From 3b43500a127c3a57250f2afc270a5996e721aa6c Mon Sep 17 00:00:00 2001
From: Felix Tenley <dev@felschr.com>
Date: Tue, 6 Oct 2020 17:41:56 +0200
Subject: [PATCH] feat: add syncthing

---
 home-pc.nix                        |  1 +
 home/felschr.nix                   |  1 +
 home/syncthing.nix                 |  5 ++++
 rpi4.nix                           | 17 ++++-------
 services/syncthing/felix-nixos.nix | 44 ++++++++++++++++++++++++++++
 services/syncthing/rpi4.nix        | 47 ++++++++++++++++++++++++++++++
 6 files changed, 104 insertions(+), 11 deletions(-)
 create mode 100644 home/syncthing.nix
 create mode 100644 services/syncthing/felix-nixos.nix
 create mode 100644 services/syncthing/rpi4.nix

diff --git a/home-pc.nix b/home-pc.nix
index 5f8e1ff..ca5f9ed 100644
--- a/home-pc.nix
+++ b/home-pc.nix
@@ -8,6 +8,7 @@
     ./system
     ./desktop
     ./virtualisation/docker.nix
+    ./services/syncthing/felix-nixos.nix
     ./services/jellyfin.nix
   ];
 
diff --git a/home/felschr.nix b/home/felschr.nix
index 9479570..00475c9 100644
--- a/home/felschr.nix
+++ b/home/felschr.nix
@@ -8,6 +8,7 @@
     ./desktop/monitors.nix
     ./vpn.nix
     ./git.nix
+    ./syncthing.nix
     ./keybase.nix
     ./signal.nix
     ./browsers
diff --git a/home/syncthing.nix b/home/syncthing.nix
new file mode 100644
index 0000000..9050e7f
--- /dev/null
+++ b/home/syncthing.nix
@@ -0,0 +1,5 @@
+{ config, pkgs, ... }:
+
+{
+  services.syncthing.tray = true;
+}
diff --git a/rpi4.nix b/rpi4.nix
index 94e8f6b..b0a777d 100644
--- a/rpi4.nix
+++ b/rpi4.nix
@@ -1,14 +1,14 @@
 { config, pkgs, ... }:
 
-with builtins;
-{
+with builtins; {
   imports = [
     # ./hardware/base.nix
     # ./system
     ./system/nix.nix
     ./system/i18n.nix
-    ./services/jellyfin.nix
     ./modules/cfdyndns.nix
+    ./services/syncthing/felix-nixos.nix
+    ./services/jellyfin.nix
     ./services/home-assistant.nix
   ];
 
@@ -19,17 +19,12 @@ with builtins;
   boot.loader.raspberryPi.enable = true;
   boot.loader.raspberryPi.version = 4;
   boot.kernelPackages = pkgs.linuxPackages_rpi4;
-  boot.kernelParams = [
-    "console=ttyAMA0,115200"
-    "console=tty1"
-  ];
+  boot.kernelParams = [ "console=ttyAMA0,115200" "console=tty1" ];
   hardware.enableRedistributableFirmware = true;
 
   networking.domain = "home.felschr.com";
 
-  networking.firewall.allowedTCPPorts = [
-    80 443
-  ];
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
 
   security.acme = {
     acceptTerms = true;
@@ -74,7 +69,7 @@ with builtins;
 
   boot.initrd.network.ssh = {
     enable = true;
-    authorizedKeys = [(readFile "./key")];
+    authorizedKeys = [ (readFile "./key") ];
   };
 
   users.users.felschr = {
diff --git a/services/syncthing/felix-nixos.nix b/services/syncthing/felix-nixos.nix
new file mode 100644
index 0000000..2651bf7
--- /dev/null
+++ b/services/syncthing/felix-nixos.nix
@@ -0,0 +1,44 @@
+{ config, pkgs, ... }:
+
+{
+  services.syncthing = {
+    enable = true;
+    openDefaultPorts = true;
+    user = "felschr";
+    configDir = "/home/felschr/.config/syncthing";
+    dataDir = "/home/felschr/.local/share/syncthing";
+    declarative = {
+      cert = "/etc/nixos/secrets/syncthing/cert.pem";
+      key = "/etc/nixos/secrets/syncthing/key.pem";
+      devices = {
+        rpi4 = {
+          id =
+            "RBKVWQQ-TGYBMQK-P4AADKE-7LGPHL7-UY4FEZA-6N7HQ4R-UCPSZPV-LWFK4AP";
+        };
+        pixel3 = {
+          id =
+            "EUW6XKB-XWM4L2L-7Q46YGM-KD4JX3U-OFE5AAC-B3JT6QY-5YSPXXI-W7OKCQO";
+        };
+      };
+      folders = {
+        "Default" = {
+          id = "default";
+          path = "/home/felschr/sync/default";
+          devices = [ "rpi4" "pixel3" ];
+        };
+        "Backups" = {
+          id = "backups";
+          path = "/home/felschr/sync/backups";
+          type = "sendonly";
+          devices = [ "rpi4" ];
+        };
+        "Media" = {
+          id = "media";
+          path = "/home/felschr/sync/media";
+          type = "sendonly";
+          devices = [ "rpi4" ];
+        };
+      };
+    };
+  };
+}
diff --git a/services/syncthing/rpi4.nix b/services/syncthing/rpi4.nix
new file mode 100644
index 0000000..63025d4
--- /dev/null
+++ b/services/syncthing/rpi4.nix
@@ -0,0 +1,47 @@
+{ config, pkgs, ... }:
+
+{
+  services.syncthing = {
+    enable = true;
+    openDefaultPorts = true;
+    user = "felschr";
+    configDir = "/home/felschr/.config/syncthing";
+    dataDir = "/home/felschr/.local/share/syncthing";
+    declarative = {
+      cert = "/etc/nixos/secrets/syncthing/cert.pem";
+      key = "/etc/nixos/secrets/syncthing/key.pem";
+      devices = {
+        felix-nixos = {
+          id =
+            "MKVEPJK-HWGFVLN-SRHE4NR-ZADXKMF-AMYIKZ7-MGUJH3L-XH2FBOW-AMQRIAW";
+        };
+        pixel3 = {
+          id =
+            "EUW6XKB-XWM4L2L-7Q46YGM-KD4JX3U-OFE5AAC-B3JT6QY-5YSPXXI-W7OKCQO";
+        };
+      };
+      # TODO switch to external storage
+      folders = {
+        "Default" = {
+          id = "default";
+          path = "/home/felschr/sync/default";
+          devices = [ "felix-nixos" "pixel3" ];
+        };
+        "Backups" = {
+          id = "backups";
+          path = "/home/felschr/sync/backups";
+          type = "receiveonly";
+          ignoreDelete = true;
+          devices = [ "felix-nixos" ];
+        };
+        "Media" = {
+          id = "media";
+          path = "/home/felschr/sync/media";
+          type = "receiveonly";
+          ignoreDelete = true;
+          devices = [ "felix-nixos" ];
+        };
+      };
+    };
+  };
+}