nixos-config/components/network/syncthing.nix

{ config, lib, pkgs, factsGenerator, clanLib, ... }:
let
  clanMachines =
    lib.mapAttrs
      (machine: facts: {
        name = machine;
        id = facts."syncthing.pub";
        addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
      })
      (clanLib.readFactsFromAllMachines [ "syncthing.pub" "zerotier-ip" ]);
in
with lib; {

  # networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];

  clan.core.facts.services.syncthing = factsGenerator.syncthing { };

  services.syncthing = {
    guiAddress = lib.mkDefault "${config.networking.hostName}.private:8384";
    overrideDevices = lib.mkDefault true;
    key = config.clan.core.facts.services.syncthing.secret."syncthing.key".path;
    cert = config.clan.core.facts.services.syncthing.secret."syncthing.cert".path;
    settings.devices =
      let
        device = machine: id: {
          "${machine}" = {
            name = machine;
            id = id;
            #addresses = [ "tcp://${machine}.private:22000" ];
          };
        };
      in
      clanMachines
      // (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
      // (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ")
    ;

    settings.folders = {

      # needs to be on encrypted drives
      # -------------------------------
      audiobooks = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/audiobooks";
        devices = [ "chungus" "orbi" ];
      };
      books = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/books";
        devices = [ "chungus" "cream" "cherry" ];
        versioning = {
          type = "simple";
          params.keep = "2";
        };
      };
      desktop = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/desktop";
        devices = [ "chungus" "cream" "cherry" ];
      };
      finance = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/finance";
        devices = [ "chungus" "cream" "cherry" ];
        versioning = {
          type = "simple";
          params.keep = "10";
        };
      };
      flix = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/flix";
        devices = [ "chungus" "orbi" ];
      };
      logseq = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/logseq";
        devices = [ "chungus" "cream" "cherry" "iPhone" ];
      };
      lectures = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/lectures";
        devices = [ "chungus" "orbi" ];
      };
      oscar_cpap = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/oscar_cpap";
        devices = [ "chungus" "cream" "cherry" ];
      };
      password-store = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/password-store";
        devices = [ "chungus" "cream" "cherry" ];
        versioning = {
          type = "simple";
          params.keep = "10";
        };
      };
      # to share big stuff public
      share = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/password-store";
        devices = [ "cream" "cherry" "orbi" ];
      };
      # todo remove if zfs is is used
      #nextcloud_backup = {
      #  enable = lib.mkDefault false;
      #  path = lib.mkDefault "/tmp/lost-fotos";
      #  devices = [ "chungus"  ];
      #  versioning = {
      #    type = "simple";
      #    params.keep = "2";
      #  };
      #};
    };
  };

}