{ config, pkgs, lib, ... }: { imports = [ ../../system/all/syncthing.nix ]; sops.secrets.syncthing_cert = { }; sops.secrets.syncthing_key = { }; networking.firewall.allowedTCPPorts = [ 22000 ]; networking.firewall.allowedUDPPorts = [ 22000 ]; services.syncthing = { enable = true; openDefaultPorts = false; dataDir = "/media/syncthing"; configDir = "/media/syncthing"; declarative = { overrideDevices = true; overrideFolders = true; cert = toString config.sops.secrets.syncthing_cert.path; key = toString config.sops.secrets.syncthing_key.path; folders = { # on encrypted hard drive # ----------------------- #private = { # enable = true; # path = "/home/syncthing/private"; #}; #desktop = { # enable = true; # path = "/home/syncthing/desktop"; #}; #finance = { # enable = true; # path = "/home/syncthing/finance"; #}; #fotos = { # enable = true; # path = "/home/syncthing/fotos"; #}; #lost-fotos = { # enable = true; # path = "/home/syncthing/lost-fotos.ct"; #}; #zettlr = { # enable = true; # path = "/home/syncthing/zettlr"; #}; # on media hard drive (not encrypted) # ----------------------------------- #borg-mirror = { # enable = true; # path = "/media/syncthing/borg"; # rescanInterval = 36 * 3600; # type = "sendonly"; #}; #video-material = { # enable = true; # path = "/home/syncthing/video-material"; #}; #music-library-free = { # enable = true; # path = "/media/syncthing/music-library-free"; # rescanInterval = 8 * 3600; #}; books = { enable = true; path = "/media/syncthing/books"; }; samples = { enable = true; path = "/media/syncthing/samples"; }; movies = { enable = true; path = "/media/syncthing/movies"; }; series = { enable = true; path = "/media/syncthing/series"; }; # todo : no need to place it on encrypted drive #music-projects = { # enable = true; # path = "/home/syncthing/music-projects"; #}; #music-library = { # enable = true; # path = "/media/syncthing/music-library"; # rescanInterval = 8 * 3600; #}; #smartphone-folder = { # enable = true; # path = "/media/syncthing/smartphone-folder"; # rescanInterval = 8 * 3600; #}; #processing = { # enable = true; # path = "/media/syncthing/sketchbook"; # rescanInterval = 8 * 3600; #}; }; }; }; system.permown."/media/syncthing" = { owner = "syncthing"; group = "syncthing"; umask = "0002"; }; systemd.services."permown._media_syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; }; systemd.services."syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; }; #backup.dirs = [ "/home/syncthing/finance" ]; }