Move some (all) files around

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2024-07-08 20:01:55 +03:00
parent 9dfbe1203d
commit 7ab40e3493
103 changed files with 202 additions and 217 deletions
--- a/hosts/common/user/configs/console/syncthing/default.nix
+++ b/hosts/common/user/configs/console/syncthing/default.nix
@@ -0,0 +1,35 @@
+{
+  user ? throw "user argument is required",
+}:
+{ config, ... }:
+{
+  networking.firewall = {
+    allowedTCPPorts = [ 22000 ];
+    allowedUDPPorts = [
+      21027
+      22000
+    ];
+  };
+
+  sops.secrets = {
+    # openssl ecparam -name prime256v1 -genkey -noout -out key.pem
+    "syncthing/key" = {
+      owner = user.name;
+      group = "users";
+    };
+    # openssl req -new -x509 -key key.pem -out cert.pem -days 3650
+    "syncthing/cert" = {
+      owner = user.name;
+      group = "users";
+    };
+  };
+
+  home-manager.users.${user.name}.services.syncthing = {
+    enable = true;
+    key = config.sops.secrets."syncthing/key".path;
+    cert = config.sops.secrets."syncthing/cert".path;
+    extraOptions = [ "-no-default-folder" ];
+
+    settings.options.urAccepted = -1;
+  };
+}