResponseWriter, flush header (<a href="">#4469</a>)</li> <li><a href=""><code>083ceb4</code></a> http3: rename Settings.EnableDatagram to EnableDatagrams (<a href="">#4466</a>)</li> <li><a href=""><code>e1e5b62</code></a> README: link to the new documentation site (<a href="">#4464</a>)</li> <li><a href=""><code>2a37c53</code></a> http3: add support for HTTP Datagrams (RFC 9297) (<a href="">#4452</a>)</li> <li><a href=""><code>11b1159</code></a> http3: fix race condition in client unit test (<a href="">#4463</a>)</li> <li><a href=""><code>4b87539</code></a> delay completion of the receive stream until the reset error was read (<a href="">#4460</a>)</li> <li><a href=""><code>bff131e</code></a> delay completion of the send stream until the reset error was delivered (<a href="">#4445</a>)</li> <li><a href=""><code>12aa638</code></a> disable GSO and ECN on kernels older than version 5 (<a href="">#4456</a>)</li> <li>Additional commits viewable in <a href="">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](]( Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]>

  • Syncthing Release Automation (13 May 24)

    gui, man, authors: Update docs, translations, and contributors

  • Jakob Borg (08 May 24)

    build: Use Go 1.22.3 at minimum

  • André Colomb (07 May 24)

    gui: Add Hindi (hi) translation template (#9530) Based on user request from Weblate, user @Scrambled777. Looks promising based on the profile:

  • Syncthing Release Automation (06 May 24)

    gui, man, authors: Update docs, translations, and contributors

  • DerRockWolf (04 May 24)

    lib/connections: Add syncthing_connections_active metric (fixes #9527) (#9528) ### Purpose Adds a new metric `syncthing_connections_active` which equals to the amount of active connections per device. Fixes #9527 <!-- Describe the purpose of this change. If there is an existing issue that is resolved by this pull request, ensure that the commit subject is on the form `Some short description (fixes #1234)` where 1234 is the issue number. --> ### Testing I've manually tested it by running syncthing with these changes locally and examining the returned metrics from `/metrics`. I've done the following things: - Connect & disconnect a device - Increase & decrease the number of connections and verify that the value of the metric matches with the amount displayed in the GUI. ### Documentation needs to be regenerated with [find-metrics.go]( ## Authorship Your name and email will be added automatically to the AUTHORS file based on the commit metadata. --------- Co-authored-by: Jakob Borg <[email protected]>

  • otbutz (01 May 24)

    etc: Use 7MiB buffer size (#9524) ### Purpose In preparation for quic-go v0.43.0. see

  • Severin von Wnuck-Lipinski (01 May 24)

    gui: Fix Firefox bookmark favicon (fixes #9506) (#9507) ### Purpose Firefox uses the last specified favicon link for bookmarks, but only if it is available on initial page load. Remove the second link and use ng-href to change the icon instead. I'm not really familiar with AngularJS, feel free to offer suggestions for improvements. ### Testing Briefly tested on Firefox 124.0.2 and Chrome 123.0.6312.105.

  • Syncthing Release Automation (29 Apr 24)

    gui, man, authors: Update docs, translations, and contributors

  • Syncthing Release Automation (22 Apr 24)

    gui, man, authors: Update docs, translations, and contributors

  • Syncthing Release Automation (15 Apr 24)

    gui, man, authors: Update docs, translations, and contributors

  • Jakob Borg (11 Apr 24)

    lib/nat: Don't crash on empty address list (fixes #9503) (#9504)

  • Jakob Borg (08 Apr 24)

    lib/db: Drop indexes for outgoing data to force refresh (ref #9496) (#9502) ### Purpose Resend our indexes since we fixed that index-sending issue. I made a new thing to only drop the non-local-device index IDs, i.e., those for other devices. This means we will see a mismatch and resend all indexes, but they will not. This is somewhat cleaner as it avoids resending everything twice when two devices are upgraded, and in any case, we have no reason to force a resend of incoming indexes here. ### Testing It happens on my computer...

