[bug#76379] Subject: [PATCH v1] services: syncthing: Improve Syncthnig code standard compliance.

Message ID 87bjv087rn.fsf@zacchae.us
State New
Headers
Series [bug#76379] Subject: [PATCH v1] services: syncthing: Improve Syncthnig code standard compliance. |

Commit Message

Zacchaeus Scheffer Feb. 17, 2025, 11:35 p.m. UTC
  From 17c2651075bb286ca5fedf8f84b099b27af06151 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz@zacchae.us>
Date: Mon, 17 Feb 2025 15:19:19 -0800
Subject: [PATCH v1] services: syncthing: Improve Syncthnig code standard
 compliance.

* gnu/services/syncthing.scm: (syncthing-config-file,
syncthing-folder, syncthing-device, syncthing-folder-device): Rename
fields to avoid abbreviation, boolean values switched to use #t or #f,
numbers no longer provided as strings.
* doc/guix.texi: (syncthing-service-type): Update documentation to
reflect these changes.

Change-Id: I01c059e13658a0d1ad38aaebca3dcb0a268bbdba
---

As discussed elsewhere, converted @var to @code.

Contrary to what I indicated earlier, it seems sanitizer does apply to
default values, so the solution was quite clean.  All boolean value
are handled by a sanitizer, and values default to #f or #t.

I swear I had some error somewhere when trying to serialize sxml with
numbers, but when I switched all the numbers from strings, it worked
this time, which is good.

Let me know if you think more names should be expanded.

This is a backwards-incompatible change with the earlier patch, so
lets try to get this done quickly before the swarms of syncthing
junkies chomping at the bit to integrate these new guile bindings into
critical infrastructure can adopt the old bindings.

eikcaz-

 doc/guix.texi              | 279 ++++++++++++------------
 gnu/services/syncthing.scm | 434 +++++++++++++++++++++----------------
 2 files changed, 383 insertions(+), 330 deletions(-)
  

Comments

Zacchaeus Scheffer March 11, 2025, 9:19 p.m. UTC | #1
Hi Leo,


Regarding your irc question about steps to upgrade, I did explain what
was backwards-incompatible in the patch annotation, but for completion I
can enumerate all possible implications.  I was able to handle data type
changes in a backwards-compatible way.  There are two considerations,
file locations, and record field renames, which I will list below in two
respective groups with tl;dr's:


FILE LOCATIONS:

tl;dr make sure the id (*.pem) files you want to use are in
`~/.local/state/syncthing/` and make sure
`~/.config/syncthing/config.xml` does not exist after upgrade.

If `config-file` was non-nil, then Guix will have generated configuration
in ~/.config/syncthing.  To avoid a change in device ID, the user should
move the .pem files from there to ~/.local/state/syncthing.  Also move
the config file itself in case it became a non-simlink for one of a few
reasons[1].

mv ~/.config/syncthing/*.pem ~/.config/syncthing/*.xml ~/.local/state/syncthing/

Of course, if the user had *.pem in ~/.local/state/syncthing which they
prefer to use (and were annoyed when the first version of this patch
changed their device ID), they may want to keep the *.pem files in
~/.local/state/syncthing.  Regardless, they should make sure
~/.config/syncthnig/config.xml does not exist, or it will override the
one provided by the service.

[1] Users might have a config.xml in ~/.config/syncthing/ which does not
get removed on upgrade because it is not a symlink, either because they
modified something in-gui which rewrote the file as not a symlink,
because they have a very old Syncthing install (which respects old
config paths after upgrade), or because they manually chose to switch
their config to ~/.config/syncthing/ at some point (more people than you
might think).


RECORD FIELD RENAMES:

tl;dr a bunch of record field names changed, but they are ones that are
rarely used, and guix will (loudly) tell you which fields are wrong.

In short, boolean fields now end in '?', and the following name
expansions were made:

s -> seconds
m -> minutes
h -> hours
fs -> file-system
pct -> percentage
perms -> permissions
mcaddr -> mac-address

more verbosely, here are the name changes by record:

syncthing-device:
introducer -> introducer?
skip-introduction-removals -> skip-introduction-removals?
paused -> paused?
auto-accept-folders -> auto-accept-folders?
untrusted -> untrusted?
recv -> receive
auth -> authorization

syncthing-folder:
versioning-fs-path -> versioning-file-system-path
versioning-fs-type -> versioning-file-system-type
versioning-cleanup-interval-s -> versioning-cleanup-interval-seconds
ignore-delete -> ignore-delete?
scan-progress-interval-s -> scan-progress-interval-seconds
puller-pause-s -> puller-pause-seconds
disable-sparse-files -> disable-sparse-files?
disable-temp-indexes -> disable-temp-indexes?
paused -> paused?
weak-hash-threshold-pct -> weak-hash-threshold-percentage
copy-ownership-from-parent -> copy-ownership-from-parent?
mod-time-window-s -> mod-time-window-seconds
disable-fsync -> disable-fsync?
case-sensitive-fs -> case-sensitive-file-system?
junctions-as-dirs -> junctions-as-dirs?
sync-ownership -> sync-ownership?
send-ownership -> send-ownership?
sync-xattrs -> sync-xattrs?
send-xattrs -> send-xattrs?
rescan-interval-s -> rescan-interval-seconds
fs-watcher-enabled -> file-system-watcher-enabled?
fs-watcher-delay-s -> file-system-watcher-delay-seconds
fs-watcher-timeout-s -> file-system-watcher-timeout-seconds
ignore-perms -> ignore-permissions?
auto-normalize -> auto-normalize?

syncthing-config-file
announce-lan-addresses -> announce-lan-addresses?
send-full-index-on-upgrade -> send-full-index-on-upgrade?
insecure-allow-old-tls-versions -> insecure-allow-old-tls-versions?
crash-reporting-enabled -> crash-reporting-enabled?
stun-keepalive-start-s -> stun-keepalive-start-seconds
stun-keepalive-min-s -> stun-keepalive-min-seconds
set-low-priority -> set-low-priority?
overwrite-remote-device-names-on-connect -> overwrite-remote-device-names-on-connect?
global-announce-enabled -> global-announce-enabled?
local-announce-enabled -> local-announce-enabled?
local-announce-mcaddr -> local-announce-mac-address
max-recv-kbps -> max-receive-kbps
reconnection-interval-s -> reconnection-interval-seconds
relays-enabled -> relays-enabled?
relay-reconnect-interval-m -> relay-reconnect-interval-minutes
start-browser -> start-browser?
nat-enabled -> nat-enabled?
ur-accepted -> usage-reporting-accepted
ur-seen -> usage-reporting-seen
ur-unique-id -> usage-reporting-unique-id
ur-url -> usage-reporting-url
ur-post-insecurely -> usage-reporting-post-insecurely?
ur-initial-delay-s -> usage-reporting-initial-delay-seconds
auto-upgrade-interval-h -> auto-upgrade-interval-hours
upgrade-to-pre-releases -> upgrade-to-pre-releases?
keep-temporaries-h -> keep-temporaries-hours
cache-ignored-files -> cache-ignored-files?
progress-update-interval-s -> progress-update-interval-seconds
limit-bandwidth-in-lan -> limit-bandwidth-in-lan?
ldap-enabled -> ldap-enabled?
gui-enabled -> gui-enabled?
gui-tls -> gui-tls?
gui-debugging -> gui-debugging?
gui-send-basic-auth-prompt -> gui-send-basic-authorization-prompt?


eikcaz-
  
Zacchaeus Scheffer March 12, 2025, 4:16 a.m. UTC | #2
Hi Leo,


Here is the most succint version that covers all cases:

Users that have `config-file` set in their `syncthing-configuration`
should ensure ~/.config/syncthing/config.xml does not exist after
reconfigure.  The following should ensure as much:

mv ~/.config/syncthing/config.xml ~/.config/syncthing/config.xml.bak 2> /dev/null

Additionally, users should ensure the *.pem files in
~/.local/state/syncthing/ refer to the desired device ID.  Especially
old Syncthing install, early adopters of the `config-file`
`syncthing-configuration` field, and people that previously opted to
configure syncthing from ~/.config/ will have their device ID change if
they do not move *.pem files from ~/.config/syncthing/ to
~/.local/state/syncthing.  You can maintain this device ID by running
the following

cp ~/.config/syncthing/*.pem  ~/.local/state/syncthing/

Note that if you specified `config-file` previously and had your device
ID change, and would like your original device ID back, then do NOT run
the above.

