vno1-gdrx: +syncthing - config

commit 2b5daee129b35d6ac754fb207267e1dfe6f42da2 (tree)
parent 63ad6f0673f4ea9ced69d134b7ce4cc367968fa9
Author: Motiejus Jakštys <motiejus@jakstys.lt>
Date:   Mon,  5 Aug 2024 18:48:52 +0300

vno1-gdrx: +syncthing

Diffstat:
M flake.nix  | 4 ++--
M hosts/vno1-gdrx/configuration.nix  | 8 ++++++++
M modules/services/syncthing/default.nix  | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----
M secrets.nix  | 4 ++++
A secrets/vno1-gdrx/syncthing/cert.pem.age  | 17 +++++++++++++++++
A secrets/vno1-gdrx/syncthing/key.pem.age  | 0

6 files changed, 90 insertions(+), 6 deletions(-)
diff --git a/flake.nix b/flake.nix
@@ -203,8 +203,8 @@
                 root-passwd-hash.file = ./secrets/root_passwd_hash.age;
                 sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
 
-                #syncthing-key.file = ./secrets/mtworx/syncthing/key.pem.age;
-                #syncthing-cert.file = ./secrets/mtworx/syncthing/cert.pem.age;
+                syncthing-key.file = ./secrets/vno1-gdrx/syncthing/key.pem.age;
+                syncthing-cert.file = ./secrets/vno1-gdrx/syncthing/cert.pem.age;
               };
             }
           ];
diff --git a/hosts/vno1-gdrx/configuration.nix b/hosts/vno1-gdrx/configuration.nix
@@ -66,11 +66,19 @@ in
 
     services = {
       sshguard.enable = false;
+
       tailscale = {
         enable = true;
         verboseLogs = true;
       };
 
