How to set up a semi private Syncthing system
Syncthing is designed to be secure even when running mutual discovery between your computers and relaying their data — through servers that are all run by other people. As long as the TLS encryption holds up, the data should be safe. But if you think it may not be safe you may want to run it a little more private. First in order to make it somewhat private you will need to set up a relay server; you can see my notes here for Ubuntu: Notes on getting a syncthing relay server running on Ubuntu 18.04LTS
However, the computers cannot discover each other through the relay server, for that a discovery server is needed. This threw me a bit, since I thought the relay server would be enough. However it is not. This means that you need to run a private discovery server or be cool with the public discovery server. How you feel about depends a bit on whether you're cool with the announcements of your machines being somewhat public or not.