103 lines
3.5 KiB
Nix
103 lines
3.5 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
user,
|
|
host,
|
|
secrets,
|
|
... }: let
|
|
# helper funcitons
|
|
conv = _: device: with device; { "${name}" = {id = id;};};
|
|
justname = devices: (builtins.map (device: device.name)) devices;
|
|
todevice = key: name: { inherit name; id = secrets.syncthing.id.${key}; };
|
|
|
|
devices = builtins.mapAttrs todevice {
|
|
north = "NxNORTH";
|
|
xps = "NxXPS";
|
|
ace = "NxACE";
|
|
s21u = "NxS21U";
|
|
diane = "diane";
|
|
daniel = "daniel";
|
|
tessa = "tessa";
|
|
georg = "georg";
|
|
};
|
|
|
|
dirs = {
|
|
default = { name = "sync"; path = "/home/${user}/sync"; };
|
|
s21u-dcim = { name = "s21u-dcim"; path = "/vault/Pictures/Lennart"; };
|
|
diane-dcim = { name = "diane-dcim"; path = "/vault/Pictures/Diane"; };
|
|
dianesd-dcim = { name = "dianesd-dcim"; path = "/vault/Pictures/Diane-SD"; };
|
|
daniel-dcim = { name = "daniel-dcim"; path = "/vault/Pictures/Daniel"; };
|
|
tessa-dcim = { name = "tessa-dcim"; path = "/vault/Pictures/Tessa"; };
|
|
};
|
|
in {
|
|
sops.secrets = {
|
|
"syncthing/${host}/cert.pem" = { owner = user; };
|
|
"syncthing/${host}/key.pem" = { owner = user; };
|
|
};
|
|
services.syncthing = with (builtins.mapAttrs conv devices); {
|
|
enable = true;
|
|
user = "${user}";
|
|
dataDir = "/home/${user}/.local/share/syncthing"; # useless ?
|
|
configDir = "/home/${user}/.config/syncthing";
|
|
key = config.sops.secrets."syncthing/${host}/key.pem".path;
|
|
cert = config.sops.secrets."syncthing/${host}/cert.pem".path;
|
|
overrideDevices = true;
|
|
overrideFolders = true;
|
|
# guiAddress = "127.0.0.1:8384";
|
|
guiAddress = if ( host == "NxACE" ) then "0.0.0.0:8384" else "127.0.0.1:8384";
|
|
settings = {
|
|
devices = with (builtins.mapAttrs conv devices); if (host == "NxXPS") then (
|
|
north // ace // s21u
|
|
) else if (host == "NxNORTH") then (
|
|
xps // ace // s21u
|
|
) else (
|
|
north // xps // s21u // diane // daniel // tessa // georg
|
|
);
|
|
folders = with dirs; if (host == "NxXPS") then {
|
|
"${default.name}" = {
|
|
path = default.path;
|
|
devices = with devices; (justname [ north ace s21u ]);
|
|
};
|
|
} else if (host == "NxNORTH") then {
|
|
"${default.name}" = {
|
|
path = default.path;
|
|
devices = with devices; (justname [ xps ace s21u ]);
|
|
};
|
|
} else { # NxACE
|
|
"${default.name}" = {
|
|
path = default.path;
|
|
devices = with devices; (justname [ xps north s21u ]);
|
|
};
|
|
"${s21u-dcim.name}" = {
|
|
path = s21u-dcim.path;
|
|
devices = with devices; (justname [ s21u ]);
|
|
};
|
|
"${diane-dcim.name}" = {
|
|
path = diane-dcim.path;
|
|
devices = with devices; (justname [ diane ]);
|
|
};
|
|
"${dianesd-dcim.name}" = {
|
|
path = dianesd-dcim.path;
|
|
devices = with devices; (justname [ diane ]);
|
|
};
|
|
"${daniel-dcim.name}" = {
|
|
path = daniel-dcim.path;
|
|
devices = with devices; (justname [ daniel ]);
|
|
};
|
|
"${tessa-dcim.name}" = {
|
|
path = tessa-dcim.path;
|
|
devices = with devices; (justname [ tessa ]);
|
|
};
|
|
};
|
|
gui = {
|
|
theme = "black";
|
|
user = user;
|
|
password = secrets.syncthing.gui-password; # option to use a file is till in the works... https://github.com/NixOS/nixpkgs/issues/85336
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services."syncthing".after = [ "sops-nix.service" ];
|
|
}
|
|
|