nix/nixos/common/services/syncthing.nix

70 lines
2.2 KiB
Nix
Raw Normal View History

2024-11-21 23:21:53 +01:00
{ lib, username, hostname, deployment_type, desktop, ... }: {
imports = [ ] ++ lib.optional (builtins.isString desktop) ./syncthing-desktop.nix;
# Set up the secrets file:
sops.secrets."syncthing_cert" = {
owner = "root";
sopsFile = ../../../secrets/${deployment_type}/${hostname}.yaml;
restartUnits = [ "syncthing.service" ];
};
sops.secrets."syncthing_key" = {
owner = "root";
sopsFile = ../../../secrets/${deployment_type}/${hostname}.yaml;
restartUnits = [ "syncthing.service" ];
};
2024-08-14 05:26:22 +02:00
networking.firewall.interfaces.tailscale0 = {
2024-08-14 15:40:13 +02:00
allowedTCPPorts = [ 8384 22000 ];
2024-08-14 05:26:22 +02:00
allowedUDPPorts = [ 22000 21027 ];
};
services.syncthing = {
enable = true;
2024-08-14 09:04:17 +02:00
guiAddress = "0.0.0.0:8384";
cert = "/run/secrets/syncthing_cert";
key = "/run/secrets/syncthing_key";
user = "${username}";
configDir = "/home/${username}/.config/syncthing";
overrideDevices = true;
overrideFolders = true;
settings = {
2024-08-14 08:51:09 +02:00
options = {
2024-08-14 08:51:39 +02:00
urAccepted = -1;
2024-08-14 08:51:09 +02:00
localAnnounceEnabled = true;
2024-08-20 07:27:03 +02:00
relaysEnabled = false;
2024-08-14 08:51:09 +02:00
};
devices = {
"framework-server" = { # The docker container, not the host
2024-08-14 02:54:00 +02:00
autoAcceptFolders = true;
id = "ULRNA7N-Q7WTZR3-PDQW52W-IWT4UOG-ABF5RCT-W6XJXOW-WQTJIWR-GBFUJQR";
};
"nixos-framework" = {
2024-08-14 02:54:00 +02:00
autoAcceptFolders = true;
id = "TT3EHRG-U6MMJUC-S3UPF2F-TRUMBPI-TC37RMI-BQ7TT5W-N7DIIWK-653TFAU";
};
"nixos-desktop" = {
2024-08-14 02:54:00 +02:00
autoAcceptFolders = true;
id = "5VWSC5F-UKNQK7L-5XDJORY-SJXJUFC-D5QCNYX-YPQBJ4J-AFSVHWY-CXO3MQT";
};
"rdesktop" = {
2024-08-14 02:54:00 +02:00
autoAcceptFolders = true;
id = "VJH2YXUG-Y2QTRZ5-Q2XEKLU-7MVETXQ-WRWDDLD-D4PCJ47-T4KVVNV-XXC6PA";
};
2024-08-14 06:37:11 +02:00
"google-pixel-8" = {
autoAcceptFolders = true;
2024-08-15 04:31:35 +02:00
id = "6YCQMCP-IABOYJV-E25ABBO-MTVKNMT-JHD5BN2-B25OSMA-JDYEVLN-SJ66LA2";
2024-08-14 06:37:11 +02:00
};
};
2024-08-15 10:51:59 +02:00
2024-08-15 02:20:16 +02:00
folders = {
"logseq" = {
id = "logseq";
path = "/home/${username}/.logseq";
2024-08-20 07:27:03 +02:00
versioning.type = "trashcan";
2024-08-15 02:20:16 +02:00
devices = [ "framework-server" "nixos-desktop" "nixos-framework" "rdesktop" "google-pixel-8" ];
};
};
2024-02-13 14:10:40 +01:00
};
};
2024-03-10 01:31:42 +01:00
}