From 1c5ce3f93c33a5418ca735daa97efcdadc3325a8 Mon Sep 17 00:00:00 2001 From: Alexander Heldt Date: Sun, 22 Oct 2023 20:21:43 +0200 Subject: [PATCH] sombrero: Add `syncthing` module --- hosts/sombrero/configuration.nix | 126 +--------------- hosts/sombrero/modules/syncthing/default.nix | 147 +++++++++++++++++++ 2 files changed, 148 insertions(+), 125 deletions(-) create mode 100644 hosts/sombrero/modules/syncthing/default.nix diff --git a/hosts/sombrero/configuration.nix b/hosts/sombrero/configuration.nix index 8210780..12d93d3 100644 --- a/hosts/sombrero/configuration.nix +++ b/hosts/sombrero/configuration.nix @@ -76,7 +76,6 @@ 80 443 1122 # ssh - 8384 # syncthing ]; }; }; @@ -90,15 +89,6 @@ recommendedProxySettings = true; recommendedTlsSettings = true; - - virtualHosts."syncthing.sombrero.a2x.se" = { - forceSSL = true; - enableACME = true; - - locations."/" = { - proxyPass = "http://0.0.0.0:8384"; - }; - }; }; openssh = { @@ -130,121 +120,6 @@ }; }; - syncthing = { - enable = true; - openDefaultPorts = true; - - user = "alex"; - group = "users"; - - dataDir = "/home/alex/backup/sync"; - - cert = "/home/alex/backup/sync/hosts/sombrero/syncthing/cert.pem"; - key = "/home/alex/backup/sync/hosts/sombrero/syncthing/key.pem"; - - guiAddress = "0.0.0.0:8384"; - - settings = { - extraOptions = { - gui = { - user = "syncthing"; - password = "CBLPEBrHoGPOnfdZtLibnSAaPAALXfSU"; - insecureSkipHostcheck = false; - }; - }; - - devices = { - phone.id = "NJIMX57-C2CGV76-GXMAQYV-ABWDA7Z-TS6UV2X-NVL5UPG-UFEQH4C-TKYA6QM"; - bennu.id = "YXA2PVY-XNUS5HZ-4ZC6A65-O3JRY3S-P6UKE6N-FSUBOYE-JZ7UJWR-ILXMUAW"; - pinwheel.id = "AKS5L2A-NFCG5GV-3U5SSSZ-PLOX6BQ-ZL5ALXI-D7OK4KE-R2JPWRJ-B6AQJQ7"; - }; - - folders = { - "hosts" = { - path = "/home/alex/backup/sync/hosts"; - devices = [ "bennu" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "org" = { - path = "/home/alex/backup/sync/org"; - devices = [ "phone" "bennu" "pinwheel" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "phone-gps" = { - path = "/home/alex/backup/sync/gps"; - devices = [ "bennu" "phone" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "personal" = { - path = "/home/alex/backup/sync/personal"; - devices = [ "bennu" "pinwheel" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "work" = { - path = "/home/alex/backup/sync/work"; - devices = [ "bennu" "pinwheel" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "time-tracking" = { - path = "/home/alex/backup/sync/time-tracking"; - devices = [ "phone" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "books" = { - path = "/home/alex/backup/books"; - devices = [ "bennu" "pinwheel" ]; - versioning = { - type = "staggered"; - params = { - maxAge = "2592000"; # 30 days - }; - }; - }; - - "audiobooks" = { - path = "/home/alex/media/sync/audiobooks"; - devices = [ "phone" ]; - }; - }; - }; - }; - restic.backups = { "sync" = { initialize = true; @@ -308,6 +183,7 @@ mod = { docker.enable = true; + syncthing.enable = true; plex.enable = true; calibre-web.enable = true; }; diff --git a/hosts/sombrero/modules/syncthing/default.nix b/hosts/sombrero/modules/syncthing/default.nix new file mode 100644 index 0000000..abc35f9 --- /dev/null +++ b/hosts/sombrero/modules/syncthing/default.nix @@ -0,0 +1,147 @@ +{ lib, config, ... }: +let + enabled = config.mod.syncthing.enable; +in +{ + options = { + mod.syncthing = { + enable = lib.mkEnableOption "add syncthing module"; + }; + }; + + config = lib.mkIf enabled { + networking = { + firewall = { + allowedTCPPorts = [ 8384 ]; + }; + }; + + services = { + syncthing = { + enable = true; + openDefaultPorts = true; + + user = "alex"; + group = "users"; + + dataDir = "/home/alex/backup/sync"; + + cert = "/home/alex/backup/sync/hosts/sombrero/syncthing/cert.pem"; + key = "/home/alex/backup/sync/hosts/sombrero/syncthing/key.pem"; + + guiAddress = "0.0.0.0:8384"; + + settings = { + extraOptions = { + gui = { + user = "syncthing"; + password = "CBLPEBrHoGPOnfdZtLibnSAaPAALXfSU"; + insecureSkipHostcheck = false; + }; + }; + + devices = { + phone.id = "NJIMX57-C2CGV76-GXMAQYV-ABWDA7Z-TS6UV2X-NVL5UPG-UFEQH4C-TKYA6QM"; + bennu.id = "YXA2PVY-XNUS5HZ-4ZC6A65-O3JRY3S-P6UKE6N-FSUBOYE-JZ7UJWR-ILXMUAW"; + pinwheel.id = "AKS5L2A-NFCG5GV-3U5SSSZ-PLOX6BQ-ZL5ALXI-D7OK4KE-R2JPWRJ-B6AQJQ7"; + }; + + folders = { + "hosts" = { + path = "/home/alex/backup/sync/hosts"; + devices = [ "bennu" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "org" = { + path = "/home/alex/backup/sync/org"; + devices = [ "phone" "bennu" "pinwheel" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "phone-gps" = { + path = "/home/alex/backup/sync/gps"; + devices = [ "bennu" "phone" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "personal" = { + path = "/home/alex/backup/sync/personal"; + devices = [ "bennu" "pinwheel" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "work" = { + path = "/home/alex/backup/sync/work"; + devices = [ "bennu" "pinwheel" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "time-tracking" = { + path = "/home/alex/backup/sync/time-tracking"; + devices = [ "phone" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "books" = { + path = "/home/alex/backup/books"; + devices = [ "bennu" "pinwheel" ]; + versioning = { + type = "staggered"; + params = { + maxAge = "2592000"; # 30 days + }; + }; + }; + + "audiobooks" = { + path = "/home/alex/media/sync/audiobooks"; + devices = [ "phone" ]; + }; + }; + }; + }; + + nginx = { + virtualHosts."syncthing.sombrero.a2x.se" = { + forceSSL = true; + enableACME = true; + + locations."/" = { + proxyPass = "http://0.0.0.0:8384"; + }; + }; + }; + }; + }; +}