···
1
+
{ config, lib, pkgs, ... }:
6
+
cfg = config.services.resilio;
8
+
resilioSync = pkgs.resilio;
10
+
listenAddr = cfg.httpListenAddr + ":" + (toString cfg.httpListenPort);
12
+
boolStr = x: if x then "true" else "false";
13
+
optionalEmptyStr = b: v: optionalString (b != "") v;
15
+
webUIConfig = optionalString cfg.enableWebUI
19
+
${optionalEmptyStr cfg.httpLogin "\"login\": \"${cfg.httpLogin}\","}
20
+
${optionalEmptyStr cfg.httpPass "\"password\": \"${cfg.httpPass}\","}
21
+
${optionalEmptyStr cfg.apiKey "\"api_key\": \"${cfg.apiKey}\","}
22
+
${optionalEmptyStr cfg.directoryRoot "\"directory_root\": \"${cfg.directoryRoot}\","}
23
+
"listen": "${listenAddr}"
28
+
optionalString (e ? "knownHosts")
29
+
(concatStringsSep "," (map (v: "\"${v}\"") e."knownHosts"));
31
+
sharedFoldersRecord =
32
+
concatStringsSep "," (map (entry:
33
+
let helper = attr: v:
34
+
if (entry ? attr) then boolStr entry.attr else boolStr v;
38
+
"secret": "${entry.secret}",
39
+
"dir": "${entry.directory}",
41
+
"use_relay_server": ${helper "useRelayServer" true},
42
+
"use_tracker": ${helper "useTracker" true},
43
+
"use_dht": ${helper "useDHT" false},
45
+
"search_lan": ${helper "searchLAN" true},
46
+
"use_sync_trash": ${helper "useSyncTrash" true},
48
+
"known_hosts": [${knownHosts entry}]
50
+
'') cfg.sharedFolders);
52
+
sharedFoldersConfig = optionalString (cfg.sharedFolders != [])
56
+
${sharedFoldersRecord}
60
+
configFile = pkgs.writeText "config.json"
63
+
"device_name": "${cfg.deviceName}",
64
+
"storage_path": "${cfg.storagePath}",
65
+
"listening_port": ${toString cfg.listeningPort},
68
+
"check_for_updates": ${boolStr cfg.checkForUpdates},
69
+
"use_upnp": ${boolStr cfg.useUpnp},
70
+
"download_limit": ${toString cfg.downloadLimit},
71
+
"upload_limit": ${toString cfg.uploadLimit},
72
+
"lan_encrypt_data": ${boolStr cfg.encryptLAN},
75
+
${sharedFoldersConfig}
81
+
services.resilio = {
86
+
If enabled, start the Resilio Sync daemon. Once enabled, you can
87
+
interact with the service through the Web UI, or configure it in your
88
+
NixOS configuration. Enabling the <literal>resilio</literal> service
89
+
also installs a systemd user unit which can be used to start
90
+
user-specific copies of the daemon. Once installed, you can use
91
+
<literal>systemctl --user start resilio</literal> as your user to start
92
+
the daemon using the configuration file located at
93
+
<literal>$HOME/.config/resilio-sync/config.json</literal>.
97
+
deviceName = mkOption {
99
+
example = "Voltron";
101
+
Name of the Resilio Sync device.
105
+
listeningPort = mkOption {
110
+
Listening port. Defaults to 0 which randomizes the port.
114
+
checkForUpdates = mkOption {
118
+
Determines whether to check for updates and alert the user
119
+
about them in the UI.
123
+
useUpnp = mkOption {
127
+
Use Universal Plug-n-Play (UPnP)
131
+
downloadLimit = mkOption {
136
+
Download speed limit. 0 is unlimited (default).
140
+
uploadLimit = mkOption {
145
+
Upload speed limit. 0 is unlimited (default).
149
+
httpListenAddr = mkOption {
151
+
default = "0.0.0.0";
152
+
example = "1.2.3.4";
154
+
HTTP address to bind to.
