sync permissions through syncthing
This commit is contained in:
Yan Lin
parent
26e63198d1
commit
9dc88b9a2d
1 changed files with 84 additions and 98 deletions
|
|
@ -3,25 +3,23 @@
|
|||
let
|
||||
cfg = config.syncthing-custom;
|
||||
|
||||
# Device groupings
|
||||
pcDevices = [ "macbook" "imac" "thinkpad" "nfss" ];
|
||||
touchDevices = [ "iphone" "ipad" ];
|
||||
allDevices = pcDevices ++ touchDevices;
|
||||
|
||||
# Common versioning configuration
|
||||
commonVersioning = {
|
||||
type = "staggered";
|
||||
params = {
|
||||
maxAge = "15552000"; # 180 days in seconds
|
||||
cleanInterval = "3600"; # Clean every hour
|
||||
maxAge = "15552000"; # 180 days
|
||||
cleanInterval = "3600"; # 1 hour
|
||||
};
|
||||
};
|
||||
|
||||
liteVersioning = {
|
||||
type = "staggered";
|
||||
params = {
|
||||
maxAge = "2592000"; # 30 days in seconds
|
||||
cleanInterval = "3600"; # Clean every hour
|
||||
maxAge = "2592000"; # 30 days
|
||||
cleanInterval = "3600";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -41,21 +39,15 @@ in
|
|||
};
|
||||
|
||||
config = {
|
||||
# Enable Syncthing service
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
# Don't enable tray on server (Linux) or macOS
|
||||
tray.enable = false;
|
||||
|
||||
# Listen on all interfaces for the GUI
|
||||
guiAddress = lib.mkIf cfg.enableGui "127.0.0.1:8384";
|
||||
|
||||
# Declarative configuration - will override any GUI changes
|
||||
overrideDevices = true;
|
||||
overrideFolders = true;
|
||||
|
||||
guiAddress = lib.mkIf cfg.enableGui "127.0.0.1:8384";
|
||||
|
||||
settings = {
|
||||
# Define all devices
|
||||
devices = {
|
||||
"iphone" = {
|
||||
id = "NMWI5MP-J4FC4A6-SDDXZPD-G66TJCO-2W7KGFD-RJWQ53U-I7GUVWP-WHF4QQO";
|
||||
|
|
@ -77,13 +69,11 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
# Define shared folders (only enabled ones)
|
||||
folders =
|
||||
(lib.optionalAttrs (lib.elem "Credentials" cfg.enabledFolders) {
|
||||
"Credentials" = {
|
||||
path = "~/Credentials";
|
||||
devices = allDevices;
|
||||
ignorePerms = true;
|
||||
versioning = commonVersioning;
|
||||
};
|
||||
})
|
||||
|
|
@ -91,7 +81,6 @@ in
|
|||
"Documents" = {
|
||||
path = "~/Documents";
|
||||
devices = pcDevices;
|
||||
ignorePerms = true;
|
||||
versioning = commonVersioning;
|
||||
};
|
||||
})
|
||||
|
|
@ -99,7 +88,6 @@ in
|
|||
"Media" = {
|
||||
path = "~/Media";
|
||||
devices = lib.filter (d: d != "iphone") allDevices;
|
||||
ignorePerms = true;
|
||||
versioning = liteVersioning;
|
||||
};
|
||||
})
|
||||
|
|
@ -107,12 +95,10 @@ in
|
|||
"Archive" = {
|
||||
path = "~/Archive";
|
||||
devices = allDevices;
|
||||
ignorePerms = true;
|
||||
versioning = commonVersioning;
|
||||
};
|
||||
});
|
||||
|
||||
# GUI settings with authentication
|
||||
gui = {
|
||||
enabled = cfg.enableGui;
|
||||
user = "yanlin";
|
||||
|
|
@ -121,9 +107,8 @@ in
|
|||
insecureSkipHostcheck = true;
|
||||
};
|
||||
|
||||
# Additional settings
|
||||
options = {
|
||||
urAccepted = -1; # Disable usage reporting
|
||||
urAccepted = -1;
|
||||
relaysEnabled = true;
|
||||
localAnnounceEnabled = true;
|
||||
globalAnnounceEnabled = true;
|
||||
|
|
@ -131,13 +116,14 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
# Override the launchd agent to add RunAtLoad on macOS
|
||||
launchd.agents.syncthing = lib.mkIf (pkgs.stdenv.isDarwin && config.services.syncthing.enable) {
|
||||
config.RunAtLoad = true;
|
||||
};
|
||||
|
||||
# For NixOS systems, we need to add Syncthing as a manual service in Traefik
|
||||
# Since Syncthing runs as a systemd service (not container), we'll handle routing via static config
|
||||
# or create a container wrapper for it to use with service discovery
|
||||
home.activation.reloadSyncthing = lib.mkIf (pkgs.stdenv.isDarwin && config.services.syncthing.enable) (
|
||||
lib.hm.dag.entryAfter ["writeBoundary"] ''
|
||||
$DRY_RUN_CMD /bin/launchctl kickstart -k gui/$(id -u)/org.nix-community.home.syncthing || true
|
||||
''
|
||||
);
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue