From b6f76847a351f08e4e8c92cbeb3a00050300ee16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kha=C3=AFs=20COLIN?= Date: Thu, 3 Oct 2024 14:54:38 +0200 Subject: [PATCH] feat(syncthing): setup syncthing --- configuration.nix | 1 + firewall.nix | 4 ++-- nginx.nix | 7 +++++++ syncthing.nix | 10 ++++++++++ 4 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 syncthing.nix diff --git a/configuration.nix b/configuration.nix index 2576194..20073cc 100644 --- a/configuration.nix +++ b/configuration.nix @@ -27,6 +27,7 @@ in (import ./sourcehut.nix { inherit base-domain; }) (import ./paperless.nix { inherit base-domain lib; }) (import ./mailserver.nix { inherit base-domain; }) + (import ./syncthing.nix { inherit base-domain; }) ./userprogs.nix ]; diff --git a/firewall.nix b/firewall.nix index 2f3ffbe..9ad7ab3 100644 --- a/firewall.nix +++ b/firewall.nix @@ -1,8 +1,8 @@ { networking.firewall = { enable = true; - allowedTCPPorts = [ 22 80 443 21 25 465 587 143 993 995 110 ]; - allowedUDPPorts = [ 22 80 443 25 465 587 143 993 995 110 ]; + allowedTCPPorts = [ 22 80 443 21 25 465 587 143 993 995 110 22000 ]; + allowedUDPPorts = [ 22 80 443 25 465 587 143 993 995 110 22000 ]; allowedTCPPortRanges = [ # vsftpd passive { diff --git a/nginx.nix b/nginx.nix index 31d5767..a30b407 100644 --- a/nginx.nix +++ b/nginx.nix @@ -26,6 +26,13 @@ proxyPass = "http://localhost:28981"; }; }; + "syncthing.${base-domain}" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://syncthing.${base-domain}:8384"; + }; + }; }; }; } diff --git a/syncthing.nix b/syncthing.nix new file mode 100644 index 0000000..5d099ad --- /dev/null +++ b/syncthing.nix @@ -0,0 +1,10 @@ +{ base-domain, ... }: +let + fqdn = "syncthing.${base-domain}:8384"; +in +{ + services.syncthing = { + enable = true; + guiAddress = fqdn; + }; +}