Finally, there are some obscure fields of the various syncthing records
that were renamed (notably, booleans now end in '?').  See the relevant
section of the documentation for the new names.


eikcaz-
  
Leo Famulari March 14, 2025, 8:13 p.m. UTC | #3
Pushed as 0e51c6547ffdaf91777f7383da4a52a1a07b7286 along with a news
entry. Thanks!
  

Patch

diff --git a/doc/guix.texi b/doc/guix.texi
index 54a736c518..b74fb69970 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -22835,11 +22835,11 @@  Data type representing the configuration file read by the Syncthing
 daemon.
 
 @table @asis
-@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+@item @code{folders} (default: @code{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
 The default here is the same as Syncthing's default.  The value should
 be a list of @code{syncthing-folder}s.
 
-@item @code{devices} (default: @var{'()}
+@item @code{devices} (default: @code{'()}
 This should be a list of @code{syncthing-device}s.  Guix will
 automatically add any devices specified in any `folders' to this list.
 There are instances when you want to connect to a device despite not
@@ -22849,108 +22849,108 @@  here.  If multiple versions of the same device (as determined by
 comparing device ID) are discovered, the one in this list is
 prioritized.  Otherwise, the first instance in the first folder is used.
 
-@item @code{gui-enabled} (default: @var{"true"})
+@item @code{gui-enabled?} (default: @code{#t})
 By default, any user on the computer can access the GUI and make changes
 to Syncthing.  If you leave this enabled, you should probably set
 @code{gui-user} and @code{gui-password} (see below).
 
-@item @code{gui-tls} (default: @var{"false"})
-@item @code{gui-debugging} (default: @var{"false"})
-@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
-@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
-@item @code{gui-user} (default: @var{#f})
-@item @code{gui-password} (default: @var{#f})
+@item @code{gui-tls?} (default: @code{#f})
+@itemx @code{gui-debugging?} (default: @code{#f})
+@itemx @code{gui-send-basic-authorization-prompt?} (default: @code{#f})
+@itemx @code{gui-address} (default: @code{"127.0.0.1:8384"})
+@itemx @code{gui-user} (default: @code{#f})
+@itemx @code{gui-password} (default: @code{#f})
 A bcrypt hash of the GUI password.  Remember that this will be globally
 exposed in @file{/gnu/store}.
 
-@item @code{gui-apikey} (default: @var{#f})
+@item @code{gui-apikey} (default: @code{#f})
 You must specify this to use the Syncthing REST interface.  This key is
 kept in @file{/gnu/store} and is accessible to all users of the system.
 
-@item @code{gui-theme} (default: @var{"default"})
-@item @code{ldap-enabled} (default: @var{#f})
-@item @code{ldap-address} (default: @var{""})
-@item @code{ldap-bind-dn} (default: @var{""})
-@item @code{ldap-transport} (default: @var{""})
-@item @code{ldap-insecure-skip-verify} (default: @var{""})
-@item @code{ldap-search-base-dn} (default: @var{""})
-@item @code{ldap-search-filter} (default: @var{""})
-@item @code{listen-address} (default: @var{"default"})
-@item @code{global-announce-server} (default: @var{"default"})
-@item @code{global-announce-enabled} (default: @var{"true"})
+@item @code{gui-theme} (default: @code{"default"})
+@itemx @code{ldap-enabled?} (default: @code{#f})
+@itemx @code{ldap-address} (default: @code{""})
+@itemx @code{ldap-bind-dn} (default: @code{""})
+@itemx @code{ldap-transport} (default: @code{""})
+@itemx @code{ldap-insecure-skip-verify} (default: @code{""})
+@itemx @code{ldap-search-base-dn} (default: @code{""})
+@itemx @code{ldap-search-filter} (default: @code{""})
+@itemx @code{listen-address} (default: @code{"default"})
+@itemx @code{global-announce-server} (default: @code{"default"})
+@itemx @code{global-announce-enabled?} (default: @code{#t})
 Global discovery servers can be used to help connect devices at unknown
 IP addresses by storing the last known IP address.
 
-@item @code{local-announce-enabled} (default: @var{"true"})
+@item @code{local-announce-enabled?} (default: @code{#t})
 This makes devices find each other very easily on the same LAN.  Often,
 this will allow you to just plug an Ethernet between two devices, or
 connect one device to the other's hotspot and start syncing.
 
-@item @code{local-announce-port} (default: @var{"21027"})
-@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
-@item @code{max-send-kbps} (default: @var{"0"})
-@item @code{max-recv-kbps} (default: @var{"0"})
-@item @code{reconnection-interval-s} (default: @var{"60"})
-@item @code{relays-enabled} (default: @var{"true"})
+@item @code{local-announce-port} (default: @code{21027})
+@itemx @code{local-announce-mac-address} (default: @code{"[ff12::8384]:21027"})
+@itemx @code{max-send-kbps} (default: @code{0})
+@itemx @code{max-receive-kbps} (default: @code{0})
+@itemx @code{reconnection-interval-seconds} (default: @code{60})
+@itemx @code{relays-enabled?} (default: @code{#t})
 This option allows your Syncthing instance to use a global network of
 @uref{https://docs.syncthing.net/users/relaying.html, relays} to enable
 syncing between devices when all other methods fail.  As always,
 Syncthing traffic is encrypted in transport and the relays are unable to
 decrypt it.
 
-@item @code{relay-reconnect-interval-m} (default: @var{"10"})
-@item @code{start-browser} (default: @var{"true"})
-@item @code{nat-enabled} (default: @var{"true"})
-@item @code{nat-lease-minutes} (default: @var{"60"})
-@item @code{nat-renewal-minutes} (default: @var{"30"})
-@item @code{nat-timeout-seconds} (default: @var{"10"})
-@item @code{ur-accepted} (default: @var{"0"})
-Options whose names begin with `ur-' control usage reporting.  Set to -1
+@item @code{relay-reconnect-interval-minutes} (default: @code{10})
+@itemx @code{start-browser?} (default: @code{#t})
+@itemx @code{nat-enabled?} (default: @code{#t})
+@itemx @code{nat-lease-minutes} (default: @code{60})
+@itemx @code{nat-renewal-minutes} (default: @code{30})
+@itemx @code{nat-timeout-seconds} (default: @code{10})
+@itemx @code{usage-reporting-accepted} (default: @code{0})
+Options whose names begin with `usage-reporting-' control usage reporting.  Set to -1
 to disable, or to a positive value to enable.  The default (0) disables
 reporting, but causes a usage reporting consent prompt to be displayed
 in the Syncthing GUI.
 
