palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

syncthing setup on orbi

Browse source
This commit is contained in:
Ingolf Wagner 2024-04-17 10:00:17 +02:00
parent 240ef234a4
commit 0bf456b970
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
6 changed files with 45 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
nixos/components/network/syncthing.nix
View file

@ -20,10 +20,12 @@ with lib; {
id = "B6P22RF-5BC2LTZ-6GHVWRZ-5D3OLXC-D66E45Y-JEB3WYT-ZQ442WZ-5FFAMQ7"; id = "B6P22RF-5BC2LTZ-6GHVWRZ-5D3OLXC-D66E45Y-JEB3WYT-ZQ442WZ-5FFAMQ7";
addresses = [ "tcp://144.76.13.147:22000" ]; addresses = [ "tcp://144.76.13.147:22000" ];
}; };
"orbi" = {
name = "orbi";
id = "5U5ZP6R-SUQO5SY-WICWWLZ-HPHQBM5-P27YSU6-66TWIBK-XLX4X5N-4O6TVAC";
addresses = [ "tcp://95.216.66.212:22000" ];
};
} }
// (device "workhorse" "AFSAKB6-JLH4QAS-DSRMPI3-6PVCIHF-IIAVLPC-STPNO3Y-YRDU5NW-QD445QI")
// (device "pepe" "SZLXFW3-VTAC7UB-V2Z7CHE-3VZAYPL-6D72AK6-OCDMPZP-G4FPY5P-FL6ZVAG")
// (device "sterni" "ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD")
// (device "mobi" "NGI7UN6-MR2YPYI-L7DGN3I-JFZU2N3-RJBJV6K-2VZVQSJ-PWLZYOK-PXZYRAF") // (device "mobi" "NGI7UN6-MR2YPYI-L7DGN3I-JFZU2N3-RJBJV6K-2VZVQSJ-PWLZYOK-PXZYRAF")
// (device "bobi" "FOJ3D27-W5OJMQR-7S77A3V-AS5BCG2-CIGWVMP-UBSVQNN-QZLHAIZ-IO7GKAE") // (device "bobi" "FOJ3D27-W5OJMQR-7S77A3V-AS5BCG2-CIGWVMP-UBSVQNN-QZLHAIZ-IO7GKAE")
// (device "cream" "MQVKATH-THTPET5-KYAT7XX-BOIIIBA-P7OOF7Y-IWAUN53-S2VNVOY-BZWTGQK") // (device "cream" "MQVKATH-THTPET5-KYAT7XX-BOIIIBA-P7OOF7Y-IWAUN53-S2VNVOY-BZWTGQK")
@ -47,6 +49,16 @@ with lib; {
# needs to be on encrypted drives # needs to be on encrypted drives
# ------------------------------- # -------------------------------
audiobooks = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/audiobooks";
devices = [ "chungus" "orbi" ];
};
lectures = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/lectures";
devices = [ "chungus" "orbi" ];
};
books = { books = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/books"; path = lib.mkDefault "/tmp/books";
@ -59,7 +71,7 @@ with lib; {
password-store = { password-store = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/password-store"; path = lib.mkDefault "/tmp/password-store";
devices = [ "chungus" "cream" "sterni" "mobi" "bobi" "cherry" ]; devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
@ -68,12 +80,12 @@ with lib; {
desktop = { desktop = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/desktop"; path = lib.mkDefault "/tmp/desktop";
devices = [ "chungus" "cream" "sterni" "mobi" "bobi" "cherry" ]; devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ];
}; };
finance = { finance = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/finance"; path = lib.mkDefault "/tmp/finance";
devices = [ "chungus" "cream" "sterni" "mobi" "bobi" ]; devices = [ "chungus" "cream" "mobi" "bobi" ];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";

2
nixos/machines/chungus/configuration.nix
View file

@ -33,6 +33,7 @@
./media-youtube.nix ./media-youtube.nix
./media-castget.nix ./media-castget.nix
./media-curl.nix ./media-curl.nix
./media-syncthing.nix
# logging # logging
./loki.nix ./loki.nix
@ -47,7 +48,6 @@
./rbackup.nix ./rbackup.nix
./sync-torrent.nix ./sync-torrent.nix
./sync-script.nix ./sync-script.nix
./syncthing.nix
./services-s3.nix ./services-s3.nix

