add syncthing and keepass

2024-05-16 15:09:24 +02:00 · 2024-05-16 15:09:24 +02:00 · 4a800d9290
commit 4a800d9290
parent bb9494227f
14 changed files with 183 additions and 80 deletions
--- a/modules/nixOS/services/syncthing/default.nix
+++ b/modules/nixOS/services/syncthing/default.nix
@ -0,0 +1,56 @@
+{
+  pkgs,
+  config,
+  lib,
+  inputs,
+  ...
+  }: let
+    webGuiPort = [ 8384 ];
+    cfg = config;
+    secretsFile = "../../../secrets/secrets.json";
+    secretsSet = builtins.fromJSON (builtins.readFile ./${secretsFile});
+    devices = builtins.attrNames secretsSet.syncthing.devices;
+  in {
+  options = {
+    rootDir = lib.mkOption {
+      type = lib.types.path;
+      default = "/home/${cfg.myNixOS.sharedSettings.mainUser}/sync";
+    };
+
+    remoteGui = lib.mkEnableOption "Enable port for remote WebGUI";
+  };
+
+  services.syncthing = {
+    enable = true;
+    user = cfg.myNixOS.sharedSettings.mainUser;
+    dataDir = config.rootDir;
+    configDir = "/home/${cfg.myNixOS.sharedSettings.mainUser}/.config/syncthing";
+    overrideDevices = true;
+    overrideFolders = true;
+    settings = {
+      devices = {
+			  "saintAlphonso"  = { id ="LHASNUO-CXALARH-XI3TU4U-OCULV72-HS3HQ35-P4FECIT-UZ5VMSZ-PMCEPQH"; };
+			  "littleUmbrella" = { id ="BH3OHYP-TGGOSZO-EM6MXRY-YHSBOUO-CQHE7DL-N2LOUFY-TF3LEJ7-FHTGTQI"; };
+			  "pixelRoot"      = { id ="PO7U5SE-DYKTOM2-TFDS3BM-A25VK7V-MQ3VPFM-EFX3J4D-B3UDCX4-3XQAIAC"; };
+			  "pixelDefault"   = { id ="HC3CKC7-OUZBLU3-JIKTRYG-DPJE6EC-7POCWNS-6VNOPDU-L7OWYWO-PL332AY"; };
+			  "pixelGooglor"   = { id ="OWDM4I2-O6STMIS-H3EXF65-FSM26K3-5FLQXRN-VOK7JGC-T6H76IR-QAVO3QK"; };
+      };
+
+      folders = {
+        "/home/${cfg.myNixOS.sharedSettings.mainUser}/KeepassXC" = {
+          label = "KeepassXC";
+          id = "xd4de-mjfcq";
+          devices = ["littleUmbrella" "pixelRoot" "pixelDefault" "pixelGooglor" "saintAlphonso"];
+          versioning = { type = "simple"; params.keep = "5"; };
+        };
+      };
+    };
+  };
+
+  # Syncthing ports: 8384 for remote access to GUI
+  # 22000 TCP and/or UDP for sync traffic
+  # 21027/UDP for discovery
+  # source: https://docs.syncthing.net/users/firewall.html
+  networking.firewall.allowedTCPPorts = [ 8384 22000 ];
+  networking.firewall.allowedUDPPorts = [ 22000 21027 ];
+}