-@item @code{ur-seen} (default: @var{"0"})
-@item @code{ur-unique-id} (default: @var{""})
-@item @code{ur-url} (default: @var{"https://data.syncthing.net/newdata"})
-@item @code{ur-post-insecurely} (default: @var{"false"})
-@item @code{ur-initial-delay-s} (default: @var{"1800"})
-@item @code{auto-upgrade-interval-h} (default: @var{"12"})
-@item @code{upgrade-to-pre-releases} (default: @var{"false"})
-@item @code{keep-temporaries-h} (default: @var{"24"})
-@item @code{cache-ignored-files} (default: @var{"false"})
-@item @code{progress-update-interval-s} (default: @var{"5"})
-@item @code{limit-bandwidth-in-lan} (default: @var{"false"})
-@item @code{min-home-disk-free-unit} (default: @var{"%"})
-@item @code{min-home-disk-free} (default: @var{"1"})
-@item @code{releases-url} (default: @var{"https://upgrades.syncthing.net/meta.json"})
-@item @code{overwrite-remote-device-names-on-connect} (default: @var{"false"})
-@item @code{temp-index-min-blocks} (default: @var{"10"})
-@item @code{unacked-notification-id} (default: @var{"authenticationUserAndPassword"})
-@item @code{traffic-class} (default: @var{"0"})
-@item @code{set-low-priority} (default: @var{"true"})
-@item @code{max-folder-concurrency} (default: @var{"0"})
-@item @code{crash-reporting-url} (default: @var{"https://crash.syncthing.net/newcrash"})
-@item @code{crash-reporting-enabled} (default: @var{"true"})
-@item @code{stun-keepalive-start-s} (default: @var{"180"})
-@item @code{stun-keepalive-min-s} (default: @var{"20"})
-@item @code{stun-server} (default: @var{"default"})
-@item @code{database-tuning} (default: @var{"auto"})
-@item @code{max-concurrent-incoming-request-kib} (default: @var{"0"})
-@item @code{announce-lan-addresses} (default: @var{"true"})
-@item @code{send-full-index-on-upgrade} (default: @var{"false"})
-@item @code{connection-limit-enough} (default: @var{"0"})
-@item @code{connection-limit-max} (default: @var{"0"})
-@item @code{insecure-allow-old-tls-versions} (default: @var{"false"})
-@item @code{connection-priority-tcp-lan} (default: @var{"10"})
-@item @code{connection-priority-quic-lan} (default: @var{"20"})
-@item @code{connection-priority-tcp-wan} (default: @var{"30"})
-@item @code{connection-priority-quic-wan} (default: @var{"40"})
-@item @code{connection-priority-relay} (default: @var{"50"})
-@item @code{connection-priority-upgrade-threshold} (default: @var{"0"})
-@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
-@item @code{default-device} (default: @var{(syncthing-device (id ""))})
-@item @code{default-ignores} (default: @var{"")})
+@item @code{usage-reporting-seen} (default: @code{0})
+@itemx @code{usage-reporting-unique-id} (default: @code{""})
+@itemx @code{usage-reporting-url} (default: @code{"https://data.syncthing.net/newdata"})
+@itemx @code{usage-reporting-post-insecurely?} (default: @code{#f})
+@itemx @code{usage-reporting-initial-delay-seconds} (default: @code{1800})
+@itemx @code{auto-upgrade-interval-hours} (default: @code{12})
+@itemx @code{upgrade-to-pre-releases?} (default: @code{#f})
+@itemx @code{keep-temporaries-hours} (default: @code{24})
+@itemx @code{cache-ignored-files?} (default: @code{#f})
+@itemx @code{progress-update-interval-seconds} (default: @code{5})
+@itemx @code{limit-bandwidth-in-lan?} (default: @code{#f})
+@itemx @code{min-home-disk-free-unit} (default: @code{"%"})
+@itemx @code{min-home-disk-free} (default: @code{1})
+@itemx @code{releases-url} (default: @code{"https://upgrades.syncthing.net/meta.json"})
+@itemx @code{overwrite-remote-device-names-on-connect?} (default: @code{#f})
+@itemx @code{temp-index-min-blocks} (default: @code{10})
+@itemx @code{unacked-notification-id} (default: @code{"authenticationUserAndPassword"})
+@itemx @code{traffic-class} (default: @code{0})
+@itemx @code{set-low-priority?} (default: @code{#t})
+@itemx @code{max-folder-concurrency} (default: @code{0})
+@itemx @code{crash-reporting-url} (default: @code{"https://crash.syncthing.net/newcrash"})
+@itemx @code{crash-reporting-enabled?} (default: @code{#t})
+@itemx @code{stun-keepalive-start-seconds} (default: @code{180})
+@itemx @code{stun-keepalive-min-seconds} (default: @code{20})
+@itemx @code{stun-server} (default: @code{"default"})
+@itemx @code{database-tuning} (default: @code{"auto"})
+@itemx @code{max-concurrent-incoming-request-kib} (default: @code{0})
+@itemx @code{announce-lan-addresses?} (default: @code{#t})
+@itemx @code{send-full-index-on-upgrade} (default: @code{#f})
+@itemx @code{connection-limit-enough} (default: @code{0})
+@itemx @code{connection-limit-max} (default: @code{0})
+@itemx @code{insecure-allow-old-tls-versions} (default: @code{#f})
+@itemx @code{connection-priority-tcp-lan} (default: @code{10})
+@itemx @code{connection-priority-quic-lan} (default: @code{20})
+@itemx @code{connection-priority-tcp-wan} (default: @code{30})
+@itemx @code{connection-priority-quic-wan} (default: @code{40})
+@itemx @code{connection-priority-relay} (default: @code{50})
+@itemx @code{connection-priority-upgrade-threshold} (default: @code{0})
+@itemx @code{default-folder} (default: @code{(syncthing-folder (label ""))})
+@itemx @code{default-device} (default: @code{(syncthing-device (id ""))})
+@itemx @code{default-ignores} (default: @code{"")})
 Options whose names begin with `default-' above do not affect folders
 and devices added through the Guix configuration interface.  They will,
 however, affect folders and devices that are added through the Syncthing
@@ -22963,7 +22963,7 @@  GUI, by an @code{introducer}, or a device with
 Data type representing a folder to be synchronized.
 
 @table @asis
-@item @code{id} (default: @var{#f})
+@item @code{id} (default: @code{#f})
 This ID cannot match the ID of any other folder on this device.  If left
 unspecified, it will default to the label (see below).
 
@@ -22973,56 +22973,57 @@  A human readable label for the folder.
 @item @code{path}
 The path at which to store this folder.
 
-@item @code{type} (default: @var{"sendreceive"})
-@item @code{rescan-interval-s} (default: @var{"3600"})
-@item @code{fs-watcher-enabled} (default: @var{"true"})
-@item @code{fs-watcher-delay-s} (default: @var{"10"})
-@item @code{ignore-perms} (default: @var{"false"})
-@item @code{auto-normalize} (default: @var{"true"})
-@item @code{devices} (default: @var{'()})
+@item @code{type} (default: @code{"sendreceive"})
+@itemx @code{rescan-interval-seconds} (default: @code{3600})
+@itemx @code{file-system-watcher-enabled?} (default: @code{#t})
+@itemx @code{file-system-watcher-delay-seconds} (default: @code{10})
+@itemx @code{file-system-watcher-timeout-seconds} (default: @code{0})
+@itemx @code{ignore-permissions?} (default: @code{#f})
+@itemx @code{auto-normalize?} (default: @code{#t})
+@itemx @code{devices} (default: @code{'()})
 This should be a list of other Syncthing devices.  You do not need to
 specify the current device.  Each device can be listed as a a
 @code{syncthing-device} record or a @code{syncthing-folder-device}
 record if you want files to be encrypted on disk.  See below.
 
-@item @code{filesystem-type} (default: @var{"basic"})
-@item @code{min-disk-free-unit} (default: @var{"%"})
-@item @code{min-disk-free} (default: @var{"1"})
-@item @code{versioning-type} (default: @var{#f})
-@item @code{versioning-fs-path} (default: @var{""})
-@item @code{versioning-fs-type} (default: @var{"basic"})
-@item @code{versioning-cleanup-interval-s} (default: @var{"3600"})
-@item @code{versioning-cleanout-days} (default: @var{#f})
-@item @code{versioning-keep} (default: @var{#f})
-@item @code{versioning-max-age} (default: @var{#f})
-@item @code{versioning-command} (default: @var{#f})
-@item @code{copiers} (default: @var{"0"})
-@item @code{puller-max-pending-kib} (default: @var{"0"})
-@item @code{hashers} (default: @var{"0"})
-@item @code{order} (default: @var{"random"})
-@item @code{ignore-delete} (default: @var{"false"})
-@item @code{scan-progress-interval-s} (default: @var{"0"})
-@item @code{puller-pause-s} (default: @var{"0"})
-@item @code{max-conflicts} (default: @var{"10"})
-@item @code{disable-sparse-files} (default: @var{"false"})
-@item @code{disable-temp-indexes} (default: @var{"false"})
-@item @code{paused} (default: @var{"false"})
-@item @code{weak-hash-threshold-pct} (default: @var{"25"})
-@item @code{marker-name} (default: @var{".stfolder"})
-@item @code{copy-ownership-from-parent} (default: @var{"false"})
-@item @code{mod-time-window-s} (default: @var{"0"})
-@item @code{max-concurrent-writes} (default: @var{"2"})
-@item @code{disable-fsync} (default: @var{"false"})
-@item @code{block-pull-order} (default: @var{"standard"})
-@item @code{copy-range-method} (default: @var{"standard"})
-@item @code{case-sensitive-fs} (default: @var{"false"})
-@item @code{junctions-as-dirs} (default: @var{"false"})
-@item @code{sync-ownership} (default: @var{"false"})
-@item @code{send-ownership} (default: @var{"false"})
-@item @code{sync-xattrs} (default: @var{"false"})
-@item @code{send-xattrs} (default: @var{"false"})
-@item @code{xattr-filter-max-single-entry-size} (default: @var{"1024"})
-@item @code{xattr-filter-max-total-size} (default: @var{"4096")})
+@item @code{filesystem-type} (default: @code{"basic"})
+@itemx @code{min-disk-free-unit} (default: @code{"%"})
+@itemx @code{min-disk-free} (default: @code{1})
+@itemx @code{versioning-type} (default: @code{#f})
+@itemx @code{versioning-file-system-path} (default: @code{""})
+@itemx @code{versioning-file-system-type} (default: @code{"basic"})
+@itemx @code{versioning-cleanup-interval-seconds} (default: @code{3600})
+@itemx @code{versioning-cleanout-days} (default: @code{#f})
+@itemx @code{versioning-keep} (default: @code{#f})
+@itemx @code{versioning-max-age} (default: @code{#f})
+@itemx @code{versioning-command} (default: @code{#f})
+@itemx @code{copiers} (default: @code{0})
+@itemx @code{puller-max-pending-kib} (default: @code{0})
+@itemx @code{hashers} (default: @code{0})
+@itemx @code{order} (default: @code{"random"})
+@itemx @code{ignore-delete?} (default: @code{#f})
+@itemx @code{scan-progress-interval-seconds} (default: @code{0})
+@itemx @code{puller-pause-seconds} (default: @code{0})
+@itemx @code{max-conflicts} (default: @code{10})
+@itemx @code{disable-sparse-files?} (default: @code{#f})
+@itemx @code{disable-temp-indexes?} (default: @code{#f})
+@itemx @code{paused?} (default: @code{#f})
+@itemx @code{weak-hash-threshold-percentage} (default: @code{25})
+@itemx @code{marker-name} (default: @code{".stfolder"})
+@itemx @code{copy-ownership-from-parent?} (default: @code{#f})
+@itemx @code{mod-time-window-seconds} (default: @code{0})
+@itemx @code{max-concurrent-writes} (default: @code{2})
+@itemx @code{disable-fsync?} (default: @code{#f})
+@itemx @code{block-pull-order} (default: @code{"standard"})
+@itemx @code{copy-range-method} (default: @code{"standard"})
+@itemx @code{case-sensitive-file-system?} (default: @code{#f})
+@itemx @code{junctions-as-dirs?} (default: @code{#f})
+@itemx @code{sync-ownership?} (default: @code{#f})
+@itemx @code{send-ownership?} (default: @code{#f})
+@itemx @code{sync-xattrs?} (default: @code{#f})
+@itemx @code{send-xattrs?} (default: @code{#f})
+@itemx @code{xattr-filter-max-single-entry-size} (default: @code{1024})
+@itemx @code{xattr-filter-max-total-size} (default: @code{4096})
 @end table
 @end deftp
 
