{ config, pkgs, lib, ... }: { users.groups."syncthing".members = [ "mpd" "syncthing" "upload" ]; custom.samba-share = { enable = true; folders = { movies = config.services.syncthing.folders.movies.path; music = config.services.syncthing.folders.music-library.path; samples = config.services.syncthing.folders.samples.path; series = config.services.syncthing.folders.series.path; series2 = "/media/series"; books = config.services.syncthing.folders.books.path; }; private.upload = { folder = "/media/upload"; users = "upload"; }; }; users.users.upload = { isNormalUser = true; group = "upload"; }; users.groups.upload = { }; sops.secrets.syncthing_cert = { }; sops.secrets.syncthing_key = { }; services.syncthing = { enable = true; openDefaultPorts = true; cert = toString config.sops.secrets.syncthing_cert.path; key = toString config.sops.secrets.syncthing_key.path; overrideFolders = true; folders = { # on encrypted drive # ------------------ private = { enable = true; path = "/home/syncthing/private"; }; art = { enable = true; path = "/home/syncthing/art"; }; password-store = { enable = true; path = "/home/syncthing/password-store"; }; desktop = { enable = true; path = "/home/syncthing/desktop"; }; finance = { enable = true; path = "/home/syncthing/finance"; }; fotos = { enable = true; path = "/home/syncthing/fotos"; }; # no need to be encrypted # ----------------------- books = { enable = true; path = "/media/syncthing/books"; rescanInterval = 8 * 3600; }; lost-fotos = { enable = true; path = "/media/syncthing/lost-fotos.ct"; rescanInterval = 8 * 3600; }; movies = { enable = true; path = "/media/syncthing/movies"; rescanInterval = 8 * 3600; }; music-library = { enable = true; path = "/media/syncthing/music-library"; rescanInterval = 8 * 3600; }; music-projects = { enable = true; path = "/media/syncthing/music-projects"; rescanInterval = 8 * 3600; }; nextcloud_backup = { enable = true; path = "/media/syncthing/nextcloud_backup"; rescanInterval = 8 * 3600; }; samples = { enable = true; path = "/media/syncthing/samples"; rescanInterval = 8 * 3600; }; series = { enable = true; path = "/media/syncthing/series"; rescanInterval = 8 * 3600; }; }; }; system.permown."/home/syncthing" = { owner = "syncthing"; group = "syncthing"; }; system.permown."/media/syncthing" = { owner = "syncthing"; group = "syncthing"; }; systemd.services."permown._media_syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; }; systemd.services."syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; }; backup.dirs = [ config.services.syncthing.folders.finance.path ]; }