tstarr/dotfiles
1
0
Fork 0
mirror of https://github.com/starr-dusT/dotfiles.git synced 2025-02-19 03:07:32 -08:00
Code Issues Packages Projects Releases Wiki Activity

initial syncthing fix for kestrel and bulwark

Browse Source
This commit is contained in:
Tyler Starr 2024-10-22 21:11:00 -07:00
parent f5504dfe30
commit 4d47209a59
11 changed files with 119 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
provision/hosts/bulwark/configuration.nix
View File

@ -2,7 +2,6 @@
{
imports = [
./steam-deck.nix
./syncthing.nix
];
# Set networking options
@ -35,6 +34,15 @@
};
services = {
samba-client.enable = true;
syncthing = {
enable = true;
keyPath = ../../secrets/syncthing/bulwark/key.pem.age;
certPath = ../../secrets/syncthing/bulwark/cert.pem.age;
devices = {
"kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
};
folders = {};
};
};
system = {
ssh.enable = true;

47
provision/hosts/bulwark/syncthing.nix
View File

@ -1,47 +0,0 @@
{ config, lib, pkgs, user, ... }:
{
networking.firewall.allowedTCPPorts = [ 8384 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 21027 ];
environment.systemPackages = with pkgs; [
syncthing # File sync program for multiple devices in real-time.
];
services.syncthing = {
enable = true;
user = "${user}";
dataDir = "/home/${user}/.local/share/syncthing";
guiAddress = "0.0.0.0:8384";
overrideDevices = true;
overrideFolders = true;
settings.devices = {
"kestrel" = { id = "KYEWTBL-GL343U7-OIM63LT-2IYGJAP-RCL545L-2KJOIY4-6352W6Y-DZRVGAL"; };
};
settings.folders = {
"Gamecube Saves" = {
path = "/home/${user}/.local/share/dolphin-emu/GC";
devices = [ "kestrel" ];
};
"Ryujinx Saves" = {
path = "/home/${user}/.config/Ryujinx/bis";
devices = [ "kestrel" ];
};
"Yuzu Saves" = {
path = "/home/${user}/.local/share/yuzu/nand/user/save/0000000000000000/705C6CE0127692D598F92E68B640D644";
devices = [ "kestrel" ];
};
"PSP Saves" = {
path = "/home/${user}/.config/ppsspp/PSP/SAVEDATA";
devices = [ "kestrel" ];
};
"PSP Save States" = {
path = "/home/${user}/.config/ppsspp/PSP/PPSSPP_STATE";
devices = [ "kestrel" ];
};
"Roms Saves" = {
path = "/home/${user}/media/roms/saves";
devices = [ "kestrel" ];
};
};
};
}

8
provision/hosts/kestrel/configuration.nix
View File

@ -1,7 +1,6 @@
{ config, pkgs, user, lib, ... }:
{
imports = [
./syncthing.nix
./backup.nix
];
@ -57,6 +56,13 @@
peripherals.enable = true;
samba-client.enable = true;
virt-manager.enable = true;
syncthing = {
enable = true;
keyPath = ../../secrets/syncthing/kestrel/key.pem.age;
certPath = ../../secrets/syncthing/kestrel/cert.pem.age;
devices = {};
folders = {};
};
};
system = {
backup.enable = true;

54
provision/hosts/kestrel/syncthing.nix
View File

@ -1,54 +0,0 @@
{ config, lib, pkgs, user, ... }:
{
networking.firewall.allowedTCPPorts = [ 8384 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 21027 ];
environment.systemPackages = with pkgs; [
syncthing # File sync program for multiple devices in real-time.
];
services.syncthing = {
enable = true;
user = "${user}";
dataDir = "/home/${user}/.local/share/syncthing";
configDir = "/home/${user}/.config/syncthing";
guiAddress = "0.0.0.0:8384";
overrideDevices = true;
overrideFolders = true;
settings.devices = {
"bulwark" = { id = "ZGLQ725-OJSDNTE-MXYLIUD-XDB7REJ-2B2DVNU-PAFF6VC-MUUWRI6-4SNPWAK"; };
"torus" = { id = "WCZYHD7-5Y33SSU-74JHAQR-V7LYMDM-SDG2NTN-DJ2VKF2-DUBBUE5-PU5CGQN"; };
"shivan" = { id = "KUSOQSH-RKLLA32-T3KAPQP-VNJISLL-QSQCGFZ-ZL7ZULE-MJC67DK-2U6G4Q7"; };
};
settings.folders = {
"Gamecube Saves" = {
path = "/home/${user}/.local/share/dolphin-emu/GC";
devices = [ "bulwark" ];
};
"Ryujinx Saves" = {
path = "/home/${user}/.config/Ryujinx/bis";
devices = [ "bulwark" ];
};
"Yuzu Saves" = {
path = "/home/${user}/.local/share/yuzu/nand/user/save/0000000000000000/705C6CE0127692D598F92E68B640D644";
devices = [ "bulwark" ];
};
"PSP Saves" = {
path = "/home/${user}/.config/ppsspp/PSP/SAVEDATA";
devices = [ "bulwark" ];
};
"PSP Save States" = {
path = "/home/${user}/.config/ppsspp/PSP/PPSSPP_STATE";
devices = [ "bulwark" ];
};
"General Sync" = {
path = "/home/${user}/sync";
devices = [ "shivan" ];
};
"Rom Saves" = {
path = "/home/${user}/media/roms/saves";
devices = [ "bulwark" ];
};
};
};
}