@@ -23035,28 +23036,28 @@  A long hash representing the keys generated by Syncthing on the first
 launch.  You can obtain this from the Syncthing GUI or by inspecting an
 existing Syncthing configuration file.
 
-@item @code{name} (default: @var{""})
+@item @code{name} (default: @code{""})
 A human readable device name for viewing in the GUI or in Scheme.
 
-@item @code{compression} (default: @var{"metadata"})
-@item @code{introducer} (default: @var{"false"})
-@item @code{skip-introduction-removals} (default: @var{"false"})
-@item @code{introduced-by} (default: @var{""})
-@item @code{addresses} (default: @var{'("dynamic")})
+@item @code{compression} (default: @code{"metadata"})
+@itemx @code{introducer?} (default: @code{#f})
+@itemx @code{skip-introduction-removals?} (default: @code{#f})
+@itemx @code{introduced-by} (default: @code{""})
+@itemx @code{addresses} (default: @code{'("dynamic")})
 List of addresses at which to search for this device.  When the special
 value ``dynamic'' is included, Syncthing will search for the device
 locally as well as via the Syncthing project's
 @uref{https://docs.syncthing.net/users/security.html#global-discovery,
 global discovery} servers.
 
-@item @code{paused} (default: @var{"false"})
-@item @code{auto-accept-folders} (default: @var{"false"})
-@item @code{max-send-kbps} (default: @var{"0"})
-@item @code{max-recv-kbps} (default: @var{"0"})
-@item @code{max-request-kib} (default: @var{"0"})
-@item @code{untrusted} (default: @var{"false"})
-@item @code{remote-gui-port} (default: @var{"0"})
-@item @code{num-connections} (default: @var{"0")})
+@item @code{paused?} (default: @code{#f})
+@itemx @code{auto-accept-folders?} (default: @code{#f})
+@itemx @code{max-send-kbps} (default: @code{0})
+@itemx @code{max-receive-kbps} (default: @code{0})
+@itemx @code{max-request-kib} (default: @code{0})
+@itemx @code{untrusted?} (default: @code{#f})
+@itemx @code{remote-gui-port} (default: @code{0})
+@itemx @code{num-connections} (default: @code{0})
 
 @end table
 @end deftp
@@ -23077,14 +23078,14 @@  If you don't need to use these options, then you can just use
 @item @code{device}
 The @code{syncthing-device} for which this configuration applies.
 
-@item @code{introduced-by} (default: @var{""})
+@item @code{introduced-by} (default: @code{""})
 The name of the device that "introduced" our device to the device
 sharing this folder.  This is only used when "introduced" devices are
 removed by the introducer.  See
 @uref{https://docs.syncthing.net/users/introducer.html, Syncthing
 introductions}.
 
-@item @code{encryption-password} (default: @var{""})
+@item @code{encryption-password} (default: @code{""})
 The password used to encrypt data that is synchronized to untrusted
 devices.
 
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index 46333fcb0f..56e9aa2df8 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -47,44 +47,52 @@  (define-module (gnu services syncthing)
 ;;;
 ;;; Code:
 
+(define (bool->xml-string bool)
+  (if bool "true" "false"))
+
 (define-record-type* <syncthing-device>
   syncthing-device make-syncthing-device
   syncthing-device?
   (id syncthing-device-id)
   (name syncthing-device-name (default ""))
   (compression syncthing-device-compression (default "metadata"))
-  (introducer syncthing-device-introducer (default "false"))
-  (skip-introduction-removals syncthing-device-skip-introduction-removals (default "false"))
+  (introducer? syncthing-device-introducer? (default #f)
+               (sanitize bool->xml-string))
+  (skip-introduction-removals? syncthing-device-skip-introduction-removals? (default #f)
+                               (sanitize bool->xml-string))
   (introduced-by syncthing-device-introduced-by (default ""))
   (addresses syncthing-device-addresses (default '("dynamic")))
-  (paused syncthing-device-paused (default "false"))
-  (auto-accept-folders syncthing-device-auto-accept-folders (default "false"))
-  (max-send-kbps syncthing-device-max-send-kbps (default "0"))
-  (max-recv-kbps syncthing-device-max-recv-kbps (default "0"))
-  (max-request-kib syncthing-device-max-request-kib (default "0"))
-  (untrusted syncthing-device-untrusted (default "false"))
-  (remote-gui-port syncthing-device-remote-gui-port (default "0"))
-  (num-connections syncthing-device-num-connections (default "0")))
+  (paused? syncthing-device-paused? (default #f)
+           (sanitize bool->xml-string))
+  (auto-accept-folders? syncthing-device-auto-accept-folders? (default #f)
+                        (sanitize bool->xml-string))
+  (max-send-kbps syncthing-device-max-send-kbps (default 0))
+  (max-receive-kbps syncthing-device-max-receive-kbps (default 0))
+  (max-request-kib syncthing-device-max-request-kib (default 0))
+  (untrusted? syncthing-device-untrusted? (default #f)
+              (sanitize bool->xml-string))
+  (remote-gui-port syncthing-device-remote-gui-port (default 0))
+  (num-connections syncthing-device-num-connections (default 0)))
 
 (define syncthing-device->sxml
   (match-record-lambda <syncthing-device>
       (id
-       name compression introducer skip-introduction-removals introduced-by
-       addresses paused auto-accept-folders max-send-kbps max-recv-kbps
-       max-request-kib untrusted remote-gui-port num-connections)
+       name compression introducer? skip-introduction-removals? introduced-by
+       addresses paused? auto-accept-folders? max-send-kbps max-receive-kbps
+       max-request-kib untrusted? remote-gui-port num-connections)
     `(device (@ (id ,id)
                 (name ,name)
                 (compression ,compression)
-                (introducer ,introducer)
-                (skipIntroductionRemovals ,skip-introduction-removals)
+                (introducer ,introducer?)
+                (skipIntroductionRemovals ,skip-introduction-removals?)
                 (introducedBy ,introduced-by))
              ,@(map (lambda (address) `(address ,address)) addresses)
-             (paused ,paused)
-             (autoAcceptFolders ,auto-accept-folders)
+             (paused ,paused?)
+             (autoAcceptFolders ,auto-accept-folders?)
              (maxSendKbps ,max-send-kbps)
-             (maxRecvKbps ,max-recv-kbps)
+             (maxRecvKbps ,max-receive-kbps)
              (maxRequestKiB ,max-request-kib)
-             (untrusted ,untrusted)
+             (untrusted ,untrusted?)
              (remoteGUIPort ,remote-gui-port)
              (numConnections ,num-connections))))
 
