From 34e8027554290eedfcf0f77e0cce97bf1d4be58c Mon Sep 17 00:00:00 2001
From: Yan Lin <github@yanlincs.com>
Date: Sun, 7 Sep 2025 03:28:32 +0200
Subject: [PATCH] Add syncthing

---
 .claude/settings.json        | 11 -------
 CLAUDE.md                    |  6 ----
 hosts/nixos/home-default.nix |  1 +
 modules/syncthing.nix        | 58 ++++++++++++++++++++++++++++++++++--
 modules/traefik.nix          | 19 +++++++++++-
 5 files changed, 74 insertions(+), 21 deletions(-)
 delete mode 100644 .claude/settings.json

diff --git a/.claude/settings.json b/.claude/settings.json
deleted file mode 100644
index 3601e21..0000000
--- a/.claude/settings.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(git:*)",
-      "Bash(exec:*)",
-      "Bash(hms:*)",
-      "Bash(home-manager:*)"
-    ],
-    "deny": []
-  }
-}
diff --git a/CLAUDE.md b/CLAUDE.md
index f540c37..c7ae0aa 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -1,10 +1,4 @@
 ## Nix Configuration System
 
 - This is my nix configuration system. Whenever you need to introduce update to my config, remember to check the current config.
-- After you introduce updates to the nix config, use `hms` to at least check the home-manager switch can pass.
 - After you introduce updates, remember to reflect those updates in the readme, should they bring any changes.
-
-## Testing Considerations
-
-- When you perform testing, remember you are in a non-interactive shell so things work for me might not work for your testing, unless you take your special testing environment into consideration
-- When performing hms test run, remember newly created files need to be `git add` to be recognized by nix
\ No newline at end of file
diff --git a/hosts/nixos/home-default.nix b/hosts/nixos/home-default.nix
index 96c70e9..7ca43ec 100644
--- a/hosts/nixos/home-default.nix
+++ b/hosts/nixos/home-default.nix
@@ -12,6 +12,7 @@
     ../../modules/termscp.nix
     ../../modules/rsync.nix
     ../../modules/btop.nix
+    ../../modules/syncthing.nix
     ../../config/fonts.nix
   ];
 
diff --git a/modules/syncthing.nix b/modules/syncthing.nix
index 7161a09..1ed5412 100644
--- a/modules/syncthing.nix
+++ b/modules/syncthing.nix
@@ -1,15 +1,67 @@
 { config, pkgs, lib, ... }:
 
 {
-  # Enable Syncthing service with auto-start on macOS
+  # Enable Syncthing service
   services.syncthing = {
     enable = true;
-    # Don't enable tray on macOS as it requires additional setup
+    # Don't enable tray on server (Linux) or macOS
     tray.enable = false;
+    
+    # Listen on all interfaces for the GUI
+    guiAddress = "0.0.0.0:8384";
+    
+    # Declarative configuration - will override any GUI changes
+    overrideDevices = true;
+    overrideFolders = true;
+    
+    settings = {
+      # Define all devices
+      devices = {
+        "ipad" = {
+          id = "HPZUOHZ-VMKK246-RBIEHD6-SFTA5DD-2U5LFMX-LXQBGTI-N4C6Z5F-ZVIR6A4";
+        };
+        "mba" = {
+          id = "MRLK24K-BIZSXHQ-TORQTV3-RN6ZBTL-Q5CVXWJ-U3ZJM2J-XGEAQBQ-JFPFUQE";
+        };
+        "iphone" = {
+          id = "NMWI5MP-J4FC4A6-SDDXZPD-G66TJCO-2W7KGFD-RJWQ53U-I7GUVWP-WHF4QQO";
+        };
+        "imac" = {
+          id = "5FVPJMW-ZK2NSM7-H747PTY-XWOJPHC-MBJZWJW-WKAB5BE-KSMQAXQ-QQP6JAG";
+        };
+      };
+      
+      # Define shared folders
+      folders = {
+        "Credentials" = {
+          path = "~/Credentials";
+          devices = [ "ipad" "mba" "iphone" "imac" ];
+          ignorePerms = true;
+        };
+        "Documents" = {
+          path = "~/Documents";
+          devices = [ "mba" "imac" ];
+          ignorePerms = true;
+        };
+        "Obsidian" = {
+          path = "~/Obsidian";
+          devices = [ "ipad" "mba" "iphone" "imac" ];
+          ignorePerms = true;
+        };
+      };
+      
+      # Additional settings
+      options = {
+        urAccepted = -1;  # Disable usage reporting
+        relaysEnabled = true;
+        localAnnounceEnabled = true;
+        globalAnnounceEnabled = true;
+      };
+    };
   };
   
   # Override the launchd agent to add RunAtLoad on macOS
   launchd.agents.syncthing = lib.mkIf (pkgs.stdenv.isDarwin && config.services.syncthing.enable) {
     config.RunAtLoad = true;
   };
-}
\ No newline at end of file
+}
diff --git a/modules/traefik.nix b/modules/traefik.nix
index 2112e63..cc16811 100644
--- a/modules/traefik.nix
+++ b/modules/traefik.nix
@@ -81,6 +81,16 @@
               }];
             };
           };
+          syncthing = {
+            rule = "Host(`syncthing.hs.yanlincs.com`)";
+            service = "syncthing";
+            tls = {
+              certResolver = "cloudflare";
+              domains = [{
+                main = "*.hs.yanlincs.com";
+              }];
+            };
+          };
         };
         services = {
           homeassistant = {
@@ -97,6 +107,13 @@
               }];
             };
           };
+          syncthing = {
+            loadBalancer = {
+              servers = [{
+                url = "http://localhost:8384";
+              }];
+            };
+          };
         };
       };
     };
@@ -123,4 +140,4 @@
       chmod 600 /run/secrets/traefik-env
     '';
   };
-}
\ No newline at end of file
+}