2
provision/modules/services/default.nix
View File

@ -1,4 +1,4 @@
{ ... }:
{
imports = [ ./peripherals.nix ./samba-client.nix ./virt-manager.nix ];
imports = [ ./peripherals.nix ./samba-client.nix ./syncthing.nix ./virt-manager.nix ];
}

68
provision/modules/services/syncthing.nix Normal file
View File

@ -0,0 +1,68 @@
{ config, lib, pkgs, user, ... }:
let cfg = config.modules.services.syncthing;
in {
options.modules.services.syncthing = with lib; {
enable = lib.mkOption {
type = types.bool;
default = true;
};
keyPath = mkOption {
type = types.path;
default = ./key.pem;
};
certPath = mkOption {
type = types.path;
default = ./cert.pem;
};
devices = mkOption {
type = types.attrs;
default = {};
description = ''
A set of devices and associated IDs.
'';
};
folders = mkOption {
type = types.attrs;
default = {};
description = ''
A set of folders, each defined by a set of attributes like
path, devices, and other configuration options.
'';
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [
syncthing # File sync program for multiple devices in real-time.
];
networking.firewall.allowedTCPPorts = [ 8384 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 21027 ];
age.secrets."syncthing/key.pem" = {
file = cfg.keyPath;
owner = "${user}";
group = "users";
};
age.secrets."syncthing/cert.pem" = {
file = cfg.certPath;
owner = "${user}";
group = "users";
};
services.syncthing = {
enable = true;
user = "${user}";
dataDir = "/home/${user}/.local/share/syncthing";
configDir = "/home/${user}/.config/syncthing";
guiAddress = "0.0.0.0:8384";
overrideDevices = true;
overrideFolders = true;
key = "/run/agenix/syncthing/key.pem";
cert = "/run/agenix/syncthing/cert.pem";
settings.devices = cfg.devices;
settings.folders = cfg.folders;
};
};
}

8
provision/secrets/secrets.nix
View File

@ -7,14 +7,13 @@ let
in
{
"git/github_personal.age".publicKeys = systems;
"git/gitea-runner-1.age".publicKeys = systems;
"emu/switch/prod.keys.age".publicKeys = systems;
"emu/switch/title.keys.age".publicKeys = systems;
"wireguard/kestrel.age".publicKeys = systems;
"wireguard/torus.age".publicKeys = systems;
"wireguard/bulwark.age".publicKeys = systems;
"wireguard/osprey.age".publicKeys = systems;
"git/gitea-runner-1.age".publicKeys = systems;
"nextcloud/password.age".publicKeys = systems;
"ssh/kestrel/id_ed25519.age".publicKeys = systems;
"ssh/kestrel/id_ed25519.pub.age".publicKeys = systems;
"ssh/torus/id_ed25519.age".publicKeys = systems;
@ -22,5 +21,10 @@ in
"borg/torus/password.age".publicKeys = systems;
"borg/rsync/id_rsa.age".publicKeys = systems;
"borg/rsync/id_rsa.pub.age".publicKeys = systems;
"nextcloud/password.age".publicKeys = systems;
"syncthing/kestrel/key.pem.age".publicKeys = systems;
"syncthing/kestrel/cert.pem.age".publicKeys = systems;
"syncthing/bulwark/key.pem.age".publicKeys = systems;
"syncthing/bulwark/cert.pem.age".publicKeys = systems;
}

BIN
provision/secrets/syncthing/bulwark/cert.pem.age Normal file
View File

Binary file not shown.

13
provision/secrets/syncthing/bulwark/key.pem.age Normal file
View File

@ -0,0 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 Fz/sQw 4Obmjc1CCEWuc35rI9Pvkx6ScGnJ9WULezH4IDXQtWw
yXF2uJJmQQfVvbxChmJzJbDw7lonnkvTcipMIhuhyxI
-> ssh-ed25519 47GzQA u3C6BOJ5q+DodB+ElYL8DGQ1AkWLegRZxTiOWaX46Fs
1p30kpogURAvWq+sF53glTldDELIcW2kNwWINwG8Xv8
-> ssh-ed25519 wcI7nQ BBy4Kj7grypTdC+YoWTVzhl5Fq9r8t65lljxdOX1QCA
rDCbLA7o9bC2MQcwb7kagaYEnSfiqfGzZD18J92vyA4
-> ssh-ed25519 QjdSCg QB6m+6Q15r956ioxEtJDeKMXEG8rCWCMEAK5Wgk5Yz8
1UiMy7C5VXWyBGDuhu2dq/XinGsStN7deM9ySLuYpQ4
--- wOD9RLQibszEgJMIn5mt91wqx+ozFgWQM+zkk8DGEbk
p³ê)tBcàÚª<E2809A>wÑt <09>b&?~ DBgƒÌ\jˆÿSݳÝs˜ÀÞt¶#ìŽ-&Šaä«-@ž_´$Â+*üÉ<>šþáS¿oºH4‰sìÕ<C3AC><32>ú'ñPÔm¹Ìü½r¥ƒ¿´¾>§âÚ.Ø¥0<1B>»‘¦’Ú œ¼ ÿ
´*µG viÀÄœ6„°Ù¢«{¸Ìâ½ å‘"A~OQË©ËþöŽÕ„êør­A;;´ŽuI:OL=ï,Á<>B.ñ<05>Úô˜lN«Û[H; Ÿ
k²€ŽWK¢ß}×ß~Ú \¸ÑòRfî.kPµ¸†9X6ç6½5à¦[ÊØ`p²m.¹<Åصr¬â¨ïLe…aPŸ ¿Ñ(×BGE'ã2¦K¯ÓÅ7§Ó“e™¤Vñï<C3B1>ö{‘êœ!ñ¨4G

