60 lines
1.7 KiB
Nix
Executable file
60 lines
1.7 KiB
Nix
Executable file
{ config, ... }:
|
|
|
|
{
|
|
age.secrets = {
|
|
syncthingKey.file = ../../secrets/syncthing/key;
|
|
syncthingCert.file = ../../secrets/syncthing/cert;
|
|
};
|
|
|
|
services.syncthing = {
|
|
enable = true;
|
|
key = config.age.secrets.syncthingKey.path;
|
|
cert = config.age.secrets.syncthingCert.path;
|
|
guiAddress = "0.0.0.0:8384";
|
|
folders = {
|
|
"passwords" = {
|
|
path = "${config.services.syncthing.dataDir}/passwords";
|
|
};
|
|
"school-things" = {
|
|
label = "School things";
|
|
id = "z6alc-nfoqr";
|
|
devices = [ "steamdeck" "server" ];
|
|
path = "${config.services.syncthing.dataDir}/school-things";
|
|
};
|
|
"steam-201810" = {
|
|
label = "Wolfenstein The New Order Saves";
|
|
id = "laxxf-t2wmy";
|
|
devices = [ "steamdeck" "server" "pc" ];
|
|
path = "${config.services.syncthing.dataDir}/steam-201810";
|
|
};
|
|
};
|
|
};
|
|
systemd.services.syncthing.serviceConfig = {
|
|
# Allow syncthing to change ownership of files
|
|
AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
|
|
};
|
|
|
|
# Set up traefik as the reverse proxy for syncthing
|
|
services.traefik = {
|
|
dynamicConfigOptions = {
|
|
http = {
|
|
routers = {
|
|
syncthing-subpath = {
|
|
middlewares = [ "syncthing-add-trailing-slash" "syncthing-strip-prefix" ];
|
|
rule = "PathPrefix(`/syncthing`)";
|
|
service = "syncthing";
|
|
};
|
|
};
|
|
services.syncthing.loadBalancer.servers = [
|
|
{ url = "http://localhost:8384"; }
|
|
];
|
|
middlewares.syncthing-strip-prefix.stripprefix.prefixes = "/syncthing";
|
|
middlewares.syncthing-add-trailing-slash.redirectRegex = {
|
|
# Going to everest/syncthing without a slash at the end breaks things
|
|
regex = "http:\/\/everest\/syncthing+$";
|
|
replacement = "http://everest/syncthing/";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|