From 8e42d4f55d86d7ced32984c1a84fbe6cfb2fb773 Mon Sep 17 00:00:00 2001
From: Nathan Anderson <n8r@tuta.io>
Date: Mon, 18 Mar 2024 12:45:31 -0600
Subject: [PATCH] Added syncthing
---
luci/default.nix | 2 ++
luci/nixos/hardware-configuration.nix | 11 -------
shared/server-configuration.nix | 46 +++++++++++++++++++++++++--
3 files changed, 45 insertions(+), 14 deletions(-)
diff --git a/luci/default.nix b/luci/default.nix
index a474c6a..2a994f7 100644
--- a/luci/default.nix
+++ b/luci/default.nix
@@ -20,6 +20,8 @@
nfsEnable = true;
nfsRoot = "/nfs_export";
nfsExports = [ "/kage" ];
+ nfsIpExport = "192.168.1.1/24";
+ syncthingEnable = true;
};
# deskCfg = {
diff --git a/luci/nixos/hardware-configuration.nix b/luci/nixos/hardware-configuration.nix
index 98b9505..4397c0f 100644
--- a/luci/nixos/hardware-configuration.nix
+++ b/luci/nixos/hardware-configuration.nix
@@ -28,22 +28,11 @@
fsType = "vfat";
};
- # fileSystems."/zdata" =
- # { device = "zdata";
- # fsType = "zfs";
- # };
-
fileSystems."/nfs_export/kage" =
{ device = "zdata/kage";
fsType = "zfs";
};
- # Bind mount for nfs export
- # fileSystems."/nfs_export/kage" = {
- # device = "zdata/kage";
- # options = [ "bind" ];
- # };
-
# change ownership of kage to be open
systemd.tmpfiles.rules = [
"d /nfs_export/kage 0777 nobody nogroup - -"
diff --git a/shared/server-configuration.nix b/shared/server-configuration.nix
index c0ee9ce..8450b97 100644
--- a/shared/server-configuration.nix
+++ b/shared/server-configuration.nix
@@ -35,6 +35,14 @@ in
default = [];
description = "List of file paths provided as strings to the nfs exports";
};
+ nfsIpExport = lib.mkOption {
+ type = lib.types.str;
+ description = "Where to export the shares to i.e. 192.168.0.0/24 (export to local network)";
+ };
+ syncthingEnable = lib.mkOption {
+ default = false;
+ description = "Whether to enable syncThing host on this machine";
+ };
};
imports = [
@@ -78,16 +86,48 @@ in
enable = true;
};
+ # nfs options breakdown: link for export options https://linux.die.net/man/5/exports
+ # rw - default read write
+ # sync - wait until requests are saved to disk to respond to clients, safer but slower
+ # no_subtree_check -
services.nfs.server = lib.mkIf srvConfig.nfsEnable {
enable = true;
exports = ''
- ${srvConfig.nfsRoot} 192.168.1.1/24(rw,fsid=root,no_subtree_check)
- ${lib.concatMapStringsSep "\n" (n: "${srvConfig.nfsRoot}${n} 192.168.1.1/24(rw,no_subtree_check,nohide)") srvConfig.nfsExports}
+ ${srvConfig.nfsRoot} ${srvConfig.nfsIpExport}(rw,fsid=root,no_subtree_check)
+ ${lib.concatMapStringsSep "\n" (n: "${srvConfig.nfsRoot}${n} ${srvConfig.nfsIpExport}(rw,sync,no_subtree_check,no_root_squash)") srvConfig.nfsExports}
'';
};
-
+ # nfs port TODO make dependant on option enabled
networking.firewall.allowedTCPPorts = [ 2049 ];
+
+ services.syncthing = lib.mkIf srvConfig.syncthingEnable {
+ enable = true;
+ user = "myusername";
+ dataDir = "${srvConfig.nfsRoot}/kage/syncthing";
+ configDir = "${srvConfig.nfsRoot}/kage/.config/syncthing";
+ overrideDevices = true; # overrides any devices added or deleted through the WebUI
+ overrideFolders = true; # overrides any folders added or deleted through the WebUI
+ openDefaultPorts = true;
+ settings = {
+ devices = {
+ "supernote" = { id = "DEVICE-ID-GOES-HERE"; };
+ "pixel" = { id = "DEVICE-ID-GOES-HERE2"; };
+ "winmax" = { id = "id3"; };
+ "nix-box" = { id = "id4"; };
+ };
+ folders = {
+ "supernote" = { # Name of folder in Syncthing, also the folder ID
+ path = "${srvConfig.nfsRoot}/kage/syncthing/supernote"; # Which folder to add to Syncthing
+ devices = [ "supernote" "pixel" ]; # Which devices to share the folder with
+ };
+ "web" = { # Name of folder in Syncthing, also the folder ID
+ path = "${srvConfig.nfsRoot}/kage/syncthing/web"; # Which folder to add to Syncthing
+ devices = [ "supernote" "pixel" "winmax" "nix-box" ]; # Which devices to share the folder with
+ };
+ };
+ };
+ };
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];