@@ -109,12 +117,15 @@  (define-record-type* <syncthing-folder>
   (label syncthing-folder-label)
   (path syncthing-folder-path)
   (type syncthing-folder-type (default "sendreceive"))
-  (rescan-interval-s syncthing-folder-rescan-interval-s (default "3600"))
-  (fs-watcher-enabled syncthing-folder-fs-watcher-enabled (default "true"))
-  (fs-watcher-delay-s syncthing-folder-fs-watcher-delay-s (default "10"))
-  (fs-watcher-timeout-s syncthing-folder-fs-watcher-timeout-s (default "0"))
-  (ignore-perms syncthing-folder-ignore-perms (default "false"))
-  (auto-normalize syncthing-folder-auto-normalize (default "true"))
+  (rescan-interval-seconds syncthing-folder-rescan-interval-seconds (default 3600))
+  (file-system-watcher-enabled? syncthing-folder-file-system-watcher-enabled? (default #t)
+                       (sanitize bool->xml-string))
+  (file-system-watcher-delay-seconds syncthing-folder-file-system-watcher-delay-seconds (default 10))
+  (file-system-watcher-timeout-seconds syncthing-folder-file-system-watcher-timeout-seconds (default 0))
+  (ignore-permissions? syncthing-folder-ignore-permissions? (default #f)
+                       (sanitize bool->xml-string))
+  (auto-normalize? syncthing-folder-auto-normalize? (default #t)
+                   (sanitize bool->xml-string))
   (devices syncthing-folder-devices (default '())
            (sanitize (lambda (folder-device-list)
                        (map (lambda (device)
@@ -124,42 +135,54 @@  (define-record-type* <syncthing-folder>
                             folder-device-list))))
   (filesystem-type syncthing-folder-filesystem-type (default "basic"))
   (min-disk-free-unit syncthing-folder-min-disk-free-unit (default "%"))
-  (min-disk-free syncthing-folder-min-disk-free (default "1"))
+  (min-disk-free syncthing-folder-min-disk-free (default 1))
   (versioning-type syncthing-folder-versioning-type (default #f))
-  (versioning-fs-path syncthing-folder-versioning-fs-path (default ""))
-  (versioning-fs-type syncthing-folder-versioning-fs-type (default "basic"))
-  (versioning-cleanup-interval-s syncthing-folder-versioning-cleanup-interval-s (default "3600"))
+  (versioning-file-system-path syncthing-folder-versioning-file-system-path (default ""))
+  (versioning-file-system-type syncthing-folder-versioning-file-system-type (default "basic"))
+  (versioning-cleanup-interval-seconds syncthing-folder-versioning-cleanup-interval-seconds (default 3600))
   (versioning-cleanout-days syncthing-folder-versioning-cleanout-days (default #f))
   (versioning-keep syncthing-folder-versioning-keep (default #f))
   (versioning-max-age syncthing-folder-versioning-max-age (default #f))
   (versioning-command syncthing-folder-versioning-command (default #f))
-  (copiers syncthing-folder-copiers (default "0"))
-  (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default "0"))
-  (hashers syncthing-folder-hashers (default "0"))
+  (copiers syncthing-folder-copiers (default 0))
+  (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default 0))
+  (hashers syncthing-folder-hashers (default 0))
   (order syncthing-folder-order (default "random"))
-  (ignore-delete syncthing-folder-ignore-delete (default "false"))
-  (scan-progress-interval-s syncthing-folder-scan-progress-interval-s (default "0"))
-  (puller-pause-s syncthing-folder-puller-pause-s (default "0"))
-  (max-conflicts syncthing-folder-max-conflicts (default "10"))
-  (disable-sparse-files syncthing-folder-disable-sparse-files (default "false"))
-  (disable-temp-indexes syncthing-folder-disable-temp-indexes (default "false"))
-  (paused syncthing-folder-paused (default "false"))
-  (weak-hash-threshold-pct syncthing-folder-weak-hash-threshold-pct (default "25"))
+  (ignore-delete? syncthing-folder-ignore-delete? (default #f)
+                  (sanitize bool->xml-string))
+  (scan-progress-interval-seconds syncthing-folder-scan-progress-interval-seconds (default 0))
+  (puller-pause-seconds syncthing-folder-puller-pause-seconds (default 0))
+  (max-conflicts syncthing-folder-max-conflicts (default 10))
+  (disable-sparse-files? syncthing-folder-disable-sparse-files? (default #f)
+                         (sanitize bool->xml-string))
+  (disable-temp-indexes? syncthing-folder-disable-temp-indexes? (default #f)
+                         (sanitize bool->xml-string))
+  (paused? syncthing-folder-paused? (default #f)
+           (sanitize bool->xml-string))
+  (weak-hash-threshold-percentage syncthing-folder-weak-hash-threshold-percentage (default 25))
   (marker-name syncthing-folder-marker-name (default ".stfolder"))
-  (copy-ownership-from-parent syncthing-folder-copy-ownership-from-parent (default "false"))
-  (mod-time-window-s syncthing-folder-mod-time-window-s (default "0"))
-  (max-concurrent-writes syncthing-folder-max-concurrent-writes (default "2"))
-  (disable-fsync syncthing-folder-disable-fsync (default "false"))
+  (copy-ownership-from-parent? syncthing-folder-copy-ownership-from-parent? (default #f)
+                               (sanitize bool->xml-string))
+  (mod-time-window-seconds syncthing-folder-mod-time-window-seconds (default 0))
+  (max-concurrent-writes syncthing-folder-max-concurrent-writes (default 2))
+  (disable-fsync? syncthing-folder-disable-fsync? (default #f)
+                  (sanitize bool->xml-string))
   (block-pull-order syncthing-folder-block-pull-order (default "standard"))
   (copy-range-method syncthing-folder-copy-range-method (default "standard"))
-  (case-sensitive-fs syncthing-folder-case-sensitive-fs (default "false"))
-  (junctions-as-dirs syncthing-folder-junctions-as-dirs (default "false"))
-  (sync-ownership syncthing-folder-sync-ownership (default "false"))
-  (send-ownership syncthing-folder-send-ownership (default "false"))
-  (sync-xattrs syncthing-folder-sync-xattrs (default "false"))
-  (send-xattrs syncthing-folder-send-xattrs (default "false"))
-  (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default "1024"))
-  (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default "4096")))
+  (case-sensitive-file-system? syncthing-folder-case-sensitive-file-system? (default #f)
+                               (sanitize bool->xml-string))
+  (junctions-as-dirs? syncthing-folder-junctions-as-dirs? (default #f)
+                      (sanitize bool->xml-string))
+  (sync-ownership? syncthing-folder-sync-ownership? (default #f)
+                   (sanitize bool->xml-string))
+  (send-ownership? syncthing-folder-send-ownership? (default #f)
+                   (sanitize bool->xml-string))
+  (sync-xattrs? syncthing-folder-sync-xattrs? (default #f)
+                (sanitize bool->xml-string))
+  (send-xattrs? syncthing-folder-send-xattrs? (default #f)
+                (sanitize bool->xml-string))
+  (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default 1024))
+  (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default 4096)))
 
