Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity

Syncthing: give additional capabilities

Browse source
This commit is contained in:
Toast 2023-09-06 19:32:32 +02:00
parent 7e6a0c9ad2
commit 5af49c32e2
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
roles/server/syncthing.nix
View file

@ -5,6 +5,7 @@
syncthingKey.file = ../../secrets/syncthing/key; syncthingKey.file = ../../secrets/syncthing/key;
syncthingCert.file = ../../secrets/syncthing/cert; syncthingCert.file = ../../secrets/syncthing/cert;
}; };
services.syncthing = { services.syncthing = {
enable = true; enable = true;
key = config.age.secrets.syncthingKey.path; key = config.age.secrets.syncthingKey.path;
@ -16,6 +17,10 @@
}; };
}; };
}; };
systemd.services.syncthing.serviceConfig = {
# Allow syncthing to change ownership of files
AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
};
# Set up traefik as the reverse proxy for syncthing # Set up traefik as the reverse proxy for syncthing
services.traefik = { services.traefik = {