158
+
httpListenPort = mkOption {
162
+
HTTP port to bind on.
166
+
httpLogin = mkOption {
168
+
example = "allyourbase";
171
+
HTTP web login username.
175
+
httpPass = mkOption {
177
+
example = "arebelongtous";
180
+
HTTP web login password.
184
+
encryptLAN = mkOption {
187
+
description = "Encrypt LAN data.";
190
+
enableWebUI = mkOption {
194
+
Enable Web UI for administration. Bound to the specified
195
+
<literal>httpListenAddress</literal> and
196
+
<literal>httpListenPort</literal>.
200
+
storagePath = mkOption {
202
+
default = "/var/lib/resilio-sync/";
204
+
Where BitTorrent Sync will store it's database files (containing
205
+
things like username info and licenses). Generally, you should not
206
+
need to ever change this.
210
+
apiKey = mkOption {
213
+
description = "API key, which enables the developer API.";
216
+
directoryRoot = mkOption {
219
+
example = "/media";
220
+
description = "Default directory to add folders in the web UI.";
223
+
sharedFolders = mkOption {
226
+
[ { secret = "AHMYFPCQAHBM7LQPFXQ7WV6Y42IGUXJ5Y";
227
+
directory = "/home/user/sync_test";
228
+
useRelayServer = true;
232
+
useSyncTrash = true;
234
+
[ "192.168.1.2:4444"
240
+
Shared folder list. If enabled, web UI must be
241
+
disabled. Secrets can be generated using <literal>rslsync
242
+
--generate-secret</literal>. Note that this secret will be
243
+
put inside the Nix store, so it is realistically not very
246
+
If you would like to be able to modify the contents of this
247
+
directories, it is recommended that you make your user a
248
+
member of the <literal>resilio</literal> group.
250
+
Directories in this list should be in the
251
+
<literal>resilio</literal> group, and that group must have
252
+
write access to the directory. It is also recommended that
253
+
<literal>chmod g+s</literal> is applied to the directory
254
+
so that any sub directories created will also belong to
255
+
the <literal>resilio</literal> group. Also,
256
+
<literal>setfacl -d -m group:resilio:rwx</literal> and
257
+
<literal>setfacl -m group:resilio:rwx</literal> should also
258
+
be applied so that the sub directories are writable by
265
+
config = mkIf cfg.enable {
267
+
[ { assertion = cfg.deviceName != "";
268
+
message = "Device name cannot be empty.";
270
+
{ assertion = cfg.enableWebUI -> cfg.sharedFolders == [];
271
+
message = "If using shared folders, the web UI cannot be enabled.";
273
+
{ assertion = cfg.apiKey != "" -> cfg.enableWebUI;
274
+
message = "If you're using an API key, you must enable the web server.";
278
+
services.resilio.package = mkOptionDefault pkgs.resilio;
280
+
users.extraUsers.rslsync = {
281
+
description = "Resilio Sync Service user";
282
+
home = cfg.storagePath;
284
+
uid = config.ids.uids.rslsync;
288
+
users.extraGroups = [ { name = "rslsync"; } ];
290
+
systemd.services.resilio = with pkgs; {
291
+
description = "Resilio Sync Service";
292
+
wantedBy = [ "multi-user.target" ];
293
+
after = [ "network.target" "local-fs.target" ];
295
+
Restart = "on-abort";
299
+
"${resilioSync}/bin/rslsync --nodaemon --config ${configFile}";
303
+
systemd.user.services.resilio = with pkgs; {
304
+
description = "Resilio Sync user service";
305
+
after = [ "network.target" "local-fs.target" ];
307
+
Restart = "on-abort";
309
+
"${resilioSync}/bin/rslsync --nodaemon --config %h/.config/resilio-sync/config.json";
313
+
environment.systemPackages = [ cfg.package ];
pyrox.dev