From 53ed41b86dd4b83382735bbcd9b4895ed608fc32 Mon Sep 17 00:00:00 2001 From: Kopatz <7265381+Kropatz@users.noreply.github.com> Date: Wed, 3 Apr 2024 20:29:09 +0200 Subject: [PATCH] syncthing idk --- modules/collections/server.nix | 1 + modules/services/syncthing.nix | 38 +++++++++++++++++++++++++++++++++ secrets/secrets.nix | 2 ++ secrets/syncthing-cert.age | Bin 0 -> 1116 bytes secrets/syncthing-key.age | Bin 0 -> 610 bytes 5 files changed, 41 insertions(+) create mode 100644 modules/services/syncthing.nix create mode 100644 secrets/syncthing-cert.age create mode 100644 secrets/syncthing-key.age diff --git a/modules/collections/server.nix b/modules/collections/server.nix index 9d51065..6f605fe 100644 --- a/modules/collections/server.nix +++ b/modules/collections/server.nix @@ -14,6 +14,7 @@ ../services/samba.nix ../services/ssh.nix ../services/step-ca.nix + #../services/syncthing.nix ../services/wireguard.nix ### Other Modules ### #../games/palworld.nix diff --git a/modules/services/syncthing.nix b/modules/services/syncthing.nix new file mode 100644 index 0000000..9d468fe --- /dev/null +++ b/modules/services/syncthing.nix @@ -0,0 +1,38 @@ +{ config, pkgs, lib, vars, ... }: +let + basePath = "/mnt/1tbssd/syncthing"; +in +{ + age.secrets.syncthing-key = { + file = ../../secrets/syncthing-key.age; + owner = "syncthing"; + group = "syncthing"; + }; + age.secrets.syncthing-cert = { + file = ../../secrets/syncthing-cert.age; + owner = "syncthing"; + group = "syncthing"; + }; + services.syncthing = { + enable = true; + dataDir = basePath; + openDefaultPorts = true; + cert = "/run/agenix/syncthing-cert"; + key = "/run/agenix/syncthing-key"; + guiAddress = "0.0.0.0:8384"; + + settings = { + options.urAccepted = -1; + options.relaysEnabled = false; + devices.kop-pc.id = "2IEILKO-R6UVES4-N27PZRT-YLPOPR3-LTD5SXA-C65FWF3-RYD2B2Y-PEZLTAR"; + devices.kop-pc.adresses = [ "tcp://192.168.0.11:51820"]; + + folders."~/sync" = { + id = "sync"; + devices = [ "kop-pc" ]; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8384 ]; +} diff --git a/secrets/secrets.nix b/secrets/secrets.nix index aaf3fbd..ef10587 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -22,4 +22,6 @@ in "kavita.age".publicKeys = [ nix-test-vm server kop ]; "step-ca-pw.age".publicKeys = [ nix-test-vm server kop ]; "step-ca-key.age".publicKeys = [ nix-test-vm server kop ]; + "syncthing-key.age".publicKeys = [ server kop ]; + "syncthing-cert.age".publicKeys = [ server kop ]; } diff --git a/secrets/syncthing-cert.age b/secrets/syncthing-cert.age new file mode 100644 index 0000000000000000000000000000000000000000..ae005b4812959c42795e3cddf1b5370bab4c67a3 GIT binary patch literal 1116 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl3^R7g4pb=3%c$}$ z$<5bJO-sqHjM5MF&MR^>%*qZkbJEUmbt)?kb9Rh!)%Pm)Naw1`b@y>D33d$449yA7 zstEUR2~8;t$}~?jsB+KscFs&rE6Of2@iNYKDn_@>#knfe&`}|@(kwqXFk3q@C_SXe z#UsqzH#p2PPd~DtEX~n5FQYuvDA_$IAh$p}GoQ<~sKPkeKgTjNDJ{***gv4c%|FG^ z$RxMiBiO<>%+x&D(!$l;H6+U2#e_>&S63lFxxm7-%GsixId6KS^6GWIseO&+Ue8@bo=5x) zJ2hE~QG>brNb-3@-Xl`?HO~1(SG}xnOn7r7*MMt%nX_v{qtxD{{YPnU5jz3>;>-gyj`i36`8WVHabRzRlb??q8ju%}i zxais1`~4HbyUz7ITGczhTjX>1eLMZN=620DT^{F#Ye(j5>t0&T_fX4!uhLD`_zMn_ zYPY02(w4tqz3_aS`_!HHP10GKqjuGmPgng?eCp@&y&bj=vmRWVEBodYxAB%A5%&9y zPm9^IKJ5E^vG>+v^JAGVz7~7ZPBfT_>Y6`FsolskE7@3WO;TPj+v#1;I8}UYzu%3U z`)Bbl1GdIbzb@R^(`4{kWBWwgr)<~D>{iBTOuKTOL+e=dOqT1bSEzk%S*yG1dzgDs zVq?T7`Bj;0KWD7)p3irLDYU^Zf-7n9of`L=iMCN;`wK2ec~n2WrPumi_tn*;O{Ljx zw;q)|_un|9{$B>a+s-KwPbM+OIq+^iCTYRuLjJ5n^|cv;Kx>xWGR>C?w4=C(^_`$GN{+G&|Q@4;N=lIP=3{s;;}Xk~y16ZR_r1!dIGE)<-SPy12G; z-Qs;E_RRmTmawUJJ$(6f&Dl3{&6~r&SuVCK=+>&+yHI`3ZMM%Hn!uT_< zO#(8HElna)TJKs4|T3PZ98aldA6gfxp}3) zJ=J4ZuXH{C(2}@x#;j=@zAS7$`f*9bY}x$%txe6>6*j9^Ki+)&h((!)WI$z@&@My% vst=;Am2P+2(j-Ka*RKl9sFXazxy55cC;O#`;w(Ru!#iGH`QW7(p2rRVqjvZt literal 0 HcmV?d00001