aylac.top / nixcfg-own-knot
forked from aylac.top/nixcfg
this repo has no description
fork atom
nixcfg-own-knot / modules / nixos / services / syncthing / default.nix
at 2d18c0c0950715202d4ec54b93b271309510829f 2.0 kB view raw
1{ 2 config, 3 lib, 4 ... 5}: { 6 options.myNixOS.services.syncthing = { 7 enable = lib.mkEnableOption "Syncthing file syncing service."; 8 9 certFile = lib.mkOption { 10 description = "Path to the certificate file."; 11 type = lib.types.path; 12 }; 13 14 keyFile = lib.mkOption { 15 description = "Path to the key file."; 16 type = lib.types.path; 17 }; 18 19 user = lib.mkOption { 20 description = "User to run Syncthing as."; 21 type = lib.types.str; 22 }; 23 }; 24 25 config = lib.mkIf config.myNixOS.services.syncthing.enable { 26 systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; 27 28 services = { 29 caddy.virtualHosts = 30 lib.mkIf 31 ( 32 config.myNixOS.services.caddy.enable 33 && config.myNixOS.services.tailscale.enable 34 ) { 35 "syncthing-${config.networking.hostName}.${config.mySnippets.tailnet.name}" = { 36 extraConfig = '' 37 bind tailscale/syncthing-${config.networking.hostName} 38 reverse_proxy localhost:8384 { 39 header_up Host localhost 40 } 41 ''; 42 }; 43 }; 44 45 syncthing = let 46 cfg = config.myNixOS.services.syncthing; 47 inherit (config.mySnippets.syncthing) devices; 48 49 inherit (config.mySnippets.syncthing) folders; 50 in { 51 enable = true; 52 cert = cfg.certFile; 53 configDir = "${config.services.syncthing.dataDir}/.config/syncthing"; 54 dataDir = "/home/${cfg.user}"; 55 key = cfg.keyFile; 56 openDefaultPorts = true; 57 inherit (cfg) user; 58 59 settings = { 60 options = { 61 localAnnounceEnabled = true; 62 relaysEnabled = true; 63 urAccepted = -1; 64 }; 65 66 inherit devices; 67 folders = 68 lib.filterAttrs ( 69 _name: value: 70 lib.elem config.networking.hostName value.devices 71 ) 72 folders; 73 }; 74 }; 75 }; 76 }; 77}