Hi
Alt-F comes with a rather outdated version of Syncthing. 0.x while the latest at time of writing is 1.1.0. As syncthing includes an automatic updater this shoudln't be aproblem... except it is. Below how to make it all work.
Install the syncthing package via the package manager in Alt-F, then as root update syncthing using the command:
In my case it updated to v1.1.0
When starting syncthing (as normal user as for normal usage root is not recommended), this new version started to complain when trying to access relays:
Some investigation revelead that the golang runtime syncthing is written in could not validate the SSL/TLS certificate of
relays.syncthing.net, the reason is that it is looking for the CA certificates in the following paths, none of which match Alt-F's file
/etc/ssl/ca-bundle.cert.
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL
"/etc/ssl/ca-bundle.pem", // OpenSUSE
"/etc/pki/tls/cacert.pem", // OpenELEC
The solution was to symlink ca-bundle.pem -> ca-bundle.crt via (as root)
# cd /etc/ssl; ln -s ca-bundle.crt ca-bundle.pem
Start syncthing again and there you go, no more relay errors! ;-)
Note: As the syncthing updates can only be done by root (who owns the executable in Alt-F), I would recommend you disable the automatic updates feature via the gui as it will only complain about failed updates if you run syncthing as a regular user .... which you should.
@João:
1) any option to create such a symlink by default? It seems it woudl solve the same problem for any software written in Go.
2) Another thing is that the ca-bundle.crt seems quite outdated. Any plans to do a little update round of the CA certificates, or to make it a separate package installed by default that could be updated via the regular GUI?
Best,
Mark