 ;; Some parameters, when empty, are fully omitted from the config file.  It is
 ;; unknown if this causes a functional difference, but stick to the normal
@@ -170,27 +193,32 @@  (define (maybe-param symbol value)
 (define syncthing-folder->sxml
   (match-record-lambda <syncthing-folder>
       (id
-       label path type rescan-interval-s fs-watcher-enabled fs-watcher-delay-s
-       fs-watcher-timeout-s ignore-perms auto-normalize devices filesystem-type
-       min-disk-free-unit min-disk-free versioning-type versioning-fs-path
-       versioning-fs-type versioning-cleanup-interval-s versioning-cleanout-days
+       label path type rescan-interval-seconds file-system-watcher-enabled?
+       file-system-watcher-delay-seconds file-system-watcher-timeout-seconds
+       ignore-permissions? auto-normalize? devices filesystem-type
+       min-disk-free-unit min-disk-free versioning-type
+       versioning-file-system-path versioning-file-system-type
+       versioning-cleanup-interval-seconds versioning-cleanout-days
        versioning-keep versioning-max-age versioning-command copiers
-       puller-max-pending-kib hashers order ignore-delete scan-progress-interval-s
-       puller-pause-s max-conflicts disable-sparse-files disable-temp-indexes paused
-       weak-hash-threshold-pct marker-name copy-ownership-from-parent mod-time-window-s
-       max-concurrent-writes disable-fsync block-pull-order copy-range-method
-       case-sensitive-fs junctions-as-dirs sync-ownership send-ownership sync-xattrs
-       send-xattrs xattr-filter-max-single-entry-size xattr-filter-max-total-size)
+       puller-max-pending-kib hashers order ignore-delete?
+       scan-progress-interval-seconds puller-pause-seconds max-conflicts
+       disable-sparse-files? disable-temp-indexes? paused?
+       weak-hash-threshold-percentage marker-name copy-ownership-from-parent?
+       mod-time-window-seconds max-concurrent-writes disable-fsync?
+       block-pull-order copy-range-method case-sensitive-file-system?
+       junctions-as-dirs? sync-ownership? send-ownership? sync-xattrs?
+       send-xattrs? xattr-filter-max-single-entry-size
+       xattr-filter-max-total-size)
     `(folder (@ (id ,(if id id label))
                 (label ,label)
                 (path ,path)
                 (type ,type)
-                (rescanIntervalS ,rescan-interval-s)
-                (fsWatcherEnabled ,fs-watcher-enabled)
-                (fsWatcherDelayS ,fs-watcher-delay-s)
-                (fsWatcherTimeoutS ,fs-watcher-timeout-s)
-                (ignorePerms ,ignore-perms)
-                (autoNormalize ,auto-normalize))
+                (rescanIntervalS ,rescan-interval-seconds)
+                (fsWatcherEnabled ,file-system-watcher-enabled?)
+                (fsWatcherDelayS ,file-system-watcher-delay-seconds)
+                (fsWatcherTimeoutS ,file-system-watcher-timeout-seconds)
+                (ignorePerms ,ignore-permissions?)
+                (autoNormalize ,auto-normalize?))
              (filesystemType ,filesystem-type)
              ,@(map syncthing-folder-device->sxml
                     devices)
@@ -203,34 +231,34 @@  (define syncthing-folder->sxml
                          ,@(maybe-param 'keep versioning-keep)
                          ,@(maybe-param 'maxAge versioning-max-age)
                          ,@(maybe-param 'command versioning-command)
-                         (cleanupIntervalS ,versioning-cleanup-interval-s)
-                         (fsPath ,versioning-fs-path)
-                         (fsType ,versioning-fs-type))
+                         (cleanupIntervalS ,versioning-cleanup-interval-seconds)
+                         (fsPath ,versioning-file-system-path)
+                         (fsType ,versioning-file-system-type))
              (copiers ,copiers)
              (pullerMaxPendingKiB ,puller-max-pending-kib)
              (hashers ,hashers)
              (order ,order)
-             (ignoreDelete ,ignore-delete)
-             (scanProgressIntervalS ,scan-progress-interval-s)
-             (pullerPauseS ,puller-pause-s)
+             (ignoreDelete ,ignore-delete?)
+             (scanProgressIntervalS ,scan-progress-interval-seconds)
+             (pullerPauseS ,puller-pause-seconds)
              (maxConflicts ,max-conflicts)
-             (disableSparseFiles ,disable-sparse-files)
-             (disableTempIndexes ,disable-temp-indexes)
-             (paused ,paused)
-             (weakHashThresholdPct ,weak-hash-threshold-pct)
+             (disableSparseFiles ,disable-sparse-files?)
+             (disableTempIndexes ,disable-temp-indexes?)
+             (paused ,paused?)
+             (weakHashThresholdPct ,weak-hash-threshold-percentage)
              (markerName ,marker-name)
-             (copyOwnershipFromParent ,copy-ownership-from-parent)
-             (modTimeWindowS ,mod-time-window-s)
+             (copyOwnershipFromParent ,copy-ownership-from-parent?)
+             (modTimeWindowS ,mod-time-window-seconds)
              (maxConcurrentWrites ,max-concurrent-writes)
-             (disableFsync ,disable-fsync)
+             (disableFsync ,disable-fsync?)
              (blockPullOrder ,block-pull-order)
              (copyRangeMethod ,copy-range-method)
-             (caseSensitiveFS ,case-sensitive-fs)
-             (junctionsAsDirs ,junctions-as-dirs)
-             (syncOwnership ,sync-ownership)
-             (sendOwnership ,send-ownership)
-             (syncXattrs ,sync-xattrs)
-             (sendXattrs ,send-xattrs)
+             (caseSensitiveFS ,case-sensitive-file-system?)
+             (junctionsAsDirs ,junctions-as-dirs?)
+             (syncOwnership ,sync-ownership?)
+             (sendOwnership ,send-ownership?)
+             (syncXattrs ,sync-xattrs?)
+             (sendXattrs ,send-xattrs?)
              (xattrFilter (maxSingleEntrySize ,xattr-filter-max-single-entry-size)
                           (maxTotalSize ,xattr-filter-max-total-size)))))
 