15
provision/secrets/syncthing/kestrel/cert.pem.age Normal file
View File

@ -0,0 +1,15 @@
age-encryption.org/v1
-> ssh-ed25519 Fz/sQw lJgGhfqiTm8FFj+oH70OpN3fz10SS7oYMIHLzcA9dgc
thWong+Qe6FKtn2mkjLxk8JuYbKstSQfbZioMVzlNtY
-> ssh-ed25519 47GzQA m57QSYKzPgZTa/RGkuMBS+iIqtR0eRtQ+d5RZ1tx6Dw
7xOAxSbjGdqI0X+olwczSlBGLmOnq42TUQV1I43pvTs
-> ssh-ed25519 wcI7nQ +Jk8L3kDT2PYFRkZ7iEgcSYaYrkOltXnDRgMLQmKshw
rtoVv+qaqMlmurVleOYZmuJHTB1T3gkwcrEkQE5tV2k
-> ssh-ed25519 QjdSCg S1Ikef+MsrrIDcbEM2nxrA81u0ES+YyO/TdK27Md0zQ
hO8ByZCocxg4Hp1itRuuiAp9dV8xEgsmhNNIoEBd1z8
--- kIkGQGju9h8celXL7cN9etYTtxhnO3VIIK5ZAtg4yGU
%$BHîÔþFÞjû“¦æµÂ>“ˆ“%X¢67v“w!A²üˆBòïK -xÔÇßãkpßQ=W™ž æçë«å¦y¼â¤ï! SJ£à£öîˆÎ¢* æŽQe¦û.sÖÞá<C39E>¯­ž n&Ú<07>ݲ[5¾åF @£%‰èÝ´ ˆP<CB86>*ë§,ŸJäN•Zñ:þõIäí ½<>YJ÷ü8ŠÞÓøBxÛò/ш«<CB86>i <0B>Ÿ'È•—M¸
º-E<13>)õ¡ÕH¡,¸%c×q[Üq%Ev¿|.ƒ”ÈßÃ?ïWF˜lÂn©»—ŸšhÀÒÓzÔ×k4•Âî<7F>É÷w WÂn\]ÀŸ à‹Ã…ÄU¸Æ=w4q³ÛM³õȆ`ý cJ)D^*R”Q!­©ú<C2A9>7è_ØÇ䀫ìëY€ª”ºò[Š5K÷·ãw«{j,Úÿv:öÌ€áXÒ9XáMŸø_Ñ »âƒxH°_çùÃ{×
«K;rðHºÁÂ<C381><C382>ü]Ü¢óbr5À/ƒQÍ¢+¿<1E>£aø#Nt¾3!w%ã˜5mÀÒ/
×Pvøi[´\Ò©²ôvî@3o“Ì.ýäÔûõcíæÔ åÕÑñf(g¾ ÷RbùäÒê`·?:iç V˜Ãþjhµ*+µÒ4Õ<g26¿Aµ
y9ÿqr°<EFBFBD>È—;Ãa±8@Ì=€[zwÂ.øHNÅ }¸Ìl,¸ 3´ÈD;^Û+â0Ó±‰¯Go¡Œe®ç(Áxdõkf؉¦jÐïóƒ“:N¡yŸÓêYõ¥HDIÖ.*Ÿ<¡Y<E280B9>NÔ)äÐèuôöÀŽÀ<C5BD>iͦðóé]äkÚÙæ+"6NÈøbV þ£ÁçŒØmÁ_!´§ V뀭o ”(ßF•u]«ÒÃo<>¥ÿáË´£WÃŽ§£9Q)åÔ#æ_잘<C5BE>[ÀS¯iœîhîÚí<C39A>¤kÇø(Q”}É1-]ˆ\ Ça¦,ÌûYçª)@®‰T-ªJËa\ÄÀ©À@ªû¡´g»|3ÅúoÙ¾O‰O|^2NpAyù^õ@

BIN
provision/secrets/syncthing/kestrel/key.pem.age Normal file
View File

Binary file not shown.