diff --git a/configuration.nix b/configuration.nix
index 558a2b4..317e508 100755
--- a/configuration.nix
+++ b/configuration.nix
@@ -13,6 +13,7 @@ in
     ./system-modules/networking.nix
     ./system-modules/virtualisation.nix
     ./system-modules/sshd.nix
+    ./system-modules/syncthing.nix
     ./system-modules/hsmw.nix
     ./system-modules/docker.nix
     ./system-modules/health_reminder.nix
diff --git a/secrets/passwords-and-certificates.nix b/secrets/passwords-and-certificates.nix
index cc943b2..f225aac 100755
Binary files a/secrets/passwords-and-certificates.nix and b/secrets/passwords-and-certificates.nix differ
diff --git a/system-modules/syncthing.nix b/system-modules/syncthing.nix
new file mode 100644
index 0000000..604bbd7
--- /dev/null
+++ b/system-modules/syncthing.nix
@@ -0,0 +1,51 @@
+{ pkgs, lib, user, host, secrets, ...}:
+let 
+  devices = {
+    north = { name = "NxNORTH"; id = ""; };
+    xps = { name = "NxXPS"; id = ""; };
+    ace = { name = "NxACE"; id = ""; };
+    s21u = { name = "NxS21U"; id = ""; };
+    diane = { name = "diane"; id = ""; };
+    daniel = { name = "daniel"; id = ""; };
+    tessa = { name = "tessa"; id = ""; };
+    georg = { name = "georg"; id = ""; };
+  };
+  conv = _: device: with device; { "${name}" = {id = id;};}; 
+  dirs = {
+    default = { name = "sync"; path = "/home/${user}/sync"; };
+  };
+  justname = devices: (builtins.map (device: device.name)) devices;
+  cd = /home/${user}/.config/syncthing;
+in 
+lib.mkIf (user != "tv")
+{
+  services.syncthing = {
+    enable = true;
+    user = "${user}";
+    dataDir = "/home/${user}/.local/share/syncthing"; # useless ?
+    configDir = cd; 
+    # key = builtins.toFile "key.pem" secrets.syncthing.${host}.key;
+    # cert = builtins.toFile "cert.pem" secrets.syncthing.${host}.cert;
+    # overrideDevices = true;    
+    # overrideFolders = true;    
+    settings = {
+      devices = with (builtins.mapAttrs conv devices); if (host == "NxXPS") then (
+        north // ace // s21u
+      ) else if (host == "NxNORTH") then (
+        xps // ace // s21u
+      ) else (
+        north // xps // s21u // diane // daniel // tessa // georg 
+      );
+      folders = with dirs; if (host == "NxXPS") then {
+        "${default.name}" = {        
+          path = default.path;
+          devices = with devices; (justname [ north ace s21u ]);     
+        };
+      } else {
+        what = "dman";
+      };
+    };
+  };
+  
+}
+