  • tomasz1986 (07 Apr 24)

    gui: Fix missing link to device editor for names with superscript (ref #9472) (#9494) The commit 7e4e65ebf53dd98f0fee3f021c399b12f5966f12 added links to devices listed in the Shared With list in the folder info. However, it only added them to those that had no superscript next to them. With this change, the links are added to all devices regardless of whether they have the superscript next to their names or not. The commit also simplifies the code by using anchors directly instead of wrapping them in spans. Signed-off-by: Tomasz Wilczyński <[email protected]>

  • Jakob Borg (05 Apr 24)

    lib/db: Hold update lock while taking snapshot (#9496)

  • Jakob Borg (05 Apr 24)

    build: Update dependencies (#9497)

  • Syncthing Release Automation (01 Apr 24)

    gui, man, authors: Update docs, translations, and contributors

  • Syncthing Release Automation (25 Mar 24)

    gui, man, authors: Update docs, translations, and contributors

  • Tim Nordenfur (22 Mar 24)

    Removed no longer relevant Bountysource link (#9480) ### Purpose Bountysource no longer exists and the readme link 404s. This removes the Bountysource link and corresponding readme section. Perhaps the section should instead be replaced by other instructions for voting on features.

  • Jakob Borg (21 Mar 24)

    lib/api: Missing return after HTTP error

  • Emil Lundberg (21 Mar 24)

    lib/api: Extract session store (#9425) This is an extract from PR #9175, which can be reviewed in isolation to reduce the volume of changes to review all at once in #9175. There are about to be several services and API handlers that read and set cookies and session state, so this abstraction will prove helpful. In particular a motivating cause for this is that with the current architecture in PR #9175, in `api.go` the [`webauthnService` needs to access the session]( for authentication purposes but needs to be instantiated before the `configMuxBuilder` for config purposes, because the WebAuthn additions to config management need to perform WebAuthn registration ceremonies, but currently the session management is embedded in the `basicAuthAndSessionMiddleware` which is [instantiated much later]( and only if authentication is enabled in `guiCfg`. This refactorization extracts the session management out from `basicAuthAndSessionMiddleware` so that `basicAuthAndSessionMiddleware` and `webauthnService` can both use the same shared session management service to perform session management logic. ### Testing This is a refactorization intended to not change any externally observable behaviour, so existing tests (e.g., `api_auth_test.go`) should cover this where appropriate. I have manually verified that: - Appending `+ "foo"` to the cookie name in `createSession` causes `TestHtmlFormLogin/invalid_URL_returns_403_before_auth_and_404_after_auth` and `TestHtmlFormLogin/UTF-8_auth_works` to fail - Inverting the return value of `hasValidSession` cases a whole bunch of tests in `TestHTTPLogin` and `TestHtmlFormLogin` to fail - (Fixed) Changing the cookie to `MaxAge: 1000` in `destroySession` does NOT cause any tests to fail! - Added tests `TestHtmlFormLogin/Logout_removes_the_session_cookie`, `TestHTTPLogin/*/Logout_removes_the_session_cookie`, `TestHtmlFormLogin/Session_cookie_is_invalid_after_logout` and `TestHTTPLogin/200_path#01/Session_cookie_is_invalid_after_logout` to cover this. - Manually verified that these tests pass both before and after the changes in this PR, and that changing the cookie to `MaxAge: 1000` or not calling `m.tokens.Delete(cookie.Value)` in `destroySession` makes the respective pair of tests fail.

