nixos-config/configs/porani/syncthing.nix
2020-02-03 19:08:43 +13:00

74 lines
1.9 KiB
Nix

{ config, pkgs, lib, ... }: {
networking.firewall.interfaces."tinc.insecure".allowedTCPPorts = [ 8384 ];
custom.samba-share = {
enable = true;
folders = {
movies = config.test.services.syncthing.declarative.folders.movies.path;
series = config.test.services.syncthing.declarative.folders.series.path;
music =
config.test.services.syncthing.declarative.folders.music-library.path;
};
};
test.services.syncthing = {
guiAddress = lib.mkForce "${config.networking.hostName}.insecure:8384";
enable = true;
openDefaultPorts = true;
declarative = {
cert = toString <secrets/syncthing/cert.pem>;
key = toString <secrets/syncthing/key.pem>;
overrideFolders = true;
folders = {
# on media hard drive (not encrypted)
# -----------------------------------
movies = {
enable = true;
path = "/media/movies";
rescanInterval = 8 * 3600;
};
music-library = {
enable = true;
path = "/media/music-library";
rescanInterval = 8 * 3600;
};
podcasts = {
enable = true;
path = "/media/podcasts";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/series";
rescanInterval = 8 * 3600;
};
porn = {
enable = true;
path = "/media/porn";
rescanInterval = 8 * 3600;
};
};
};
};
systemd.services."permown._media" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
system.permown."/media" = {
owner = "syncthing";
group = "syncthing";
umask = "0007";
};
systemd.services."syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
users.groups."syncthing".members = [ "mpd" "syncthing" "kodi" "palo" ];
backup.all.restic.dirs = [ "/var/lib/syncthing/finance" ];
}