On Android you can isolate Apps and Files from another. The easy method is a work profile, normally a (really good) feature for companies to control your sh*t but only in that profile, and you can disable it entirely.

User Profiles are even more compartimentalized though, GrapheneOS embraces it fully, as it allows to encrypt data seperately, put data to rest while the device is on, and running apps with less privileges, possibly even testing viruses there.


So how do I get my files synchronized across these profiles?

With Syncthing this is possible:

  1. Set up your work profile using Shelter / your user profile through the settings
  2. Create a folder in both profiles that you want synchronized, here SHARED
  3. Install Syncthing in both profiles. For the work profile you could use “Shelter” to clone the app. I recommend to use Obtainium and add its repo URL

Tip: when setting up Syncthing, it doesn’t need the very insecure “access all files” permission. If you are on GrapheneOS you can restrict it to just the folders you want to Sync.

screenshot of storage scropes page

Isolated profile

  • Open Syncthing
  • it will go through the setup dialog, you can use storage scopes if you are on GrapheneOS, but on other Android it needs access to all your files.
  • If you have Energy saver on (which you should) then it may show you “Syncthing is not running”, under “Change Settings” disable run conditions (the sync is local)
  • remove the default Camera folder.
  • go to Settings
  • Disable run conditions (this is problematic if you use Syncthing also for internet Sync, but makes sure it always runs)
  • Behavior
  • Start Service directly on boot"
  • Syncthing Options: uncheck all boxes
  • Set the Device name to “isolated” for example
  • on Main screen, bottom left “show device ID” and copy it.

Main profile

  • repeat everything here too.
  • instead of copying the device ID, go to the tab “Devices”
  • name it “isolated” for example
  • at the Link symbol, instead of “dynamic”, enter tcp://127.0.0.1:22000 (this will connect over your local network)
  • add profile

Screenshot of final profile setting

You should get a notification of a device that wants to connect. Accept it and repeat the process:

  • name it “owner” for example
  • set its Link to tcp://127.0.0.1:22000

Now you have both profiles connected!

Add a Folder

  • add a Folder through the Filepicker Dialog
  • anable Syncing with the other profile
  • you will get a notification, add the folder in the other profile too, and set its Sync location.

All files placed in one folder will now appear in the other one shortly! This requires no network access, and works very well.

Note that if you also use Syncthing for regular Synchronisation between devices, you will want run conditions on the main profile.

  • Pantherina@feddit.deOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    10 months ago

    Uhm, no idea what that means :D

    Syncthing-fork is for sure more complex to use but better. Perfect definition of a Fork really.