@@ -244,16 +272,20 @@  (define-record-type* <syncthing-config-file>
                                             (path "~/Sync")))))
   (devices syncthing-config-devices
            (default '()))
-  (gui-enabled syncthing-config-gui-enabled (default "true"))
-  (gui-tls syncthing-config-gui-tls (default "false"))
-  (gui-debugging syncthing-config-gui-debugging (default "false"))
-  (gui-send-basic-auth-prompt syncthing-config-gui-send-basic-auth-prompt (default "false"))
+  (gui-enabled? syncthing-config-gui-enabled? (default #t)
+                (sanitize bool->xml-string))
+  (gui-tls? syncthing-config-gui-tls? (default #f)
+            (sanitize bool->xml-string))
+  (gui-debugging? syncthing-config-gui-debugging? (default #f)
+                  (sanitize bool->xml-string))
+  (gui-send-basic-authorization-prompt? syncthing-config-gui-send-basic-authorization-prompt? (default #f)
+                               (sanitize bool->xml-string))
   (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
   (gui-user syncthing-config-gui-user (default #f))
   (gui-password syncthing-config-gui-password (default #f))
   (gui-apikey syncthing-config-gui-apikey (default #f))
   (gui-theme syncthing-config-gui-theme (default "default"))
-  (ldap-enabled syncthing-config-ldap-enabled (default #f))
+  (ldap-enabled? syncthing-config-ldap-enabled? (default #f))
   (ldap-address syncthing-config-ldap-address (default ""))
   (ldap-bind-dn syncthing-config-ldap-bind-dn (default ""))
   (ldap-transport syncthing-config-ldap-transport (default ""))
@@ -262,59 +294,74 @@  (define-record-type* <syncthing-config-file>
   (ldap-search-filter syncthing-config-ldap-search-filter (default ""))
   (listen-address syncthing-config-listen-address (default "default"))
   (global-announce-server syncthing-config-global-announce-server (default "default"))
-  (global-announce-enabled syncthing-config-global-announce-enabled (default "true"))
-  (local-announce-enabled syncthing-config-local-announce-enabled (default "true"))
-  (local-announce-port syncthing-config-local-announce-port (default "21027"))
-  (local-announce-mcaddr syncthing-config-local-announce-mcaddr (default "[ff12::8384]:21027"))
-  (max-send-kbps syncthing-config-max-send-kbps (default "0"))
-  (max-recv-kbps syncthing-config-max-recv-kbps (default "0"))
-  (reconnection-interval-s syncthing-config-reconnection-interval-s (default "60"))
-  (relays-enabled syncthing-config-relays-enabled (default "true"))
-  (relay-reconnect-interval-m syncthing-config-relay-reconnect-interval-m (default "10"))
-  (start-browser syncthing-config-start-browser (default "true"))
-  (nat-enabled syncthing-config-nat-enabled (default "true"))
-  (nat-lease-minutes syncthing-config-nat-lease-minutes (default "60"))
-  (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default "30"))
-  (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default "10"))
-  (ur-accepted syncthing-config-ur-accepted (default "0"))
-  (ur-seen syncthing-config-ur-seen (default "0"))
-  (ur-unique-id syncthing-config-ur-unique-id (default ""))
-  (ur-url syncthing-config-ur-url (default "https://data.syncthing.net/newdata"))
-  (ur-post-insecurely syncthing-config-ur-post-insecurely (default "false"))
-  (ur-initial-delay-s syncthing-config-ur-initial-delay-s (default "1800"))
-  (auto-upgrade-interval-h syncthing-config-auto-upgrade-interval-h (default "12"))
-  (upgrade-to-pre-releases syncthing-config-upgrade-to-pre-releases (default "false"))
-  (keep-temporaries-h syncthing-config-keep-temporaries-h (default "24"))
-  (cache-ignored-files syncthing-config-cache-ignored-files (default "false"))
-  (progress-update-interval-s syncthing-config-progress-update-interval-s (default "5"))
-  (limit-bandwidth-in-lan syncthing-config-limit-bandwidth-in-lan (default "false"))
+  (global-announce-enabled? syncthing-config-global-announce-enabled? (default #t)
+                            (sanitize bool->xml-string))
+  (local-announce-enabled? syncthing-config-local-announce-enabled? (default #t)
+                           (sanitize bool->xml-string))
+  (local-announce-port syncthing-config-local-announce-port (default 21027))
+  (local-announce-mac-address syncthing-config-local-announce-mac-address (default "[ff12::8384]:21027"))
+  (max-send-kbps syncthing-config-max-send-kbps (default 0))
+  (max-receive-kbps syncthing-config-max-receive-kbps (default 0))
+  (reconnection-interval-seconds syncthing-config-reconnection-interval-seconds (default 60))
+  (relays-enabled? syncthing-config-relays-enabled? (default #t)
+                   (sanitize bool->xml-string))
+  (relay-reconnect-interval-minutes syncthing-config-relay-reconnect-interval-minutes (default 10))
+  (start-browser? syncthing-config-start-browser? (default #t)
+                  (sanitize bool->xml-string))
+  (nat-enabled? syncthing-config-nat-enabled? (default #t)
+                (sanitize bool->xml-string))
+  (nat-lease-minutes syncthing-config-nat-lease-minutes (default 60))
+  (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default 30))
+  (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default 10))
+  (usage-reporting-accepted syncthing-config-usage-reporting-accepted (default 0))
+  (usage-reporting-seen syncthing-config-usage-reporting-seen (default 0))
+  (usage-reporting-unique-id syncthing-config-usage-reporting-unique-id (default ""))
+  (usage-reporting-url syncthing-config-usage-reporting-url (default "https://data.syncthing.net/newdata"))
+  (usage-reporting-post-insecurely? syncthing-config-usage-reporting-post-insecurely? (default #f)
+                       (sanitize bool->xml-string))
+  (usage-reporting-initial-delay-seconds syncthing-config-usage-reporting-initial-delay-seconds (default 1800))
+  (auto-upgrade-interval-hours syncthing-config-auto-upgrade-interval-hours (default 12))
+  (upgrade-to-pre-releases? syncthing-config-upgrade-to-pre-releases? (default #f)
+                            (sanitize bool->xml-string))
+  (keep-temporaries-hours syncthing-config-keep-temporaries-hours (default 24))
+  (cache-ignored-files? syncthing-config-cache-ignored-files? (default #f)
+                        (sanitize bool->xml-string))
+  (progress-update-interval-seconds syncthing-config-progress-update-interval-seconds (default 5))
+  (limit-bandwidth-in-lan? syncthing-config-limit-bandwidth-in-lan? (default #f)
+                           (sanitize bool->xml-string))
   (min-home-disk-free-unit syncthing-config-min-home-disk-free-unit (default "%"))
-  (min-home-disk-free syncthing-config-min-home-disk-free (default "1"))
+  (min-home-disk-free syncthing-config-min-home-disk-free (default 1))
   (releases-url syncthing-config-releases-url (default "https://upgrades.syncthing.net/meta.json"))
-  (overwrite-remote-device-names-on-connect syncthing-config-overwrite-remote-device-names-on-connect (default "false"))
-  (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default "10"))
+  (overwrite-remote-device-names-on-connect? syncthing-config-overwrite-remote-device-names-on-connect? (default #f)
+                                             (sanitize bool->xml-string))
+  (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default 10))
   (unacked-notification-id syncthing-config-unacked-notification-id (default "authenticationUserAndPassword"))
-  (traffic-class syncthing-config-traffic-class (default "0"))
-  (set-low-priority syncthing-config-set-low-priority (default "true"))
-  (max-folder-concurrency syncthing-config-max-folder-concurrency (default "0"))
+  (traffic-class syncthing-config-traffic-class (default 0))
+  (set-low-priority? syncthing-config-set-low-priority? (default #t)
+                     (sanitize bool->xml-string))
+  (max-folder-concurrency syncthing-config-max-folder-concurrency (default 0))
   (crash-reporting-url syncthing-config-crash-reporting-url (default "https://crash.syncthing.net/newcrash"))
-  (crash-reporting-enabled syncthing-config-crash-reporting-enabled (default "true"))
-  (stun-keepalive-start-s syncthing-config-stun-keepalive-start-s (default "180"))
-  (stun-keepalive-min-s syncthing-config-stun-keepalive-min-s (default "20"))
+  (crash-reporting-enabled? syncthing-config-crash-reporting-enabled? (default #t)
+                            (sanitize bool->xml-string))
+  (stun-keepalive-start-seconds syncthing-config-stun-keepalive-start-seconds (default 180))
+  (stun-keepalive-min-seconds syncthing-config-stun-keepalive-min-seconds (default 20))
   (stun-server syncthing-config-stun-server (default "default"))
   (database-tuning syncthing-config-database-tuning (default "auto"))
-  (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default "0"))
-  (announce-lan-addresses syncthing-config-announce-lan-addresses (default "true"))
-  (send-full-index-on-upgrade syncthing-config-send-full-index-on-upgrade (default "false"))
-  (connection-limit-enough syncthing-config-connection-limit-enough (default "0"))
-  (connection-limit-max syncthing-config-connection-limit-max (default "0"))
-  (insecure-allow-old-tlsVersions syncthing-config-insecure-allow-old-tlsVersions (default "false"))
-  (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default "10"))
-  (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default "20"))
-  (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default "30"))
-  (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default "40"))
-  (connection-priority-relay syncthing-config-connection-priority-relay (default "50"))
-  (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default "0"))
+  (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default 0))
+  (announce-lan-addresses? syncthing-config-announce-lan-addresses? (default #t)
+                          (sanitize bool->xml-string))
+  (send-full-index-on-upgrade? syncthing-config-send-full-index-on-upgrade? (default #f)
+                               (sanitize bool->xml-string))
+  (connection-limit-enough syncthing-config-connection-limit-enough (default 0))
+  (connection-limit-max syncthing-config-connection-limit-max (default 0))
+  (insecure-allow-old-tls-versions? syncthing-config-insecure-allow-old-tls-versions? (default #f)
+                                    (sanitize bool->xml-string))
+  (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default 10))
+  (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default 20))
+  (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default 30))
+  (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default 40))
+  (connection-priority-relay syncthing-config-connection-priority-relay (default 50))
+  (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default 0))
   (default-folder syncthing-config-default-folder