  • Syncthing Release Automation (18 Mar 24)

    gui, man, authors: Update docs, translations, and contributors

  • Jaspitta (17 Mar 24)

    gui: Open devices on click in Shared With list in folder info (fixes #8972) (#9472)

  • Simon Frei (11 Mar 24)

    lib/model: Don't bump seq on error in index handler (#9459)

  • Simon Frei (10 Mar 24)

    lib/model: Prevent infinite index sending loop (fixes #9407) (#9458) Explanation of what/why in a code comment. Fixes

  • Simon Frei (05 Mar 24)

    lib/scanner: Fix ticker leak in scanner (fixes #9417) (#9451) Move the ticker closer to where it's used and defer stop it to avoid missing a branch. Fixes regression introduced in Fixes

  • Jakob Borg (04 Mar 24)

    build: Update dependencies (#9448)

  • Syncthing Release Automation (04 Mar 24)

    gui, man, authors: Update docs, translations, and contributors

Syncthing Website




Does not redirect

Security Checks

All 66 security checks passed

Server Details

  • IP Address
  • Hostname
  • Location California, Pennsylvania, United States of America, NA
  • ISP GitHub Inc.
  • ASN AS54113

Associated Countries

  • US
  • NL

Saftey Score

Website marked as safe


Blacklist Check was found on 0 blacklists

  • ThreatLog
  • OpenPhish
  • PhishTank
  • Phishing.Database
  • PhishStats
  • URLhaus
  • RPiList Not Serious
  • AntiSocial Blacklist
  • PhishFeed
  • NABP Not Recommended Sites
  • Spam404
  • CRDF
  • Artists Against 419
  • CERT Polska
  • PetScams
  • Suspicious Hosting IP
  • Phishunt
  • CoinBlockerLists
  • MetaMask EthPhishing
  • EtherScamDB
  • EtherAddressLookup
  • ViriBack C2 Tracker
  • Bambenek Consulting
  • Badbitcoin
  • SecureReload Phishing List
  • Fake Website Buster
  • TweetFeed
  • CryptoScamDB
  • StopGunScams
  • ThreatFox
  • PhishFort

Website Preview

Syncthing Docker

Container Info


Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes.


DockerHub Metrics

  • Pull Count 202,947,313
  • Stars 545
  • Date Created 14 Oct 15
  • Last Updated 2 months ago

View on DockerHub


Run Command

docker run -d \ 
  -p 8384:8384/tcp \
  -p 21027:21027/udp \
  -p 22000:22000/tcp \
  -e PUID=${PUID} \
  -e PGID=${PGID} \
  -v /portainer/Files/AppData/Config/Syncthing:/config \
  -v undefined:/sync \
  --restart=unless-stopped \

Compose File

version: 3.8
    image: linuxserver/syncthing:latest
      - 8384:8384:tcp
      - 21027:21027:udp
      - 22000:22000:tcp
      PUID: 1000
      PGID: 100
      - /portainer/Files/AppData/Config/Syncthing:/config
      - undefined:/sync
    restart: unless-stopped

Environment Variables

  • Var Name Default
  • PUID 1000
  • PGID 100

Port List

  • 8384:8384/tcp
  • 21027:21027/udp
  • 22000:22000/tcp

Volume Mounting

  • /portainer/Files/AppData/Config/Syncthing /config
  • /sync


  • read ✅ Yes
  • write ✅ Yes
  • admin ✅ Yes

Syncthing Reviews

More Backup and Sync

  • SeaFile Icon


    An open source cloud storage and sync solution. Files are grouped into Libraries, which can be individually encrypted, shared of synced. Docker image available for easy deployment, and native clients for Windows, Mac, Linux, Android and iOS.

  • NextCloud Icon


    Feature-rich productivity platform, that can be used to backup and selectively sync encrypted files and folders between 1 or more clients. A key benefit the wide range of plug-ins in the NextCloud App Store, maintained by the community. NextCloud was a hard fork off OwnCloud.

About the Data: Syncthing


You can access Syncthing's data programmatically via our API. Simply make a GET request to:

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share Syncthing

Help your friends compare Backup and Sync, and pick privacy-respecting software and services.
Share Syncthing and Awesome Privacy with your network!

View Backup and Sync (3)