syncthing: split into l and krebs
This commit is contained in:
parent
8e5eb283f4
commit
550b502628
15
krebs/2configs/syncthing.nix
Normal file
15
krebs/2configs/syncthing.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ config, pkgs, ... }: with import <stockholm/lib>; let
|
||||||
|
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
|
||||||
|
|
||||||
|
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
|
||||||
|
used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders));
|
||||||
|
used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
|
||||||
|
in {
|
||||||
|
services.syncthing = {
|
||||||
|
enable = true;
|
||||||
|
configDir = "/var/lib/syncthing";
|
||||||
|
declarative = {
|
||||||
|
devices = mk_peers used_peers;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,18 +1,11 @@
|
|||||||
{ config, pkgs, ... }: with import <stockholm/lib>; let
|
{ config, pkgs, ... }: with import <stockholm/lib>;
|
||||||
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
|
{
|
||||||
|
imports = [ <stockholm/krebs/2configs/syncthing.nix> ];
|
||||||
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
|
|
||||||
used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders));
|
|
||||||
used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
|
|
||||||
in {
|
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
|
||||||
group = "syncthing";
|
group = "syncthing";
|
||||||
configDir = "/var/lib/syncthing";
|
|
||||||
declarative = {
|
declarative = {
|
||||||
key = toString <secrets/syncthing.key>;
|
key = toString <secrets/syncthing.key>;
|
||||||
cert = toString <secrets/syncthing.cert>;
|
cert = toString <secrets/syncthing.cert>;
|
||||||
devices = mk_peers used_peers;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
Loading…
Reference in New Issue
Block a user