nixos-config/nixos/machines/pepe/syncthing.nix
2022-09-23 20:29:18 +02:00

129 lines
3.1 KiB
Nix

{ config, pkgs, lib, ... }: {
users.groups."syncthing".members = [ "mpd" "syncthing" "upload" ];
custom.samba-share = {
enable = true;
folders = {
movies = config.services.syncthing.folders.movies.path;
music = config.services.syncthing.folders.music-library.path;
samples = config.services.syncthing.folders.samples.path;
series = config.services.syncthing.folders.series.path;
series2 = "/media/series";
books = config.services.syncthing.folders.books.path;
};
private.upload = {
folder = "/media/upload";
users = "upload";
};
};
users.users.upload = {
isNormalUser = true;
group = "upload";
};
users.groups.upload = { };
sops.secrets.syncthing_cert = { };
sops.secrets.syncthing_key = { };
services.syncthing = {
enable = true;
openDefaultPorts = true;
cert = toString config.sops.secrets.syncthing_cert.path;
key = toString config.sops.secrets.syncthing_key.path;
overrideFolders = true;
folders = {
# on encrypted drive
# ------------------
private = {
enable = true;
path = "/home/syncthing/private";
};
password-store = {
enable = true;
path = "/home/syncthing/password-store";
};
desktop = {
enable = true;
path = "/home/syncthing/desktop";
};
finance = {
enable = true;
path = "/home/syncthing/finance";
};
fotos = {
enable = true;
path = "/home/syncthing/fotos";
};
# no need to be encrypted
# -----------------------
books = {
enable = true;
path = "/media/syncthing/books";
rescanInterval = 8 * 3600;
};
lost-fotos = {
enable = true;
path = "/media/syncthing/lost-fotos.ct";
rescanInterval = 8 * 3600;
};
movies = {
enable = true;
path = "/media/syncthing/movies";
rescanInterval = 8 * 3600;
};
music-library = {
enable = true;
path = "/media/syncthing/music-library";
rescanInterval = 8 * 3600;
};
music-projects = {
enable = true;
path = "/media/syncthing/music-projects";
rescanInterval = 8 * 3600;
};
nextcloud_backup = {
enable = true;
path = "/media/syncthing/nextcloud_backup";
rescanInterval = 8 * 3600;
};
samples = {
enable = true;
path = "/media/syncthing/samples";
rescanInterval = 8 * 3600;
};
series = {
enable = true;
path = "/media/syncthing/series";
rescanInterval = 8 * 3600;
};
};
};
system.permown."/home/syncthing" = {
owner = "syncthing";
group = "syncthing";
};
system.permown."/media/syncthing" = {
owner = "syncthing";
group = "syncthing";
};
systemd.services."permown._media_syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
systemd.services."syncthing" = {
bindsTo = [ "media.mount" ];
after = [ "media.mount" ];
};
backup.dirs = [
config.services.syncthing.folders.finance.path
];
}