20
nixos/machines/chungus/syncthing.nix → nixos/machines/chungus/media-syncthing.nix
View file

@ -3,6 +3,14 @@
services.syncthing = { services.syncthing = {
enable = true; enable = true;
overrideFolders = true; overrideFolders = true;
user = "media";
group = "media";
# make some folders send only
settings.folders = {
audiobooks.type = "sendonly";
lost-fotos.type = "sendonly";
lectures.type = "sendonly";
};
folders = { folders = {
# on encrypted drive # on encrypted drive
# ------------------ # ------------------
@ -42,12 +50,20 @@
enable = true; enable = true;
path = "/syncthing/music-projects"; path = "/syncthing/music-projects";
}; };
audiobooks = {
enable = true;
path = "/media/audio-books";
};
lectures = {
enable = true;
path = "/media/lectures";
};
}; };
}; };
services.permown."/syncthing" = { services.permown."/syncthing" = {
owner = "syncthing"; owner = "media";
group = "syncthing"; group = "media";
directory-mode = "755"; directory-mode = "755";
file-mode = "755"; file-mode = "755";
}; };

2
nixos/machines/orbi/configuration.nix
View file

@ -22,7 +22,7 @@
./media-share.nix ./media-share.nix
#./media-syncthing.nix ./media-syncthing.nix
#./media-transmission.nix #./media-transmission.nix
./media-transmission2.nix ./media-transmission2.nix
./media-jellyfin.nix ./media-jellyfin.nix

2
nixos/machines/orbi/media-share.nix
View file

@ -10,7 +10,7 @@
group = "media"; group = "media";
}; };
services.permown."/media/media" = { services.permown."/media" = {
owner = "media"; owner = "media";
group = "media"; group = "media";
directory-mode = "770"; directory-mode = "770";

62
nixos/machines/orbi/media-syncthing.nix
View file

@ -1,77 +1,27 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
sops.secrets.syncthing_cert = { };
sops.secrets.syncthing_key = { };
networking.firewall.allowedTCPPorts = [ 22000 ]; networking.firewall.allowedTCPPorts = [ 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 ]; networking.firewall.allowedUDPPorts = [ 22000 ];
services.syncthing = { services.syncthing = {
enable = true; enable = true;
openDefaultPorts = false; openDefaultPorts = false;
user = "media";
group = "media";
dataDir = "/media/syncthing/config"; dataDir = "/media/syncthing/config";
configDir = "/media/syncthing/config"; configDir = "/media/syncthing/config";
overrideDevices = true; overrideDevices = true;
overrideFolders = true; overrideFolders = true;
cert = toString config.sops.secrets.syncthing_cert.path;
key = toString config.sops.secrets.syncthing_key.path;
settings.folders = { settings.folders = {
# on media hard drive (not encrypted) audiobooks = {
# -----------------------------------
#borg-mirror = {
# enable = true;
# path = "/media/syncthing/borg";
# rescanInterval = 36 * 3600;
# type = "sendonly";
#};
#video-material = {
# enable = true;
# path = "/home/syncthing/video-material";
#};
books = {
enable = true; enable = true;
path = "/media/syncthing/books"; path = "/media/synchthing/audiobooks";
}; };
lost-fotos = { lectures = {
enable = true; enable = true;
path = "/media/syncthing/lost-fotos.ct"; path = "/media/synchthing/lectures";
rescanIntervalS = 40 * 24 * 3600;
};
#media = {
# enable = true;
# watch = false;
# type = "sendonly";
# path = "/media/syncthing/media";
# rescanInterval = 27 * 24 * 3600;
#};
music-projects = {
enable = true;
#watch = true;
path = "/media/syncthing/music-projects";
};
nextcloud_backup = {
enable = true;
#watch = true;
path = "/media/syncthing/nextcloud_backup";
rescanIntervalS = 23 * 3600;
}; };
}; };
}; };
services.permown."/media/syncthing" = {
# not managed by syncthing anymore
owner = "syncthing";
group = "syncthing";
umask = "0002";
};
systemd.services."permown._media_syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
systemd.services."syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
} }