+      syncthing = {
+        enable = true;
+        dataDir = "/home/motiejus/";
+        user = "motiejus";
+        group = "users";
+      };
+
       #btrfssnapshot = {
       #  enable = true;
       #  subvolumes = [
diff --git a/modules/services/syncthing/default.nix b/modules/services/syncthing/default.nix
@@ -14,6 +14,7 @@ let
     "rzj-744P2PE".id = "UW6ISH2-NW6X6AW-BJR76TV-TV3BIGZ-PA5QH2M-YEF567T-IWMHKD5-P3XHHAH";
     "sqq1-desk".id = "WJ5KGRS-AGDZ7SW-INIVWHR-Q4E5QX4-Y4TT2AK-QRJTOTL-2UHXX6O-5MUPGA2";
     "vno1-vinc".id = "4W3S7R2-OWI6XO6-V4NMDNB-NTIETYP-QJSBQGA-WEIXPHR-WNZZ7R4-VT4COAR";
+    "vno1-gdrx".id = "XOZO6GL-MEH55QR-PTNRVHE-45PD3L2-SHP7XW6-VXKROQ5-F47U3AX-QQACLQP";
     "vno2-irena".id = "VL2MA2E-ZDGVHYN-A3Q3EKU-7J625QM-FG7CNXY-UKDL563-MDRRIEG-XQDS3AW";
     "v-kfire".id = "REEDZAL-KPLWARZ-466J4BR-H5UDI6D-UUA33QG-HPZHIMX-WNFLDGD-PJLTFQZ";
     "a-kfire".id = "VIQF4QW-2OLBBIK-XWOIO4A-264J32R-BE4J4BT-WEJXMYO-MXQDQHD-SJ6MEQ7";
@@ -21,6 +22,7 @@ let
   folders = {
     Books = {
       devices = [
+        "vno1-gdrx"
         "fwminex"
         "mxp10"
       ];
@@ -28,12 +30,16 @@ let
       label = "Books";
     };
     Mail = {
-      devices = [ "fwminex" ];
+      devices = [
+        "vno1-gdrx"
+        "fwminex"
+      ];
       id = "66fmz-x6f1a";
       label = "Mail";
     };
     M-Active = {
       devices = [
+        "vno1-gdrx"
         "mxp10"
         "fwminex"
         "mtworx"
@@ -49,7 +55,10 @@ let
       };
     };
     M-Documents = {
-      devices = [ "fwminex" ];
+      devices = [
+        "vno1-gdrx"
+        "fwminex"
+      ];
       id = "4fu7z-z6es2";
       label = "M-Documents";
     };
@@ -57,6 +66,7 @@ let
       devices = [
         "vno1-vinc"
         "sqq1-desk"
+        "vno1-gdrx"
         "fwminex"
         "mtworx"
         "v-kfire"
@@ -70,6 +80,7 @@ let
     M-Camera = {
       devices = [
         "mxp10"
+        "vno1-gdrx"
         "fwminex"
         "mtworx"
       ];
@@ -82,12 +93,16 @@ let
       label = "R-Documents";
     };
     Pictures = {
-      devices = [ "fwminex" ];
+      devices = [
+        "vno1-gdrx"
+        "fwminex"
+      ];
       id = "d3hur-cbzyw";
       label = "Pictures";
     };
     Music = {
       devices = [
+        "vno1-gdrx"
         "fwminex"
         "mtworx"
         "mxp10"
@@ -97,6 +112,7 @@ let
     };
     video-shared = {
       devices = [
+        "vno1-gdrx"
         "mxp10"
         "mtworx"
         "fwminex"
@@ -105,12 +121,16 @@ let
       label = "video-shared";
     };
     stud-cache = {
-      devices = [ "fwminex" ];
+      devices = [
+        "vno1-gdrx"
+        "fwminex"
+      ];
       id = "2kq7n-jqzxj";
       label = "stud-cache";
     };
     M-R = {
       devices = [
+        "vno1-gdrx"
         "fwminex"
         "rzj-744P2PE"
         "mxp10"
@@ -127,6 +147,11 @@ let
       id = "wuwai-qkcqj";
       label = "Irenos";
     };
+    www-vno1-gdrx = {
+      devices = [ "vno1-gdrx" ];
+      id = "7z7ao-3hbxi";
+      label = "www-vno1-gdrx";
+    };
     www-fwminex = {
       devices = [ "fwminex" ];
       id = "7z9sw-2nubh";
@@ -179,8 +204,23 @@ in
       settings = {
         devices =
           { }
+          // (lib.optionalAttrs (config.networking.hostName == "vno1-gdrx") {
+            inherit (devices)
+              vno1-gdrx
+              fwminex
+              mtworx
+              mxp10
+              rzj-744P2PE
+              sqq1-desk
+              vno1-vinc
+              vno2-irena
+              v-kfire
+              a-kfire
+              ;
+          })
