···
cfg = config.services.syncthing;
defaultUser = "syncthing";
+
defaultGroup = defaultUser;
devices = mapAttrsToList (name: device: {
inherit (device) name addresses introducer;
folders = mapAttrsToList ( _: folder: {
inherit (folder) path id label type;
+
devices = map (device: { deviceId = cfg.devices.${device}.id; }) folder.devices;
rescanIntervalS = folder.rescanInterval;
fsWatcherEnabled = folder.watch;
fsWatcherDelayS = folder.watchDelay;
···
updateConfig = pkgs.writers.writeDash "merge-syncthing-config" ''
···
# generate the new config by merging with the NixOS config options
new_cfg=$(echo "$old_cfg" | ${pkgs.jq}/bin/jq -c '. * {
+
"devices": (${builtins.toJSON devices}${optionalString (! cfg.overrideDevices) " + .devices"}),
+
"folders": (${builtins.toJSON folders}${optionalString (! cfg.overrideFolders) " + .folders"})
+
} * ${builtins.toJSON cfg.extraOptions}')
curl -X PUT -d "$new_cfg" ${cfg.guiAddress}/rest/config
···
+
enable = mkEnableOption
+
"Syncthing, a self-hosted open-source alternative to Dropbox and Bittorrent Sync";
+
type = types.nullOr types.str;
+
Path to the <literal>cert.pem</literal> file, which will be copied into Syncthing's
+
<link linkend="opt-services.syncthing.configDir">configDir</link>.
+
type = types.nullOr types.str;
+
Path to the <literal>key.pem</literal> file, which will be copied into Syncthing's
+
<link linkend="opt-services.syncthing.configDir">configDir</link>.
+
overrideDevices = mkOption {
+
Whether to delete the devices which are not configured via the
+
<link linkend="opt-services.syncthing.devices">devices</link> option.
+
If set to <literal>false</literal>, devices added via the web
+
interface will persist and will have to be deleted manually.
+
Peers/devices which Syncthing should communicate with.
+
Note that you can still add devices manually, but those changes
+
will be reverted on restart if <link linkend="opt-services.syncthing.overrideDevices">overrideDevices</link>
+
id = "7CFNTQM-IMTJBHJ-3UWRDIU-ZGQJFR6-VCXZ3NB-XUH3KZO-N52ITXR-LAIYUAU";
+
addresses = [ "tcp://192.168.0.10:51820" ];
+
type = types.attrsOf (types.submodule ({ name, ... }: {
+
The name of the device.
+
type = types.listOf types.str;
+
The addresses used to connect to the device.
+
If this is left empty, dynamic configuration is attempted.
+
The device ID. See <link xlink:href="https://docs.syncthing.net/dev/device-ids.html"/>.
+
introducer = mkOption {
+
Whether the device should act as an introducer and be allowed
+
to add folders on this computer.
+
See <link xlink:href="https://docs.syncthing.net/users/introducer.html"/>.
+
overrideFolders = mkOption {
+
Whether to delete the folders which are not configured via the
+
<link linkend="opt-services.syncthing.folders">folders</link> option.
+
If set to <literal>false</literal>, folders added via the web
+
interface will persist and will have to be deleted manually.
+
Folders which should be shared by Syncthing.
+
Note that you can still add devices manually, but those changes
+
will be reverted on restart if <link linkend="opt-services.syncthing.overrideDevices">overrideDevices</link>
+
example = literalExample ''
+
devices = [ "bigbox" ];
+
type = types.attrsOf (types.submodule ({ name, ... }: {
+
Whether to share this folder.
+
This option is useful when you want to define all folders
+
in one place, but not every machine should share all folders.
+
The path to the folder which should be shared.
+
The ID of the folder. Must be the same on all devices.
+
The label of the folder.
+
type = types.listOf types.str;
+
The devices this folder should be shared with. Each device must
+
be defined in the <link linkend="opt-services.syncthing.devices">devices</link> option.
+
versioning = mkOption {
+
How to keep changed/deleted files with Syncthing.
+
There are 4 different types of versioning with different parameters.
+
See <link xlink:href="https://docs.syncthing.net/users/versioning.html"/>.
+
example = literalExample ''
···
+
params.versionsPath = pkgs.writers.writeBash "backup" '''
rm -rf "$folderpath/$filepath"
+
type = with types; nullOr (submodule {
+
type = enum [ "external" "simple" "staggered" "trashcan" ];
+
The type of versioning.
