+100 -103

nix/home/modules/syncthing/default.nix

reviewed

··· 2 2 config, 3 3 lib, 4 4 pkgs, 5 5 + self, 5 6 osConfig ? {}, 6 7 ... 7 8 }: let 8 8 - syncthing = osConfig.services.syncthing.package or config.services.syncthing.package; 9 9 + inherit (self.lib.secrets.helpers) mkHostSecret; 9 10 syncthingtray = config.services.syncthing.tray.package; 10 11 cfg = config.my.syncthing; 11 12 in { 12 12 - options.my.syncthing.enable = 13 13 - lib.mkEnableOption "syncthing" 14 14 - // {default = osConfig.my.syncthing.enable or false;}; 13 13 + options.my.syncthing = { 14 14 + enable = 15 15 + lib.mkEnableOption "syncthing" 16 16 + // {default = osConfig.my.syncthing.enable or false;}; 17 17 + host = lib.mkOption { 18 18 + type = with lib.types; nullOr str; 19 19 + default = osConfig.networking.hostName or null; 20 20 + }; 21 21 + }; 15 22 16 23 config = lib.mkIf cfg.enable { 17 17 - home.packages = [syncthingtray]; 24 24 + assertions = [ 25 25 + { 26 26 + assertion = cfg.host != null; 27 27 + message = "config.my.syncthing.host must be set"; 28 28 + } 29 29 + ]; 30 30 + 31 31 + my.secretDefinitions = let 32 32 + owner = 33 33 + if (osConfig != {}) 34 34 + then config.home.username 35 35 + else "0"; 36 36 + in 37 37 + lib.mkIf (cfg.host != null) { 38 38 + "host.syncthing-cert" = mkHostSecret cfg.host "syncthing-cert" { 39 39 + inherit owner; 40 40 + }; 41 41 + "host.syncthing-key" = mkHostSecret cfg.host "syncthing-key" { 42 42 + inherit owner; 43 43 + }; 44 44 + }; 45 45 + 18 46 services.syncthing = { 19 19 - enable = osConfig == {}; 47 47 + enable = true; 20 48 tray.enable = true; 49 49 + cert = config.my.secrets."host.syncthing-cert".path; 50 50 + key = config.my.secrets."host.syncthing-key".path; 51 51 + settings = { 52 52 + gui.theme = "dark"; 53 53 + options = { 54 54 + localAnnounceEnabled = true; 55 55 + relaysEnabled = true; 56 56 + urAccepted = -1; # For no and don't ask again 57 57 + }; 58 58 + startBrowser = false; 59 59 + folders = let 60 60 + computers = ["desktop" "laptop" "steamdeck"]; 61 61 + phones = ["galaxyS23"]; 62 62 + servers = ["server"]; 63 63 + allDevices = computers ++ phones ++ servers; 64 64 + trashVersioning = { 65 65 + type = "trashcan"; 66 66 + params.cleanoutDays = "30"; 67 67 + }; 68 68 + in { 69 69 + "~/Sync" = { 70 70 + id = "default"; 71 71 + label = "Default Folder"; 72 72 + type = "sendreceive"; 73 73 + versioning = null; 74 74 + devices = allDevices; 75 75 + }; 76 76 + "~/Notes/Logseq" = { 77 77 + id = "6ymhp-fehcm"; 78 78 + label = "Notes/Logseq"; 79 79 + type = "sendreceive"; 80 80 + versioning = trashVersioning; 81 81 + devices = allDevices; 82 82 + }; 83 83 + "~/Notes/Obsidian" = { 84 84 + id = "tgnpg-efws9"; 85 85 + label = "Notes/Obsidian"; 86 86 + type = "sendreceive"; 87 87 + versioning = trashVersioning; 88 88 + devices = allDevices; 89 89 + }; 90 90 + "~/.steam/steam/userdata/85204334/config/grid" = { 91 91 + id = "steam-custom-icons"; 92 92 + label = "Steam/Custom Icons"; 93 93 + type = "sendreceive"; 94 94 + versioning = null; 95 95 + devices = computers ++ servers; 96 96 + }; 97 97 + }; 98 98 + devices = { 99 99 + desktop.id = "Q7UXFUW-Q4QWALL-AVBRBPW-Y2S44CV-IR4H3V4-OT2GH4V-6WCXBR4-STJXFQJ"; 100 100 + desktop.name = "Desktop"; 101 101 + laptop.id = "VFFQPOF-XAPVKHO-4PUSIVT-ACYNHAZ-GOQBWC6-SEYBXGE-2MBBMRS-TJRD4QL"; 102 102 + laptop.name = "Laptop"; 103 103 + pixel7.id = "PDMAJC4-SIXM4NI-UDMSLPU-3QSBSM2-ZUBLQDU-MNCR2HH-XUJIG52-PH4IKQC"; 104 104 + pixel7.name = "Pixel 7 Pro"; 105 105 + galaxyS23.id = "DPARDTW-7LHI6VK-CRKEYI4-VK6BWWP-DMW6KOG-6LWAT4O-QFGDFPR-XVO6RAF"; 106 106 + galaxyS23.name = "Galaxy S23"; 107 107 + server.id = "X5LHXQ6-NOCD2NO-RQ7FPLO-WFLLFRE-5BTTVL6-XLH3DAV-4ZIYI47-EEOVYAK"; 108 108 + server.name = "Server"; 109 109 + steamdeck.id = "OBZRWRW-B7DYVZC-RL5JV3D-6YNWG4O-MAIN2GY-KTEBY6V-DWQK36S-5E2O7AB"; 110 110 + steamdeck.name = "Steam Deck"; 111 111 + }; 112 112 + }; 21 113 }; 114 114 + 115 115 + home.packages = [syncthingtray]; 22 116 systemd.user.services.syncthingtray = { 23 117 Service.ExecStart = lib.mkForce (pkgs.writeShellScript "syncthingtray-wait" '' 24 118 ${syncthingtray}/bin/syncthingtray --wait 25 119 ''); 26 26 - Service.ExecStartPre = pkgs.writeShellScript "setup-syncthingtray" '' 27 27 - cat <<EOF >> ~/.config/syncthingtray.ini 28 28 - [General] 29 29 - v=${syncthingtray.version} 30 30 - 31 31 - [startup] 32 32 - considerForReconnect=false 33 33 - considerLauncherForReconnect=false 34 34 - showButton=false 35 35 - showLauncherButton=false 36 36 - stopOnMetered=false 37 37 - stopServiceOnMetered=false 38 38 - syncthingArgs="serve --no-browser --logflags=3" 39 39 - syncthingAutostart=false 40 40 - syncthingPath=syncthing 41 41 - syncthingUnit=syncthing.service 42 42 - systemUnit=false 43 43 - useLibSyncthing=false 44 44 - 45 45 - [tray] 46 46 - connections\1\apiKey=@ByteArray($(${syncthing}/bin/syncthing cli config dump-json | nu --stdin --commands 'from json | get gui.apiKey')) 47 47 - connections\1\authEnabled=false 48 48 - connections\1\autoConnect=true 49 49 - connections\1\devStatsPollInterval=60000 50 50 - connections\1\diskEventLimit=200 51 51 - connections\1\errorsPollInterval=30000 52 52 - connections\1\httpsCertPath=/home/lpchaim/.config/syncthing/https-cert.pem 53 53 - connections\1\label=Primary instance 54 54 - connections\1\longPollingTimeout=0 55 55 - connections\1\password= 56 56 - connections\1\pauseOnMetered=false 57 57 - connections\1\reconnectInterval=30000 58 58 - connections\1\requestTimeout=0 59 59 - connections\1\statusComputionFlags=59 60 60 - connections\1\syncthingUrl=http://127.0.0.1:8384 61 61 - connections\1\trafficPollInterval=5000 62 62 - connections\1\userName= 63 63 - connections\size=1 64 64 - dbusNotifications=true 65 65 - distinguishTrayIcons=false 66 66 - frameStyle=16 67 67 - ignoreInavailabilityAfterStart=15 68 68 - notifyOnDisconnect=true 69 69 - notifyOnErrors=true 70 70 - notifyOnLauncherErrors=true 71 71 - notifyOnLocalSyncComplete=false 72 72 - notifyOnNewDeviceConnects=false 73 73 - notifyOnNewDirectoryShared=false 74 74 - notifyOnRemoteSyncComplete=false 75 75 - positioning\assumedIconPos=@Point(0 0) 76 76 - positioning\useAssumedIconPosition=false 77 77 - positioning\useCursorPos=true 78 78 - preferIconsFromTheme=false 79 