palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add syncthing

Browse source
This commit is contained in:
Ingolf Wagner 2021-12-28 19:48:14 +01:00
parent 30721cfa83
commit ee9ff1306d
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
6 changed files with 96 additions and 97 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
flake.lock
View file

@ -62,7 +62,7 @@
"secrets": {
"flake": false,
"locked": {
"narHash": "sha256-9cKMk8P56Jy5X1Hk5gpisJAHZCAYuwiUNfs2diRWdws=",
"narHash": "sha256-nl0nvXupyQ5mIdc9pVd0quWZwDJNcudUcbusp8Im+cM=",
"path": "/home/palo/dev/secrets",
"type": "path"
},

9
nixos/configs/robi/configuration.nix
View file

@ -10,9 +10,10 @@
./packages.nix
./tinc.nix
./syncthing.nix
#./syncthing.nix
#../../system/server
#./hardware-configuration.nix
#./mail-fetcher.nix
#./transmission.nix
@ -48,6 +49,12 @@
fsType = "ext4";
};
fileSystems."/media" =
{
device = "/dev/vg/media";
fsType = "ext4";
};
}

151
nixos/configs/robi/syncthing.nix
View file

@ -1,126 +1,111 @@
{ config, pkgs, lib, ... }: {
custom.samba-share = {
enable = true;
folders = {
movies = config.services.syncthing.declarative.folders.movies.path;
series = config.services.syncthing.declarative.folders.series.path;
samples = config.services.syncthing.declarative.folders.samples.path;
music = config.services.syncthing.declarative.folders.music-library.path;
books = config.services.syncthing.declarative.folders.books.path;
};
};
imports = [ ../../system/all/syncthing.nix ];
sops.secrets.syncthing_cert = { };
sops.secrets.syncthing_key = { };
networking.firewall.allowedTCPPorts = [ 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 ];
services.syncthing = {
enable = true;
openDefaultPorts = false;
dataDir = "/home/syncthing";
configDir = "/home/syncthing";
dataDir = "/media/syncthing";
configDir = "/media/syncthing";
declarative = {
overrideDevices = true;
overrideFolders = true;
cert = toString config.sops.secrets.syncthing_cert.path;
key = toString config.sops.secrets.syncthing_key.path;
overrideFolders = true;
folders = {
# on encrypted hard drive
# -----------------------
private = {
enable = true;
path = "/home/syncthing/private";
};
desktop = {
enable = true;
path = "/home/syncthing/desktop";
};
finance = {
enable = true;
path = "/home/syncthing/finance";
};
fotos = {
enable = true;
path = "/home/syncthing/fotos";
};
lost-fotos = {
enable = true;
path = "/home/syncthing/lost-fotos.ct";
};
zettlr = {
enable = true;
path = "/home/syncthing/zettlr";
};
#private = {
# enable = true;
# path = "/home/syncthing/private";
#};
#desktop = {
# enable = true;
# path = "/home/syncthing/desktop";
#};
#finance = {
# enable = true;
# path = "/home/syncthing/finance";
#};
#fotos = {
# enable = true;
# path = "/home/syncthing/fotos";
#};
#lost-fotos = {
# enable = true;
# path = "/home/syncthing/lost-fotos.ct";
#};
#zettlr = {
# enable = true;
# path = "/home/syncthing/zettlr";
#};
# on media hard drive (not encrypted)
# -----------------------------------
borg-mirror = {
enable = true;
path = "/media/syncthing/borg";
rescanInterval = 36 * 3600;
type = "sendonly";
};
video-material = {
enable = true;
path = "/home/syncthing/video-material";
};
music-library-free = {
enable = true;
path = "/media/syncthing/music-library-free";
rescanInterval = 8 * 3600;
};
#borg-mirror = {
# enable = true;
# path = "/media/syncthing/borg";
# rescanInterval = 36 * 3600;
# type = "sendonly";
#};
#video-material = {
# enable = true;
# path = "/home/syncthing/video-material";
#};
#music-library-free = {
# enable = true;
# path = "/media/syncthing/music-library-free";
# rescanInterval = 8 * 3600;
#};
books = {
enable = true;
path = "/media/syncthing/books";
rescanInterval = 8 * 3600;
};
samples = {
enable = true;
path = "/media/syncthing/samples";
rescanInterval = 8 * 3600;
};
movies = {
enable = true;
path = "/media/syncthing/movies";
rescanInterval = 8 * 3600;
};
# todo : no need to place it on encrypted drive
music-projects = {
enable = true;
path = "/home/syncthing/music-projects";
};
music-library = {
enable = true;
path = "/media/syncthing/music-library";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/syncthing/series";
rescanInterval = 8 * 3600;
};
smartphone-folder = {
enable = true;
path = "/media/syncthing/smartphone-folder";
rescanInterval = 8 * 3600;
};
processing = {
enable = true;
path = "/media/syncthing/sketchbook";
rescanInterval = 8 * 3600;
};
# todo : no need to place it on encrypted drive
#music-projects = {
# enable = true;
# path = "/home/syncthing/music-projects";
#};
#music-library = {
# enable = true;
# path = "/media/syncthing/music-library";
# rescanInterval = 8 * 3600;
#};
#smartphone-folder = {
# enable = true;
# path = "/media/syncthing/smartphone-folder";
# rescanInterval = 8 * 3600;
#};
#processing = {
# enable = true;
# path = "/media/syncthing/sketchbook";
# rescanInterval = 8 * 3600;
#};
};
};
};
system.permown."/home/syncthing" = {
owner = "syncthing";
group = "syncthing";
umask = "0022";
};
system.permown."/media/syncthing" = {
owner = "syncthing";
group = "syncthing";
@ -135,6 +120,6 @@
after = [ "media.mount" ];
};
backup.dirs = [ "/home/syncthing/finance" ];
#backup.dirs = [ "/home/syncthing/finance" ];
}

