nixos/modules/syncthing.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

{
  config,
  lib,
  ...
}: let
  inherit (lib) elem filterAttrs mkIf any mkDefault recursiveUpdate genAttrs;

  allDevices = [
    "binky"
    "errol"
    "lipwig"
    "ridcully"
  ];
  bigStorageDevices = [
    "errol"
    "ridcully"
  ];

  inherit (config.networking) hostName;
  baseDir = config.services.syncthing.dataDir;
  filterDevice = filterAttrs (_: v: any (d: d == hostName) v.devices);
in {
  config = mkIf (config.services.syncthing.enable && elem hostName allDevices) {
    services.syncthing = {
      user = mkDefault "cynerd";
      group = mkDefault "cynerd";

      key = "/run/secrets/syncthing.key.pem";
      cert = "/run/secrets/syncthing.cert.pem";

      openDefaultPorts = true;
      overrideFolders = true;
      overrideDevices = true;

      settings = {
        folders = filterDevice {
          "${baseDir}/documents" = {
            label = "Documents";
            id = "documents";
            devices = allDevices;
            ignorePerms = false;
          };
          "${baseDir}/notes" = {
            label = "Notes";
            id = "notes";
            devices = allDevices;
            ignorePerms = false;
          };
          "${baseDir}/projects" = {
            label = "Projects";
            id = "projects";
            devices = allDevices;
            ignorePerms = false;
          };
          "${baseDir}/elektroline" = {
            label = "Elektroline";
            id = "elektroline";
            devices = allDevices;
            ignorePerms = false;
          };
          "${baseDir}/pictures" = {
            label = "Pictures";
            id = "pictures";
            devices = bigStorageDevices;
            ignorePerms = false;
          };
          "${baseDir}/music" = {
            label = "Music";
            id = "music";
            devices = bigStorageDevices;
            ignorePerms = false;
          };
          "${baseDir}/video" = {
            label = "Video";
            id = "video";
            devices = bigStorageDevices;
            ignorePerms = false;
          };
          "${baseDir}/turris" = {
            label = "Turris";
            id = "turris";
            devices = bigStorageDevices;
            ignorePerms = false;
          };
        };

        devices =
          recursiveUpdate
          (genAttrs allDevices (name: {
            id = config.secrets.syncthingIDs."${name}";
          }))
          {
            lipwig.addresses = ["tcp://cynerd.cz"];
          };
      };
    };
  };
}