+
See <link xlink:href="https://docs.syncthing.net/users/versioning.html"/>.
+
type = attrsOf (either str path);
+
The parameters for versioning. Structure depends on
+
<link linkend="opt-services.syncthing.folders._name_.versioning.type">versioning.type</link>.
+
See <link xlink:href="https://docs.syncthing.net/users/versioning.html"/>.
+
rescanInterval = mkOption {
+
How often the folder should be rescanned for changes.
+
type = types.enum [ "sendreceive" "sendonly" "receiveonly" ];
+
default = "sendreceive";
+
Whether to only send changes for this folder, only receive them
+
Whether the folder should be watched for changes by inotify.
+
watchDelay = mkOption {
+
The delay after an inotify event is triggered.
+
ignorePerms = mkOption {
+
Whether to ignore permission changes.
+
ignoreDelete = mkOption {
+
Whether to skip deleting files that are deleted by peers.
+
See <link xlink:href="https://docs.syncthing.net/advanced/folder-ignoredelete.html"/>.
+
extraOptions = mkOption {
+
type = types.addCheck (pkgs.formats.json {}).type isAttrs;
+
Extra configuration options for Syncthing.
+
See <link xlink:href="https://docs.syncthing.net/users/config.html"/>.
+
options.localAnnounceEnabled = false;
···
default = "127.0.0.1:8384";
+
The address to serve the web interface at.
systemService = mkOption {
+
Whether to auto-launch Syncthing as a system service.
+
The user to run Syncthing as.
+
By default, a user named <literal>${defaultUser}</literal> will be created.
+
default = defaultGroup;
+
The group to run Syncthing under.
+
By default, a group named <literal>${defaultGroup}</literal> will be created.
···
example = "socks5://address.com:1234";
+
Overwrites the all_proxy environment variable for the Syncthing process to
+
the given value. This is normally used to let Syncthing connect
+
through a SOCKS5 proxy server.
+
See <link xlink:href="https://docs.syncthing.net/users/proxying.html"/>.
default = "/var/lib/syncthing";
+
example = "/home/yourUser";
+
The path where synchronised directories will exist.
+
cond = versionAtLeast config.system.stateVersion "19.03";
+
The path where the settings and keys will exist.
+
default = cfg.dataDir + (optionalString cond "/.config/syncthing");
+
defaultText = literalExample "dataDir${optionalString cond " + \"/.config/syncthing\""}";
openDefaultPorts = mkOption {
+
Whether to open the default ports in the firewall: TCP 22000 for transfers
+
and UDP 21027 for discovery.
+
If multiple users are running Syncthing on this machine, you will need
+
to manually open a set of ports for each instance and leave this disabled.
+
Alternatively, if you are running only a single instance on this machine
+
using the default ports, enable this.
default = pkgs.syncthing;
+
defaultText = literalExample "pkgs.syncthing";
+
The Syncthing package to use.
+
(mkRemovedOptionModule [ "services" "syncthing" "useInotify" ] ''
This option was removed because Syncthing now has the inotify functionality included under the name "fswatcher".
+
It can be enabled on a per-folder basis through the web interface.
+
mkRenamedOptionModule [ "services" "syncthing" "declarative" o ] [ "services" "syncthing" o ]
+
) [ "cert" "key" "devices" "folders" "overrideDevices" "overrideFolders" "extraOptions"];
···
+
users.groups = mkIf (cfg.systemService && cfg.group == defaultGroup) {
config.ids.gids.syncthing;
···
RestartForceExitStatus="3 4";
+
ExecStartPre = mkIf (cfg.cert != null || cfg.key != null)
"+${pkgs.writers.writeBash "syncthing-copy-keys" ''
install -dm700 -o ${cfg.user} -g ${cfg.group} ${cfg.configDir}
+
${optionalString (cfg.cert != null) ''
+
install -Dm400 -o ${cfg.user} -g ${cfg.group} ${toString cfg.cert} ${cfg.configDir}/cert.pem
+
${optionalString (cfg.key != null) ''
+
install -Dm400 -o ${cfg.user} -g ${cfg.group} ${toString cfg.key} ${cfg.configDir}/key.pem
···
+
cfg.devices != {} || cfg.folders != {} || cfg.extraOptions != {}
description = "Syncthing configuration updater";
after = [ "syncthing.service" ];
pyrox.dev