79 - showSyncthingNotifications=true 80 80 - showTabTexts=true 81 81 - showTraffic=true 82 82 - statusIcons="#ff26b6db,#ff0882c8,#ffffffff;#ffdb3c26,#ffc80828,#ffffffff;#ffc9ce3b,#ffebb83b,#ffffffff;#ff2d9d69,#ff2d9d69,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff" 83 83 - statusIconsRenderSize=@Size(32 32) 84 84 - statusIconsStrokeWidth=0 85 85 - tabPos=1 86 86 - trayIcons="#ff26b6db,#ff0882c8,#ffffffff;#ffdb3c26,#ffc80828,#ffffffff;#ffc9ce3b,#ffebb83b,#ffffffff;#ff2d9d69,#ff2d9d69,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff" 87 87 - trayIconsRenderSize=@Size(32 32) 88 88 - trayIconsStrokeWidth=0 89 89 - trayMenuSize=@Size(575 475) 90 90 - usePaletteForStatusIcons=false 91 91 - usePaletteForTrayIcons=false 92 92 - windowType=0 93 93 - 94 94 - [webview] 95 95 - customCommand= 96 96 - disabled=false 97 97 - mode=0 98 98 - qt\customfont=false 99 99 - qt\customicontheme=false 100 100 - qt\customlocale=false 101 101 - qt\custompalette=false 102 102 - qt\customstylesheet=false 103 103 - qt\customwidgetstyle=false 104 104 - qt\font="Sans Serif,9,-1,5,400,0,0,0,0,0,0,0,0,0,0,1" 105 105 - qt\icontheme=hicolor 106 106 - qt\iconthemepath= 107 107 - qt\locale=en_US 108 108 - qt\palette=@Variant(\0\0\0\x44\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xcb\x4\xcb\x4\xcb\x4\0\0\x1\x1\xff\xff\x9f\xf4\x9f\xf4\x9f\xf4\0\0\x1\x1\xff\xff\xb8\x90\xb8\x90\xb8\x90\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xffv{v{v{\0\0\x1\x1\xff\xff\x30\x30\x8c\x8c\xc6\xc6\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\0\0\0\0\xff\xff\0\0\x1\x1\xff\xff\xff\xff\0\0\xff\xff\0\0\x1\x1\xff\xff\xf7\xf7\xf7\xf7\xf7\xf7\0\0\x1\x1\xff\xff\xbe\xbe\xbe\xbe\xbe\xbe\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xcb\x4\xcb\x4\xcb\x4\0\0\x1\x1\xff\xff\xbe\xbe\xbe\xbe\xbe\xbe\0\0\x1\x1\xff\xff\xb8\x90\xb8\x90\xb8\x90\0\0\x1\x1\xff\xff\xbe\xbe\xbe\xbe\xbe\xbe\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xbe\xbe\xbe\xbe\xbe\xbe\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xff\xb1\xb8\xb1\xb8\xb1\xb8\0\0\x1\x1\xff\xff\x91\x91\x91\x91\x91\x91\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\0\0\0\0\xff\xff\0\0\x1\x1\xff\xff\xff\xff\0\0\xff\xff\0\0\x1\x1\xff\xff\xf7\xf7\xf7\xf7\xf7\xf7\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xcb\x4\xcb\x4\xcb\x4\0\0\x1\x1\xff\xff\x9f\xf4\x9f\xf4\x9f\xf4\0\0\x1\x1\xff\xff\xb8\x90\xb8\x90\xb8\x90\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xef\xef\xef\xef\xef\xef\0\0\x1\x1\xff\xffv{v{v{\0\0\x1\x1\xff\xff\x30\x30\x8c\x8c\xc6\xc6\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\0\0\0\0\xff\xff\0\0\x1\x1\xff\xff\xff\xff\0\0\xff\xff\0\0\x1\x1\xff\xff\xf7\xf7\xf7\xf7\xf7\xf7\0\0) 109 109 - qt\plugindir= 110 110 - qt\stylesheetpath= 111 111 - qt\trpath= 112 112 - qt\widgetstyle= 113 113 - EOF 114 114 - ''; 115 115 - Unit.X-Restart-Triggers = [ 116 116 - syncthing 117 117 - syncthingtray 118 118 - "syncthing.systemunit.service" 119 119 - "syncthing-init.systemunit.service" 120 120 - "syncthing-relay.systemunit.service" 121 121 - ]; 122 122 - Unit.X-SwitchMethod = "restart"; 123 120 }; 124 121 }; 125 122 }

