karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af982a9f646967e1117c1778ca8e30aa06b76c5b
nix/hosts/common/user/configs/console/syncthing/default.nix
Nikolaos Karaolidis af982a9f64 Add syncthing systemd dependencies 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2024-07-29 22:59:56 +01:00

75 lines
2.1 KiB
Nix
Raw Blame History

{
username ? throw "username argument is required",
}:
{
config,
inputs,
lib,
pkgs,
...
}:
let
userConfig = config.users.users.${username};
hmConfig = config.home-manager.users.${username};
in
{
networking.firewall = {
allowedTCPPorts = [ 22000 ];
allowedUDPPorts = [
21027
22000
];
};
sops.secrets = {
# openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:3072
"syncthing/key" = {
owner = username;
group = "users";
};
# openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing"
"syncthing/cert" = {
owner = username;
group = "users";
};
};
home-manager.users.${username} = {
services.syncthing = {
enable = true;
key = config.sops.secrets."syncthing/key".path;
cert = config.sops.secrets."syncthing/cert".path;
extraOptions = [ "-no-default-folder" ];
settings = {
options.urAccepted = -1;
devices = {
amalthea.id = "2W7YT6Q-TO7CYMW-JH6QZXE-7Q6MDQQ-HPHKP4A-VI5HP7G-KLMGMST-MNRYHQG"; # Google Pixel 8 Pro
ganymede.id = "DXJPEJA-JNGF6I4-VIZYTX7-U345C5V-HIUTSFC-D36N2EM-Y3FAKJM-PRKYQAI"; # Samsung Galaxy Tab S7+
};
};
};
systemd.user.services.syncthing.Unit.After =
let
inherit (pkgs.callPackage "${inputs.impermanence}/lib.nix" { }) mkServiceName parentsOf;
removeHomePrefix =
path: lib.strings.removePrefix "~/" (lib.strings.removePrefix "${userConfig.home}/" path);
syncthingFolders = builtins.map (folder: removeHomePrefix folder.path) (
builtins.attrValues hmConfig.services.syncthing.settings.folders
);
in
lib.lists.flatten (
builtins.map (
persistence:
builtins.map (folder: "${mkServiceName persistence.persistentStoragePath folder}.service") (
builtins.filter (folder: builtins.elem folder persistence.directories) (
lib.lists.unique (lib.lists.flatten (builtins.map parentsOf syncthingFolders))
)
)
) (builtins.attrValues hmConfig.home.persistence)
)
++ [ "sops-nix.service" ];
};
}
Reference in New Issue View Git Blame Copy Permalink