           // (lib.optionalAttrs (config.networking.hostName == "fwminex") {
             inherit (devices)
+              vno1-gdrx
               fwminex
               mtworx
               mxp10
@@ -194,6 +234,7 @@ in
           })
           // (lib.optionalAttrs (config.networking.hostName == "mtworx") {
             inherit (devices)
+              vno1-gdrx
               mtworx
               fwminex
               vno1-vinc
@@ -235,6 +276,20 @@ in
             "${cfg.dataDir}/Video" = video-shared;
             "${cfg.dataDir}/music" = Music;
             "${cfg.dataDir}/www" = www-mtworx;
+          })
+          // (lib.optionalAttrs (config.networking.hostName == "vno1-gdrx") {
+            "${cfg.dataDir}/Books" = Books;
+            "${cfg.dataDir}/Mail" = Mail;
+            "${cfg.dataDir}/M-Active" = M-Active;
+            "${cfg.dataDir}/M-Camera" = M-Camera;
+            "${cfg.dataDir}/M-Documents" = M-Documents;
+            "${cfg.dataDir}/Pictures" = Pictures;
+            "${cfg.dataDir}/M-R" = M-R;
+            "${cfg.dataDir}/stud-cache" = stud-cache;
+            "${cfg.dataDir}/video/shared" = video-shared;
+            "${cfg.dataDir}/video/Vaikai" = Vaikai;
+            "${cfg.dataDir}/music" = Music;
+            "${cfg.dataDir}/www" = www-vno1-gdrx;
           });
       };
     };
diff --git a/secrets.nix b/secrets.nix
@@ -38,6 +38,10 @@ in
   "secrets/mtworx/syncthing/key.pem.age"
   "secrets/mtworx/syncthing/cert.pem.age"
 ]
+// mk ([ vno1-gdrx ] ++ motiejus) [
+  "secrets/vno1-gdrx/syncthing/key.pem.age"
+  "secrets/vno1-gdrx/syncthing/cert.pem.age"
+]
 // mk ([ fwminex ] ++ motiejus) [
   "secrets/motiejus_server_passwd_hash.age"
   "secrets/root_server_passwd_hash.age"
diff --git a/secrets/vno1-gdrx/syncthing/cert.pem.age b/secrets/vno1-gdrx/syncthing/cert.pem.age
@@ -0,0 +1,16 @@
+age-encryption.org/v1
+-> ssh-ed25519 lDWJbA qd8pCtAkTVE/GeUes2de1g1aUsYhwu1irvUl+vBW4V8
+Hp09L0sWIMnGU7+vTQ3nK+eWPICmwnFcv4PAae/UGu4
+-> X25519 XTt+hV/Amhe84t0Klb8tPHmlMNriOt/GyLEed8cS/Uo
+nkJ9nUAFOBCMnDT//EOw/Fw3Reyp07QXW9cTt9bSWZE
+-> X25519 8k2/ghGi/a5rCh9RI9YvEpOnyMm8UC4WJJuYVQV0jUs
+OvPJPwLzhAiPDDnCDDkOEjuVMEgW94/BZHZA7YoFrB4
+-> piv-p256 +y2G/w AtumpdI8OtBy0KZlmQPXIa2uUoLo0z6nZOHmm+qDQi9P
+/3fzNyESI1D+0QwLlu+kPqPOqTPIiD9gRe3lAjksjRo
+-> piv-p256 jNqd3A Aqx0y3TaULqvMGecH971t3rrgoUP3/v1m054UMHv1Hco
+tJjFn60OQawyIyDqNGpSKFjpgdBhB3S6Ry/rEGXWGjo
+--- vvu+ME266bC882uH9jopi+YekAHa+SzC/WmTvifEfMc
+���ѣ5�h_��K�~��`��_��X��p�@n����pH��:�O|�-1��ɑ�O�s/�)��'ҳ��;GhD&H�y�/4Ct�,�_P����)��V�Fާ�M��s>�d����%�T�f����e>��/ؠbT���//�ˀx�������HȄLz�0�Բ1��H/c�S���J�06��4Q{P��L�GN3�@�2"�麁���aU�iՆ��w�aD	.F��B�6ݎ#�;��f*)
+y��]�p����7�}����E�1:	��<d�pX�}X�|��_~T�����U_���7��`/ZJ�^��cߞ\��!3:q�h���Y;I��bC�T��(i�28�MH�_������X��%������ٱ�>4ze�Ȍ8!p�:�ڃ��S���"����3^���ڗu��yq�w�x��I�_��h׳U������Z�2R���#�I�3�����MS��֯i
+{dG�1o�98���q�����In �⁖��}7����܇����Xc�j�a�����X�=��澓y�6jӃ����+k���������?�1 ~������[�I�z{۵N�Ѓ�d�#�����l��=��i��6��B��`�|�3V��[�8]�:eL�c*�'�-�!��C����TBs^�g�{�1g��6�o1��~e�{�>O���4�ڬƞ<c�i�p��x�[���a9q�C�X��Ѥ����٭s���D4��
+p��̇A�9Rb4b�����x�O�M���+�;�S�)��w{&G��Dr��G��[���gN��
+\ No newline at end of file
diff --git a/secrets/vno1-gdrx/syncthing/key.pem.age b/secrets/vno1-gdrx/syncthing/key.pem.age
Binary files differ.

M	flake.nix	\|	4	++--
M	hosts/vno1-gdrx/configuration.nix	\|	8	++++++++
M	modules/services/syncthing/default.nix	\|	63	+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----
M	secrets.nix	\|	4	++++
A	secrets/vno1-gdrx/syncthing/cert.pem.age	\|	17	+++++++++++++++++
A	secrets/vno1-gdrx/syncthing/key.pem.age	\|	0

	config NixOS config
	Log \| Files \| Refs \| README \| LICENSE