     (default (syncthing-folder (label "") (path "~"))))
   (default-device syncthing-config-default-device
@@ -324,25 +371,30 @@  (define-record-type* <syncthing-config-file>
 (define syncthing-config-file->sxml
   (match-record-lambda <syncthing-config-file>
       (folders
-       devices gui-enabled gui-tls gui-debugging gui-send-basic-auth-prompt
-       gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
-       ldap-address ldap-bind-dn ldap-transport ldap-insecure-skip-verify
-       ldap-search-base-dn ldap-search-filter listen-address global-announce-server
-       global-announce-enabled local-announce-enabled local-announce-port
-       local-announce-mcaddr max-send-kbps max-recv-kbps reconnection-interval-s
-       relays-enabled relay-reconnect-interval-m start-browser nat-enabled
-       nat-lease-minutes nat-renewal-minutes nat-timeout-seconds ur-accepted
-       ur-seen ur-unique-id ur-url ur-post-insecurely ur-initial-delay-s
-       auto-upgrade-interval-h upgrade-to-pre-releases keep-temporaries-h
-       cache-ignored-files progress-update-interval-s limit-bandwidth-in-lan
+       devices gui-enabled? gui-tls? gui-debugging?
+       gui-send-basic-authorization-prompt? gui-address gui-user gui-password
+       gui-apikey gui-theme ldap-enabled? ldap-address ldap-bind-dn
+       ldap-transport ldap-insecure-skip-verify ldap-search-base-dn
+       ldap-search-filter listen-address global-announce-server
+       global-announce-enabled? local-announce-enabled? local-announce-port
+       local-announce-mac-address max-send-kbps max-receive-kbps
+       reconnection-interval-seconds relays-enabled?
+       relay-reconnect-interval-minutes start-browser? nat-enabled?
+       nat-lease-minutes nat-renewal-minutes nat-timeout-seconds
+       usage-reporting-accepted usage-reporting-seen usage-reporting-unique-id
+       usage-reporting-url usage-reporting-post-insecurely?
+       usage-reporting-initial-delay-seconds auto-upgrade-interval-hours
+       upgrade-to-pre-releases? keep-temporaries-hours cache-ignored-files?
+       progress-update-interval-seconds limit-bandwidth-in-lan?
        min-home-disk-free-unit min-home-disk-free releases-url
-       overwrite-remote-device-names-on-connect temp-index-min-blocks
-       unacked-notification-id traffic-class set-low-priority max-folder-concurrency
-       crash-reporting-url crash-reporting-enabled stun-keepalive-start-s
-       stun-keepalive-min-s stun-server database-tuning
-       max-concurrent-incoming-request-kib announce-lan-addresses
-       send-full-index-on-upgrade connection-limit-enough connection-limit-max
-       insecure-allow-old-tlsVersions connection-priority-tcp-lan
+       overwrite-remote-device-names-on-connect? temp-index-min-blocks
+       unacked-notification-id traffic-class set-low-priority?
+       max-folder-concurrency crash-reporting-url crash-reporting-enabled?
+       stun-keepalive-start-seconds stun-keepalive-min-seconds stun-server
+       database-tuning max-concurrent-incoming-request-kib
+       announce-lan-addresses? send-full-index-on-upgrade?
+       connection-limit-enough connection-limit-max
+       insecure-allow-old-tls-versions? connection-priority-tcp-lan
        connection-priority-quic-lan connection-priority-tcp-wan
        connection-priority-quic-wan connection-priority-relay
        connection-priority-upgrade-threshold default-folder default-device
@@ -364,16 +416,16 @@  (define syncthing-config-file->sxml
                             (lambda (device1 device2)
                               (string= (syncthing-device-id device1)
                                        (syncthing-device-id device2)))))
-                    (gui (@ (enabled ,gui-enabled)
-                            (tls ,gui-tls)
-                            (debugging ,gui-debugging)
-                            (sendBasicAuthPrompt ,gui-send-basic-auth-prompt))
+                    (gui (@ (enabled ,gui-enabled?)
+                            (tls ,gui-tls?)
+                            (debugging ,gui-debugging?)
+                            (sendBasicAuthPrompt ,gui-send-basic-authorization-prompt?))
                          (address ,gui-address)
                          ,@(if gui-user `((user ,gui-user)) '())
                          ,@(if gui-password `((password ,gui-password)) '())
                          ,@(if gui-apikey `((apikey ,gui-apikey)) '())
                          (theme ,gui-theme))
-                    (ldap ,(if ldap-enabled
+                    (ldap ,(if ldap-enabled?
                                `((address ,ldap-address)
                                  (bindDN ,ldap-bind-dn)
                                  ,@(if ldap-transport
@@ -391,53 +443,53 @@  (define syncthing-config-file->sxml
                                ""))
                     (options (listenAddress ,listen-address)
                              (globalAnnounceServer ,global-announce-server)
-                             (globalAnnounceEnabled ,global-announce-enabled)
-                             (localAnnounceEnabled ,local-announce-enabled)
+                             (globalAnnounceEnabled ,global-announce-enabled?)
+                             (localAnnounceEnabled ,local-announce-enabled?)
                              (localAnnouncePort ,local-announce-port)
-                             (localAnnounceMCAddr ,local-announce-mcaddr)
+                             (localAnnounceMCAddr ,local-announce-mac-address)
                              (maxSendKbps ,max-send-kbps)
-                             (maxRecvKbps ,max-recv-kbps)
-                             (reconnectionIntervalS ,reconnection-interval-s)
-                             (relaysEnabled ,relays-enabled)
-                             (relayReconnectIntervalM ,relay-reconnect-interval-m)
-                             (startBrowser ,start-browser)
-                             (natEnabled ,nat-enabled)
+                             (maxRecvKbps ,max-receive-kbps)
+                             (reconnectionIntervalS ,reconnection-interval-seconds)
+                             (relaysEnabled ,relays-enabled?)
+                             (relayReconnectIntervalM ,relay-reconnect-interval-minutes)
+                             (startBrowser ,start-browser?)
+                             (natEnabled ,nat-enabled?)
                              (natLeaseMinutes ,nat-lease-minutes)
                              (natRenewalMinutes ,nat-renewal-minutes)
                              (natTimeoutSeconds ,nat-timeout-seconds)
-                             (urAccepted ,ur-accepted)
-                             (urSeen ,ur-seen)
-                             (urUniqueID ,ur-unique-id)
-                             (urURL ,ur-url)
-                             (urPostInsecurely ,ur-post-insecurely)
-                             (urInitialDelayS ,ur-initial-delay-s)
-                             (autoUpgradeIntervalH ,auto-upgrade-interval-h)
-                             (upgradeToPreReleases ,upgrade-to-pre-releases)
-                             (keepTemporariesH ,keep-temporaries-h)
-                             (cacheIgnoredFiles ,cache-ignored-files)
-                             (progressUpdateIntervalS ,progress-update-interval-s)
-                             (limitBandwidthInLan ,limit-bandwidth-in-lan)
+                             (urAccepted ,usage-reporting-accepted)
+                             (urSeen ,usage-reporting-seen)
+                             (urUniqueID ,usage-reporting-unique-id)
+                             (urURL ,usage-reporting-url)
+                             (urPostInsecurely ,usage-reporting-post-insecurely?)
+                             (urInitialDelayS ,usage-reporting-initial-delay-seconds)
+                             (autoUpgradeIntervalH ,auto-upgrade-interval-hours)
+                             (upgradeToPreReleases ,upgrade-to-pre-releases?)
+                             (keepTemporariesH ,keep-temporaries-hours)
+                             (cacheIgnoredFiles ,cache-ignored-files?)
+                             (progressUpdateIntervalS ,progress-update-interval-seconds)
+                             (limitBandwidthInLan ,limit-bandwidth-in-lan?)
                              (minHomeDiskFree (@ (unit ,min-home-disk-free-unit))
                                               ,min-home-disk-free)
                              (releasesURL ,releases-url)
-                             (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect)
+                             (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect?)
                              (tempIndexMinBlocks ,temp-index-min-blocks)
                              (unackedNotificationID ,unacked-notification-id)
                              (trafficClass ,traffic-class)
-                             (setLowPriority ,set-low-priority)
+                             (setLowPriority ,set-low-priority?)
                              (maxFolderConcurrency ,max-folder-concurrency)
                              (crashReportingURL ,crash-reporting-url)
-                             (crashReportingEnabled ,crash-reporting-enabled)
-                             (stunKeepaliveStartS ,stun-keepalive-start-s)
-                             (stunKeepaliveMinS ,stun-keepalive-min-s)
+                             (crashReportingEnabled ,crash-reporting-enabled?)
+                             (stunKeepaliveStartS ,stun-keepalive-start-seconds)
+                             (stunKeepaliveMinS ,stun-keepalive-min-seconds)
                              (stunServer ,stun-server)
                              (databaseTuning ,database-tuning)
                              (maxConcurrentIncomingRequestKiB ,max-concurrent-incoming-request-kib)
-                             (announceLANAddresses ,announce-lan-addresses)
-                             (sendFullIndexOnUpgrade ,send-full-index-on-upgrade)
+                             (announceLANAddresses ,announce-lan-addresses?)
+                             (sendFullIndexOnUpgrade ,send-full-index-on-upgrade?)
                              (connectionLimitEnough ,connection-limit-enough)
                              (connectionLimitMax ,connection-limit-max)
-                             (insecureAllowOldTLSVersions ,insecure-allow-old-tlsVersions)
+                             (insecureAllowOldTLSVersions ,insecure-allow-old-tls-versions?)
                              (connectionPriorityTcpLan ,connection-priority-tcp-lan)
                              (connectionPriorityQuicLan ,connection-priority-quic-lan)
                              (connectionPriorityTcpWan ,connection-priority-tcp-wan)