nixos-config/nixos/configs/robi/syncthing.nix

126 lines
3.2 KiB
Nix
Raw Normal View History

2021-12-28 16:19:29 +01:00
{ config, pkgs, lib, ... }: {
2021-12-28 19:48:14 +01:00
imports = [ ../../system/all/syncthing.nix ];
2021-12-28 16:19:29 +01:00
sops.secrets.syncthing_cert = { };
sops.secrets.syncthing_key = { };
2021-12-28 19:48:14 +01:00
networking.firewall.allowedTCPPorts = [ 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 ];
2021-12-28 16:19:29 +01:00
services.syncthing = {
enable = true;
openDefaultPorts = false;
2021-12-28 19:48:14 +01:00
dataDir = "/media/syncthing";
configDir = "/media/syncthing";
2021-12-28 16:19:29 +01:00
declarative = {
2021-12-28 19:48:14 +01:00
overrideDevices = true;
overrideFolders = true;
2021-12-28 16:19:29 +01:00
cert = toString config.sops.secrets.syncthing_cert.path;
key = toString config.sops.secrets.syncthing_key.path;
folders = {
# on encrypted hard drive
# -----------------------
2021-12-28 19:48:14 +01:00
#private = {
# enable = true;
# path = "/home/syncthing/private";
#};
#desktop = {
# enable = true;
# path = "/home/syncthing/desktop";
#};
#finance = {
# enable = true;
# path = "/home/syncthing/finance";
#};
#fotos = {
# enable = true;
# path = "/home/syncthing/fotos";
#};
#lost-fotos = {
# enable = true;
# path = "/home/syncthing/lost-fotos.ct";
#};
#zettlr = {
# enable = true;
# path = "/home/syncthing/zettlr";
#};
2021-12-28 16:19:29 +01:00
# on media hard drive (not encrypted)
# -----------------------------------
2021-12-28 19:48:14 +01:00
#borg-mirror = {
# enable = true;
# path = "/media/syncthing/borg";
# rescanInterval = 36 * 3600;
# type = "sendonly";
#};
#video-material = {
# enable = true;
# path = "/home/syncthing/video-material";
#};
#music-library-free = {
# enable = true;
# path = "/media/syncthing/music-library-free";
# rescanInterval = 8 * 3600;
#};
2021-12-28 16:19:29 +01:00
books = {
enable = true;
path = "/media/syncthing/books";
};
samples = {
enable = true;
path = "/media/syncthing/samples";
};
movies = {
enable = true;
path = "/media/syncthing/movies";
};
series = {
enable = true;
path = "/media/syncthing/series";
};
2021-12-28 19:48:14 +01:00
# todo : no need to place it on encrypted drive
#music-projects = {
# enable = true;
# path = "/home/syncthing/music-projects";
#};
#music-library = {
# enable = true;
# path = "/media/syncthing/music-library";
# rescanInterval = 8 * 3600;
#};
#smartphone-folder = {
# enable = true;
# path = "/media/syncthing/smartphone-folder";
# rescanInterval = 8 * 3600;
#};
#processing = {
# enable = true;
# path = "/media/syncthing/sketchbook";
# rescanInterval = 8 * 3600;
#};
2021-12-28 16:19:29 +01:00
};
};
};
system.permown."/media/syncthing" = {
owner = "syncthing";
group = "syncthing";
2021-12-29 19:46:20 +01:00
umask = "0002";
2021-12-28 16:19:29 +01:00
};
systemd.services."permown._media_syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
systemd.services."syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
2021-12-28 19:48:14 +01:00
#backup.dirs = [ "/home/syncthing/finance" ];
2021-12-28 16:19:29 +01:00
}