Running as a System Service
Running Syncthing as a systemd service is essential for any server or always-on node. Without it, Syncthing stops when your SSH session ends or the machine reboots.
Master two patterns: a user-level service (for interactive users on desktops) and a dedicated system user service (for servers and production deployments).
Pattern 1: User Service (Desktop / Developer Machine)
This is the simplest setup. Syncthing runs as your logged-in user and uses your home directory for config.
# Enable and start Syncthing for your current user
systemctl --user enable syncthing
systemctl --user start syncthing
# Check status
systemctl --user status syncthing
# View logs
journalctl --user -u syncthing -f
User services require you to be logged in (or have loginctl enable-linger <username> active) to run at boot. See Pattern 2 for a boot-time-safe setup.
# Allow the service to start on boot even without login
loginctl enable-linger "$USER"
Pattern 2: Dedicated System User (VPS / Server)
This is the recommended pattern for servers. Create a dedicated syncthing system user and run it as a systemd system service.
Step 1: Create the System User
# Create a system user with no login shell and a home directory
sudo useradd --system --create-home --shell /usr/sbin/nologin syncthing
Step 2: Create the systemd Service File
[Unit]
Description=Syncthing - Open Source Continuous File Synchronization for %I
Documentation=man:syncthing(1)
After=network.target
[Service]
User=%i
ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0
Restart=on-failure
RestartSec=5
SuccessExitStatus=3 4
RestartForceExitStatus=3 4
# Hardening
ProtectSystem=full
PrivateTmp=true
SystemCallArchitectures=native
MemoryDenyWriteExecute=true
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
The @ in the service name makes it a template service. %i is replaced by the username you provide when enabling it.
Step 3: Enable and Start
# Reload systemd to pick up the new service file
sudo systemctl daemon-reload
# Enable and start for the 'syncthing' user
sudo systemctl enable syncthing@syncthing
sudo systemctl start syncthing@syncthing
# Check status
sudo systemctl status syncthing@syncthing
Step 4: Verify
# Watch real-time logs
sudo journalctl -u syncthing@syncthing -f
# Confirm the process is running as the 'syncthing' user
ps aux | grep syncthing
Expected output snippet:
syncthing 1234 0.1 0.5 ... syncthing serve --no-browser ...
Accessing the GUI After Service Setup
Because the service runs as the syncthing user with no browser, the GUI is still bound to 127.0.0.1:8384 on the server. Access it via SSH tunnel:
ssh -L 8384:localhost:8384 user@your-server-ip
# Open in browser: http://localhost:8384
Folder Permission Setup
If you want Syncthing to manage a folder owned by another user (e.g., /var/www/html/uploads), add the syncthing user to the appropriate group:
# Example: add syncthing user to www-data group
sudo usermod -aG www-data syncthing
# Ensure the folder is group-writable
sudo chmod g+rw /var/www/html/uploads
Service Management Cheatsheet
# Start / Stop / Restart
sudo systemctl start syncthing@syncthing
sudo systemctl stop syncthing@syncthing
sudo systemctl restart syncthing@syncthing
# Enable / Disable at boot
sudo systemctl enable syncthing@syncthing
sudo systemctl disable syncthing@syncthing
# View logs (last 100 lines)
sudo journalctl -u syncthing@syncthing -n 100
# Live log stream
sudo journalctl -u syncthing@syncthing -f
Troubleshooting
| Symptom | Root Cause | Fix |
|---|---|---|
| Service fails to start | Binary not found at /usr/bin/syncthing | Update ExecStart path: which syncthing |
| GUI unreachable | Bound to 127.0.0.1 on remote | Use SSH tunnel |
| Permission denied on folder | Syncthing user lacks access | Add user to group or fix folder permissions |
| Starts but stops immediately | Config dir not writable | Check ~syncthing/.local/share/syncthing permissions |