{ config, pkgs, lib, ... }: { imports = [ ../../system/all/syncthing.nix ]; sops.secrets.syncthing_cert = { }; sops.secrets.syncthing_key = { }; networking.firewall.allowedTCPPorts = [ 22000 ]; networking.firewall.allowedUDPPorts = [ 22000 ]; services.syncthing = { enable = true; openDefaultPorts = false; dataDir = "/media/syncthing"; configDir = "/media/syncthing"; overrideDevices = true; overrideFolders = true; cert = toString config.sops.secrets.syncthing_cert.path; key = toString config.sops.secrets.syncthing_key.path; folders = { # on media hard drive (not encrypted) # ----------------------------------- #borg-mirror = { # enable = true; # path = "/media/syncthing/borg"; # rescanInterval = 36 * 3600; # type = "sendonly"; #}; #video-material = { # enable = true; # path = "/home/syncthing/video-material"; #}; books = { enable = true; path = "/media/syncthing/books"; }; lost-fotos = { enable = true; path = "/media/syncthing/lost-fotos.ct"; }; movies = { enable = true; watch = true; path = "/media/syncthing/movies"; }; music-library = { enable = true; watch = true; path = "/media/syncthing/music"; }; music-projects = { enable = true; watch = true; path = "/media/syncthing/music-projects"; }; nextcloud_backup = { enable = true; watch = true; path = "/media/syncthing/nextcloud_backup"; }; samples = { enable = true; watch = true; path = "/media/syncthing/samples"; }; series = { enable = true; watch = true; path = "/media/syncthing/series"; }; }; }; system.permown."/media/syncthing" = { owner = "syncthing"; group = "syncthing"; umask = "0002"; }; systemd.services."permown._media_syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; }; systemd.services."syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; }; }