2019-03-22 06:57:34 +00:00
|
|
|
{ config, pkgs, ... }: with import <stockholm/lib>;
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
|
|
cfg = config.krebs.syncthing;
|
|
|
|
|
|
|
|
devices = mapAttrsToList (name: peer: {
|
|
|
|
name = name;
|
|
|
|
deviceID = peer.id;
|
|
|
|
addresses = peer.addresses;
|
|
|
|
}) cfg.peers;
|
|
|
|
|
|
|
|
folders = map (folder: {
|
2019-04-07 16:21:18 +00:00
|
|
|
inherit (folder) path id type;
|
2019-03-22 06:57:34 +00:00
|
|
|
devices = map (peer: { deviceId = cfg.peers.${peer}.id; }) folder.peers;
|
|
|
|
rescanIntervalS = folder.rescanInterval;
|
2019-03-23 15:04:01 +00:00
|
|
|
fsWatcherEnabled = folder.watch;
|
|
|
|
fsWatcherDelayS = folder.watchDelay;
|
|
|
|
ignorePerms = folder.ignorePerms;
|
2019-03-22 06:57:34 +00:00
|
|
|
}) cfg.folders;
|
|
|
|
|
|
|
|
getApiKey = pkgs.writeDash "getAPIKey" ''
|
|
|
|
${pkgs.libxml2}/bin/xmllint \
|
|
|
|
--xpath 'string(configuration/gui/apikey)'\
|
|
|
|
${config.services.syncthing.dataDir}/config.xml
|
|
|
|
'';
|
|
|
|
|
|
|
|
updateConfig = pkgs.writeDash "merge-syncthing-config" ''
|
|
|
|
set -efu
|
2019-03-23 15:04:22 +00:00
|
|
|
# wait for service to restart
|
|
|
|
${pkgs.untilport}/bin/untilport localhost 8384
|
2019-03-22 06:57:34 +00:00
|
|
|
API_KEY=$(${getApiKey})
|
|
|
|
CFG=$(${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config)
|
|
|
|
echo "$CFG" | ${pkgs.jq}/bin/jq -s '.[] * {
|
|
|
|
"devices": ${builtins.toJSON devices},
|
|
|
|
"folders": ${builtins.toJSON folders}
|
|
|
|
}' | ${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config -d @-
|
|
|
|
${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/restart -X POST
|
|
|
|
'';
|
|
|
|
|
|
|
|
in
|
|
|
|
|
|
|
|
{
|
|
|
|
options.krebs.syncthing = {
|
|
|
|
|
|
|
|
enable = mkEnableOption "syncthing-init";
|
|
|
|
|
|
|
|
id = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = config.krebs.build.host.name;
|
|
|
|
};
|
|
|
|
|
|
|
|
cert = mkOption {
|
|
|
|
type = types.nullOr types.absolute-pathname;
|
|
|
|
default = null;
|
|
|
|
};
|
|
|
|
|
|
|
|
key = mkOption {
|
|
|
|
type = types.nullOr types.absolute-pathname;
|
|
|
|
default = null;
|
|
|
|
};
|
|
|
|
|
|
|
|
peers = mkOption {
|
|
|
|
default = {};
|
|
|
|
type = types.attrsOf (types.submodule ({
|
|
|
|
options = {
|
|
|
|
|
|
|
|
# TODO make into addr + port submodule
|
|
|
|
addresses = mkOption {
|
|
|
|
type = types.listOf types.str;
|
|
|
|
default = [];
|
|
|
|
};
|
|
|
|
|
|
|
|
#TODO check
|
|
|
|
id = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
};
|
|
|
|
|
|
|
|
};
|
|
|
|
}));
|
|
|
|
};
|
|
|
|
|
|
|
|
folders = mkOption {
|
|
|
|
default = [];
|
2019-04-07 16:21:18 +00:00
|
|
|
type = types.listOf (types.submodule ({ config, ... }: {
|
2019-03-22 06:57:34 +00:00
|
|
|
options = {
|
|
|
|
|
|
|
|
path = mkOption {
|
|
|
|
type = types.absolute-pathname;
|
|
|
|
};
|
|
|
|
|
2019-04-07 16:21:18 +00:00
|
|
|
id = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = config.path;
|
|
|
|
};
|
|
|
|
|
2019-03-22 06:57:34 +00:00
|
|
|
peers = mkOption {
|
|
|
|
type = types.listOf types.str;
|
|
|
|
default = [];
|
|
|
|
};
|
|
|
|
|
|
|
|
rescanInterval = mkOption {
|
|
|
|
type = types.int;
|
2019-03-23 15:04:50 +00:00
|
|
|
default = 3600;
|
2019-03-22 06:57:34 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
type = mkOption {
|
|
|
|
type = types.enum [ "sendreceive" "sendonly" "receiveonly" ];
|
|
|
|
default = "sendreceive";
|
|
|
|
};
|
|
|
|
|
2019-03-23 15:04:01 +00:00
|
|
|
watch = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
watchDelay = mkOption {
|
|
|
|
type = types.int;
|
|
|
|
default = 10;
|
|
|
|
};
|
|
|
|
|
|
|
|
ignorePerms = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = true;
|
|
|
|
};
|
|
|
|
|
2019-03-22 06:57:34 +00:00
|
|
|
};
|
|
|
|
}));
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = (mkIf cfg.enable) {
|
|
|
|
|
|
|
|
systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) {
|
|
|
|
preStart = ''
|
2019-04-09 14:52:17 +00:00
|
|
|
${optionalString (cfg.cert != null) ''
|
|
|
|
cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem
|
|
|
|
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/cert.pem
|
|
|
|
chmod 400 ${config.services.syncthing.dataDir}/cert.pem
|
|
|
|
''}
|
|
|
|
${optionalString (cfg.key != null) ''
|
|
|
|
cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem
|
|
|
|
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/key.pem
|
|
|
|
chmod 400 ${config.services.syncthing.dataDir}/key.pem
|
|
|
|
''}
|
2019-03-22 06:57:34 +00:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.services.syncthing-init = {
|
|
|
|
after = [ "syncthing.service" ];
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
User = config.services.syncthing.user;
|
|
|
|
RemainAfterExit = true;
|
|
|
|
Type = "oneshot";
|
|
|
|
ExecStart = updateConfig;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|