deploy syncthing

2 files changed, 46 insertions, 0 deletions

diff --git a/modules/default.nix b/modules/default.nix
index 8843f86..46a058c 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -39,4 +39,5 @@
 
   mailserver = import ./mailserver;
   web = import ./web;
+  syncthing = import ./syncthing;
 }
diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix
new file mode 100644
index 0000000..2136a49
--- /dev/null
+++ b/modules/syncthing/default.nix
@@ -0,0 +1,45 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+{
+  services.syncthing = {
+    enable = true;
+    # Open ports in the firewall for Syncthing. (NOTE: this will not open syncthing gui port)
+    openDefaultPorts = true;
+    key = "/run/secrets/syncthing/key.pem";
+    cert = "/run/secrets/syncthing/cert.pem";
+
+    settings = {
+      devices = {
+        "ffm0089" = {
+          id = "D5LYWQQ-GRV6QOK-RXYD32P-YNNFU3C-C7XOEY2-EWHCWSQ-3XC4CHG-EWMOMQZ";
+        };
+        # "liduur" = { id = "DEVICE-ID-GOES-HERE"; };
+      };
+      folders = {
+        ".org" = {
+          path = "/home/audron/.org";
+          devices = [
+            "ffm0089"
+            # "liduur"
+          ];
+        };
+      };
+    };
+  };
+
+  secrets = {
+    syncthingKey = {
+      source = ../../secrets/syncthing/key.pem;
+      dest = config.services.syncthing.key;
+    };
+    syncthingCert = {
+      source = ../../secrets/syncthing/cert.pem;
+      dest = config.services.syncthing.cert;
+    };
+  };
+}