Skip to content

Server Listener and Runtime Paths

These settings control where SyncTV listens, how other systems reach it, where runtime files are written, how logs are emitted, and how the management CLI connects.

HTTP REST and public gRPC use the same server.port.

Default:

server:
host: "0.0.0.0"

Common values:

ValueMeaningUse case
0.0.0.0Listen on all IPv4 interfacesDocker, Kubernetes, servers
127.0.0.1Localhost onlyLocal dev or reverse-proxy-only access
::Listen on all IPv6 interfacesIPv6 environments

Default:

server:
port: 8080

HTTP REST API, public gRPC API, and health checks use this port. In Helm, HTTP and gRPC are exposed through separate Services, but both target the same container port.

Default: false.

Enables public gRPC reflection. It is disabled by default; enable it explicitly for local development or controlled internal debugging, and keep it disabled on public production endpoints.

Default: 16777216, which is 16 MiB.

This limits gRPC request and response message sizes. Increase only when large batch operations require it. Avoid very high values on public endpoints.

Default:

server:
grpc_compression_enabled: true

Allows the main SyncTV process gRPC clients and servers to negotiate gzip compression, including public gRPC, management gRPC, cluster/livestream internal gRPC links, and outbound remote media-provider gRPC clients. It does not force every request to be compressed; compression is used when the peer advertises support and the message can benefit from it.

Standalone remote media-provider server deployments do not load the main SyncTV config file. Configure their server-side compression negotiation with PROVIDER_GRPC_COMPRESSION_ENABLED instead.

Keep it enabled when:

  • Cluster gRPC, remote management, batch responses, or list APIs are common.
  • Network bandwidth is tighter than CPU.
  • Kubernetes or Ingress traffic crosses nodes.

Disable it only when CPU is the tighter resource and gRPC payloads are usually small or entirely local.

Environment variable:

Terminal window
SYNCTV_SERVER_GRPC_COMPRESSION_ENABLED=true

Default: [].

Controls which reverse proxies may provide trusted client IP headers such as X-Forwarded-For.

server:
trusted_proxies:
- "10.0.0.0/8"
- "172.16.0.0/12"
- "192.168.0.0/16"

Do not use 0.0.0.0/0 or ::/0. If unsure, keep the list empty so SyncTV uses the socket peer address.

Default: [].

Allowed browser origins for cross-origin API access:

server:
cors_allowed_origins:
- "https://app.example.com"
- "https://admin.example.com"

Values must be origins only: scheme, host, and optional port. Do not include paths, query strings, or fragments.

Environment variable form:

Terminal window
SYNCTV_SERVER_CORS_ALLOWED_ORIGINS='["https://app.example.com"]'

Address that other nodes should use to reach this node.

Common cases:

  • Kubernetes: set through SYNCTV_SERVER_ADVERTISE_HOST or downward API using Pod IP.
  • Static multi-node: set an internal IP or DNS name.
  • Single-node: usually leave empty.

When empty, SyncTV tries POD_IP, then system hostname.

Default: 30.

How long shutdown waits for existing connections to drain. Increase it for many long-lived connections or smoother Kubernetes rolling updates.

time.timezone defaults to automatic detection.

Resolution order:

  1. time.timezone
  2. SYNCTV_TIME_TIMEZONE
  3. TZ
  4. System timezone
  5. UTC

Example:

time:
timezone: "Asia/Shanghai"

data_dir is the root for runtime-owned local files:

  • Management Unix socket.
  • File logs.
  • HLS livestream segments.
  • Proxy slice cache files.

Examples:

data_dir: "/var/lib/synctv"

Container deployments usually use /data and mount it as a volume.

data_dir does not affect *_file secret paths or metrics TLS cert/key paths.

FieldDefaultPurpose
logging.levelinfoLog level
logging.formatprettyHuman-readable or JSON logs
logging.filternullAdvanced tracing filter
logging.backtracefalseInclude backtraces when useful
logging.file_pathnullOptional file output

Use json in Kubernetes or log aggregation systems:

logging:
level: "info"
format: "json"

Relative logging.file_path values are resolved under data_dir. Containers usually should log to stdout instead of files.

The management endpoint is used by the synctv CLI for controlled administrative operations. It is not a client-facing business API.

FieldDefaultPurpose
management.enabledtrueEnable management endpoint
management.transportUnix on Unix-like systems, TCP elsewhereTransport mode
management.port50052TCP management port
management.unix_socket_pathplatform-specific under data_dirUnix socket path
management.auth_token""Bearer token for TCP management
management.enable_reflectionfalseManagement gRPC reflection

TCP management requires a strong auth token and should not be exposed publicly.

Unix socket paths can be relative to data_dir. TCP mode is useful for Windows or controlled remote management networks.