4 files changed, 47 insertions, 0 deletions

diff --git a/flake.nix b/flake.nix
index f2625a7..dc6556a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -110,6 +110,7 @@
               monitoring-node
               homepage
               web
+              syncthing
               {
                 services.nginx.virtualHosts."musicbrainz.vapor.systems" = (self.lib.nginx.proxyDomain "vapor.systems" "http://127.0.0.1:5000/");
               }
diff --git a/modules/default.nix b/modules/default.nix
index 8843f86..46a058c 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -39,4 +39,5 @@
 
   mailserver = import ./mailserver;
   web = import ./web;
+  syncthing = import ./syncthing;
 }
diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix
new file mode 100644
index 0000000..2136a49
--- /dev/null
+++ b/modules/syncthing/default.nix
@@ -0,0 +1,45 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+{
+  services.syncthing = {
+    enable = true;
+    # Open ports in the firewall for Syncthing. (NOTE: this will not open syncthing gui port)
+    openDefaultPorts = true;
+    key = "/run/secrets/syncthing/key.pem";
+    cert = "/run/secrets/syncthing/cert.pem";
+
+    settings = {
+      devices = {
+        "ffm0089" = {
+          id = "D5LYWQQ-GRV6QOK-RXYD32P-YNNFU3C-C7XOEY2-EWHCWSQ-3XC4CHG-EWMOMQZ";
+        };
+        # "liduur" = { id = "DEVICE-ID-GOES-HERE"; };
+      };
+      folders = {
+        ".org" = {
+          path = "/home/audron/.org";
+          devices = [
+            "ffm0089"
+            # "liduur"
+          ];
+        };
+      };
+    };
+  };
+
+  secrets = {
+    syncthingKey = {
+      source = ../../secrets/syncthing/key.pem;
+      dest = config.services.syncthing.key;
+    };
+    syncthingCert = {
+      source = ../../secrets/syncthing/cert.pem;
+      dest = config.services.syncthing.cert;
+    };
+  };
+}
diff --git a/secrets b/secrets
-Subproject bb6cfb47fc1e1d26444fb93ecfe03868bc74462
+Subproject 9dfcb67322112740f15af46350549b9f9092857