"borg" is the tool for one-way encrypted backup, not syncthing.

I think you should look into the 'borg' backup tool - it has become the de facto standard for remote backups because it does everything that rsync does (efficient, changes only backups) but also produces strongly encrypted remote backup sets that only you have a key to ... the provider has no access to the data.

The borg website is here:

https://borgbackup.readthedocs.io/en/stable/

and a good description of how it works and why you should use it is here:

https://www.stavros.io/posts/holy-grail-backups/

When somebody uses borgbackup with you guys, is there any way you can include "hey you have a stale lock file" (that's probably keeping your backup from working) in the automated email that gets sent when disk usage doesn't change?

Borg or Restic are good for off site backup, but if you want basically an untrusted storage server Reslio does support "encrypted" folders. The UX is a little hard to figure out sometimes though, it's not open source, and is not free. But very good software.

It's on the way. Not done just yet. TL;DR: watch this page: https://github.com/syncthing/syncthing/wiki/Untrusted-device...

Short history:

There was 1 attempt to do it which ended with nothing

https://github.com/syncthing/syncthing/issues/109

https://github.com/syncthing/syncthing/pull/4331

Then there was a follow-up PR (which I was downright giddy to discover): https://github.com/syncthing/syncthing/pull/6214

That PR was just closed yesterday in favor of https://github.com/syncthing/syncthing/pull/6727 which is where the current flame of hope burns.

I use restic for that, prerry great.

Also for two wat, check out cryptomator