2
nixos/configs/workhorse/configuration.nix
View file

@ -13,7 +13,7 @@
./gogs.nix
./grafana.nix
./graylog.nix
./jenkins.nix
#./jenkins.nix
#./kibana.nix
./mysql.nix
./packages.nix

27
nixos/system/all/syncthing.nix
View file

@ -4,7 +4,7 @@ with lib; {
services.syncthing = {
guiAddress = lib.mkDefault "${config.networking.hostName}.private:8384";
declarative = {
overrideDevices = true;
overrideDevices = lib.mkDefault true;
devices =
let
device = name: id: {
@ -12,22 +12,29 @@ with lib; {
name = name;
id = id;
addresses =
[ "tcp://${name}.private:22000" "tcp://${name}.private:21027" ];
[ "tcp://${name}.private:22000" ];
};
};
in
(device "workhorse"
{
"robi" = {
name = "robi";
id = "B6P22RF-5BC2LTZ-6GHVWRZ-5D3OLXC-D66E45Y-JEB3WYT-ZQ442WZ-5FFAMQ7";
addresses = [ "tcp://144.76.13.147:22000" ];
};
}
// (device "workhorse"
"AFSAKB6-JLH4QAS-DSRMPI3-6PVCIHF-IIAVLPC-STPNO3Y-YRDU5NW-QD445QI")
// (device "pepe"
"SZLXFW3-VTAC7UB-V2Z7CHE-3VZAYPL-6D72AK6-OCDMPZP-G4FPY5P-FL6ZVAG")
// (device "workout"
"DZOOAKG-GI2SVOS-QEVMFL7-TRHVTPQ-ADIJEVH-RH5WV3J-6M7MJHC-C53EOAC")
// (device "sterni"
"ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD") // {
"ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD")
// {
"porani" = {
name = "porani";
id =
"6YOIA4E-X52ZD5Z-FPNWPRS-77QIMMU-VDIXVZB-6BPQN7A-FFJDU4W-EXEGFAI";
id = "6YOIA4E-X52ZD5Z-FPNWPRS-77QIMMU-VDIXVZB-6BPQN7A-FFJDU4W-EXEGFAI";
addresses =
[ "tcp://porani.secret:22000" "tcp://porani.secret:21027" ];
};
@ -120,7 +127,7 @@ with lib; {
enable = lib.mkDefault false;
id = "wwbvs-5lfbh";
watch = false;
devices = [ "workhorse" "pepe" "sterni" ];
devices = [ "workhorse" "pepe" "sterni" "robi" ];
versioning = {
type = "simple";
params.keep = "10";
@ -139,7 +146,7 @@ with lib; {
enable = lib.mkDefault false;
id = "vatmy-c2qf4";
watch = false;
devices = [ "workhorse" "pepe" "porani" ];
devices = [ "workhorse" "pepe" "porani" "robi" ];
versioning = {
type = "simple";
params.keep = "3";
@ -189,13 +196,13 @@ with lib; {
enable = lib.mkDefault false;
id = "pcgkj-tjucd";
watch = false;
devices = [ "workout" "workhorse" "sterni" "pepe" ];
devices = [ "workhorse" "sterni" "pepe" "robi" ];
};
series = {
enable = lib.mkDefault false;
id = "all-series";
watch = false;
devices = [ "workhorse" "porani" "pepe" ];
devices = [ "workhorse" "porani" "pepe" "robi" ];
versioning = {
type = "simple";
params.keep = "10";

2
nixos/system/all/tinc.nix
View file

@ -114,7 +114,7 @@ in
publicKey = lib.fileContents ../../assets/tinc/workhorse_host_file;
};
robi = {
realAddress = ["144.76.13.147"];
realAddress = [ "144.76.13.147" ];
tincIp = "10.23.42.111";
publicKey = lib.fileContents ../../assets/tinc/robi_host_file;
};