diff --git a/flake.nix b/flake.nix index 701a001..da6c883 100644 --- a/flake.nix +++ b/flake.nix @@ -203,8 +203,8 @@ root-passwd-hash.file = ./secrets/root_passwd_hash.age; sasl-passwd.file = ./secrets/postfix_sasl_passwd.age; - #syncthing-key.file = ./secrets/mtworx/syncthing/key.pem.age; - #syncthing-cert.file = ./secrets/mtworx/syncthing/cert.pem.age; + syncthing-key.file = ./secrets/vno1-gdrx/syncthing/key.pem.age; + syncthing-cert.file = ./secrets/vno1-gdrx/syncthing/cert.pem.age; }; } ]; diff --git a/hosts/vno1-gdrx/configuration.nix b/hosts/vno1-gdrx/configuration.nix index 574e984..cf6c8bf 100644 --- a/hosts/vno1-gdrx/configuration.nix +++ b/hosts/vno1-gdrx/configuration.nix @@ -66,11 +66,19 @@ in services = { sshguard.enable = false; + tailscale = { enable = true; verboseLogs = true; }; + syncthing = { + enable = true; + dataDir = "/home/motiejus/"; + user = "motiejus"; + group = "users"; + }; + #btrfssnapshot = { # enable = true; # subvolumes = [ diff --git a/modules/services/syncthing/default.nix b/modules/services/syncthing/default.nix index f95f92a..e5cb423 100644 --- a/modules/services/syncthing/default.nix +++ b/modules/services/syncthing/default.nix @@ -14,6 +14,7 @@ let "rzj-744P2PE".id = "UW6ISH2-NW6X6AW-BJR76TV-TV3BIGZ-PA5QH2M-YEF567T-IWMHKD5-P3XHHAH"; "sqq1-desk".id = "WJ5KGRS-AGDZ7SW-INIVWHR-Q4E5QX4-Y4TT2AK-QRJTOTL-2UHXX6O-5MUPGA2"; "vno1-vinc".id = "4W3S7R2-OWI6XO6-V4NMDNB-NTIETYP-QJSBQGA-WEIXPHR-WNZZ7R4-VT4COAR"; + "vno1-gdrx".id = "XOZO6GL-MEH55QR-PTNRVHE-45PD3L2-SHP7XW6-VXKROQ5-F47U3AX-QQACLQP"; "vno2-irena".id = "VL2MA2E-ZDGVHYN-A3Q3EKU-7J625QM-FG7CNXY-UKDL563-MDRRIEG-XQDS3AW"; "v-kfire".id = "REEDZAL-KPLWARZ-466J4BR-H5UDI6D-UUA33QG-HPZHIMX-WNFLDGD-PJLTFQZ"; "a-kfire".id = "VIQF4QW-2OLBBIK-XWOIO4A-264J32R-BE4J4BT-WEJXMYO-MXQDQHD-SJ6MEQ7"; @@ -21,6 +22,7 @@ let folders = { Books = { devices = [ + "vno1-gdrx" "fwminex" "mxp10" ]; @@ -28,12 +30,16 @@ let label = "Books"; }; Mail = { - devices = [ "fwminex" ]; + devices = [ + "vno1-gdrx" + "fwminex" + ]; id = "66fmz-x6f1a"; label = "Mail"; }; M-Active = { devices = [ + "vno1-gdrx" "mxp10" "fwminex" "mtworx" @@ -49,7 +55,10 @@ let }; }; M-Documents = { - devices = [ "fwminex" ]; + devices = [ + "vno1-gdrx" + "fwminex" + ]; id = "4fu7z-z6es2"; label = "M-Documents"; }; @@ -57,6 +66,7 @@ let devices = [ "vno1-vinc" "sqq1-desk" + "vno1-gdrx" "fwminex" "mtworx" "v-kfire" @@ -70,6 +80,7 @@ let M-Camera = { devices = [ "mxp10" + "vno1-gdrx" "fwminex" "mtworx" ]; @@ -82,12 +93,16 @@ let label = "R-Documents"; }; Pictures = { - devices = [ "fwminex" ]; + devices = [ + "vno1-gdrx" + "fwminex" + ]; id = "d3hur-cbzyw"; label = "Pictures"; }; Music = { devices = [ + "vno1-gdrx" "fwminex" "mtworx" "mxp10" @@ -97,6 +112,7 @@ let }; video-shared = { devices = [ + "vno1-gdrx" "mxp10" "mtworx" "fwminex" @@ -105,12 +121,16 @@ let label = "video-shared"; }; stud-cache = { - devices = [ "fwminex" ]; + devices = [ + "vno1-gdrx" + "fwminex" + ]; id = "2kq7n-jqzxj"; label = "stud-cache"; }; M-R = { devices = [ + "vno1-gdrx" "fwminex" "rzj-744P2PE" "mxp10" @@ -127,6 +147,11 @@ let id = "wuwai-qkcqj"; label = "Irenos"; }; + www-vno1-gdrx = { + devices = [ "vno1-gdrx" ]; + id = "7z7ao-3hbxi"; + label = "www-vno1-gdrx"; + }; www-fwminex = { devices = [ "fwminex" ]; id = "7z9sw-2nubh"; @@ -179,8 +204,23 @@ in settings = { devices = { } + // (lib.optionalAttrs (config.networking.hostName == "vno1-gdrx") { + inherit (devices) + vno1-gdrx + fwminex + mtworx + mxp10 + rzj-744P2PE + sqq1-desk + vno1-vinc + vno2-irena + v-kfire + a-kfire + ; + }) // (lib.optionalAttrs (config.networking.hostName == "fwminex") { inherit (devices) + vno1-gdrx fwminex mtworx mxp10 @@ -194,6 +234,7 @@ in }) // (lib.optionalAttrs (config.networking.hostName == "mtworx") { inherit (devices) + vno1-gdrx mtworx fwminex vno1-vinc @@ -235,6 +276,20 @@ in "${cfg.dataDir}/Video" = video-shared; "${cfg.dataDir}/music" = Music; "${cfg.dataDir}/www" = www-mtworx; + }) + // (lib.optionalAttrs (config.networking.hostName == "vno1-gdrx") { + "${cfg.dataDir}/Books" = Books; + "${cfg.dataDir}/Mail" = Mail; + "${cfg.dataDir}/M-Active" = M-Active; + "${cfg.dataDir}/M-Camera" = M-Camera; + "${cfg.dataDir}/M-Documents" = M-Documents; + "${cfg.dataDir}/Pictures" = Pictures; + "${cfg.dataDir}/M-R" = M-R; + "${cfg.dataDir}/stud-cache" = stud-cache; + "${cfg.dataDir}/video/shared" = video-shared; + "${cfg.dataDir}/video/Vaikai" = Vaikai; + "${cfg.dataDir}/music" = Music; + "${cfg.dataDir}/www" = www-vno1-gdrx; }); }; }; diff --git a/secrets.nix b/secrets.nix index f7afd2e..59f612b 100644 --- a/secrets.nix +++ b/secrets.nix @@ -38,6 +38,10 @@ in "secrets/mtworx/syncthing/key.pem.age" "secrets/mtworx/syncthing/cert.pem.age" ] +// mk ([ vno1-gdrx ] ++ motiejus) [ + "secrets/vno1-gdrx/syncthing/key.pem.age" + "secrets/vno1-gdrx/syncthing/cert.pem.age" +] // mk ([ fwminex ] ++ motiejus) [ "secrets/motiejus_server_passwd_hash.age" "secrets/root_server_passwd_hash.age" diff --git a/secrets/vno1-gdrx/syncthing/cert.pem.age b/secrets/vno1-gdrx/syncthing/cert.pem.age new file mode 100644 index 0000000..d937127 --- /dev/null +++ b/secrets/vno1-gdrx/syncthing/cert.pem.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> ssh-ed25519 lDWJbA qd8pCtAkTVE/GeUes2de1g1aUsYhwu1irvUl+vBW4V8 +Hp09L0sWIMnGU7+vTQ3nK+eWPICmwnFcv4PAae/UGu4 +-> X25519 XTt+hV/Amhe84t0Klb8tPHmlMNriOt/GyLEed8cS/Uo +nkJ9nUAFOBCMnDT//EOw/Fw3Reyp07QXW9cTt9bSWZE +-> X25519 8k2/ghGi/a5rCh9RI9YvEpOnyMm8UC4WJJuYVQV0jUs +OvPJPwLzhAiPDDnCDDkOEjuVMEgW94/BZHZA7YoFrB4 +-> piv-p256 +y2G/w AtumpdI8OtBy0KZlmQPXIa2uUoLo0z6nZOHmm+qDQi9P +/3fzNyESI1D+0QwLlu+kPqPOqTPIiD9gRe3lAjksjRo +-> piv-p256 jNqd3A Aqx0y3TaULqvMGecH971t3rrgoUP3/v1m054UMHv1Hco +tJjFn60OQawyIyDqNGpSKFjpgdBhB3S6Ry/rEGXWGjo +--- vvu+ME266bC882uH9jopi+YekAHa+SzC/WmTvifEfMc + ѣ5h_K~`_Xp@n pH:O|-1ɑOs/)'ҳ;GhD&Hy/4Ct,_P)VFާMs>d%Tfe>/ؠbT//ˀxHȄLz0Բ1H/cSJ064Q{PLGN3@2"麁 aUiՆwaD .FB6ݎ#;f*) +y]p7}E1: 4zeȌ8!p:ڃS"3^ڗuyqwxI_h׳UZ2R#I3MS֯i +{dG1o98q In ⁖}7܇XcjaX=澓y6jӃ+k?1 ~[Iz{۵NЃd#l=i6B`|3V[8]:eLc*'-!CTBs^g{1g6o1~e{>O4ڬƞ