+3 -89

nix/nixos/modules/syncthing/default.nix

reviewed

··· 1 1 { 2 2 config, 3 3 - inputs, 4 3 lib, 5 4 ... 6 5 }: let 7 7 - inherit (config.my.config) name; 8 8 - inherit (inputs.self.lib.secrets.helpers) mkHostSecret; 9 6 cfg = config.my.syncthing; 10 10 - home = config.home-manager.users.lpchaim.home.homeDirectory; 11 7 in { 12 8 options.my.syncthing.enable = lib.mkEnableOption "syncthing"; 13 9 14 10 config = lib.mkIf cfg.enable { 15 15 - my.secretDefinitions = { 16 16 - "host.syncthing-cert" = mkHostSecret config "syncthing-cert" { 17 17 - mode = "0440"; 18 18 - }; 19 19 - "host.syncthing-key" = mkHostSecret config "syncthing-key" { 20 20 - mode = "0440"; 21 21 - }; 22 22 - }; 23 23 - 24 24 - systemd.services.syncthing.preStart = let 25 25 - paths = builtins.attrNames config.services.syncthing.settings.folders; 26 26 - commands = map (p: "mkdir -p '${p}'") paths; 27 27 - script = builtins.concatStringsSep "\n" commands; 28 28 - in 29 29 - script; 30 30 - 31 31 - services.syncthing = { 32 32 - enable = true; 33 33 - relay.enable = true; 34 34 - openDefaultPorts = true; 35 35 - user = name.user; 36 36 - group = name.user; 37 37 - cert = config.my.secrets."host.syncthing-cert".path; 38 38 - key = config.my.secrets."host.syncthing-key".path; 39 39 - dataDir = "${home}/Syncthing"; 40 40 - configDir = "${home}/.config/syncthing"; 41 41 - settings = { 42 42 - gui.theme = "black"; 43 43 - options.relaysEnabled = true; 44 44 - options.urAccepted = -1; # For no and don't ask again 45 45 - options.localAnnounceEnabled = true; 46 46 - startBrowser = false; 47 47 - folders = let 48 48 - computers = ["desktop" "laptop" "steamdeck" "server"]; 49 49 - phones = ["pixel7" "galaxyS23"]; 50 50 - allDevices = computers ++ phones; 51 51 - trashVersioning = { 52 52 - type = "trashcan"; 53 53 - params.cleanoutDays = "30"; 54 54 - }; 55 55 - in { 56 56 - "${home}/Sync" = { 57 57 - id = "default"; 58 58 - label = "Default Folder"; 59 59 - type = "sendreceive"; 60 60 - versioning = null; 61 61 - devices = allDevices; 62 62 - }; 63 63 - "${home}/Notes/Logseq" = { 64 64 - id = "6ymhp-fehcm"; 65 65 - label = "Notes/Logseq"; 66 66 - type = "sendreceive"; 67 67 - versioning = trashVersioning; 68 68 - devices = allDevices; 69 69 - }; 70 70 - "${home}/Notes/Obsidian" = { 71 71 - id = "tgnpg-efws9"; 72 72 - label = "Obsidian"; 73 73 - type = "sendreceive"; 74 74 - versioning = trashVersioning; 75 75 - devices = allDevices; 76 76 - }; 77 77 - "${home}/.steam/steam/userdata/85204334/config/grid" = { 78 78 - id = "steam-custom-icons"; 79 79 - label = "Steam/Custom Icons"; 80 80 - type = "sendreceive"; 81 81 - versioning = null; 82 82 - devices = computers; 83 83 - }; 84 84 - }; 85 85 - devices = { 86 86 - desktop.id = "Q7UXFUW-Q4QWALL-AVBRBPW-Y2S44CV-IR4H3V4-OT2GH4V-6WCXBR4-STJXFQJ"; 87 87 - desktop.name = "Desktop"; 88 88 - laptop.id = "VFFQPOF-XAPVKHO-4PUSIVT-ACYNHAZ-GOQBWC6-SEYBXGE-2MBBMRS-TJRD4QL"; 89 89 - laptop.name = "Laptop"; 90 90 - pixel7.id = "PDMAJC4-SIXM4NI-UDMSLPU-3QSBSM2-ZUBLQDU-MNCR2HH-XUJIG52-PH4IKQC"; 91 91 - pixel7.name = "Pixel 7 Pro"; 92 92 - galaxyS23.id = "DPARDTW-7LHI6VK-CRKEYI4-VK6BWWP-DMW6KOG-6LWAT4O-QFGDFPR-XVO6RAF"; 93 93 - galaxyS23.name = "Galaxy S23"; 94 94 - server.id = "X5LHXQ6-NOCD2NO-RQ7FPLO-WFLLFRE-5BTTVL6-XLH3DAV-4ZIYI47-EEOVYAK"; 95 95 - server.name = "Server"; 96 96 - steamdeck.id = "OBZRWRW-B7DYVZC-RL5JV3D-6YNWG4O-MAIN2GY-KTEBY6V-DWQK36S-5E2O7AB"; 97 97 - steamdeck.name = "Steam Deck"; 98 98 - }; 99 99 - }; 11 11 + networking.firewall = { 12 12 + allowedTCPPorts = [22000]; 13 13 + allowedUDPPorts = [21027 22000]; 100 14 }; 101 15 }; 102 16 }