summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/syncthing.nix129
2 files changed, 130 insertions, 0 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 9c2f53cbe..567c077eb 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -48,6 +48,7 @@ let
./rtorrent.nix
./secret.nix
./setuid.nix
+ ./syncthing.nix
./tinc.nix
./tinc_graphs.nix
./urlwatch.nix
diff --git a/krebs/3modules/syncthing.nix b/krebs/3modules/syncthing.nix
new file mode 100644
index 000000000..389da81d4
--- /dev/null
+++ b/krebs/3modules/syncthing.nix
@@ -0,0 +1,129 @@
+{ config, pkgs, ... }: with import <stockholm/lib>;
+
+let
+
+ cfg = config.krebs.syncthing;
+
+ devices = mapAttrsToList (name: peer: {
+ name = name;
+ deviceID = peer.id;
+ addresses = peer.addresses;
+ }) cfg.peers;
+
+ folders = map (folder: {
+ inherit (folder) path type;
+ id = folder.path;
+ devices = map (peer: { deviceId = cfg.peers.${peer}.id; }) folder.peers;
+ rescanIntervalS = folder.rescanInterval;
+ }) cfg.folders;
+
+ getApiKey = pkgs.writeDash "getAPIKey" ''
+ ${pkgs.libxml2}/bin/xmllint \
+ --xpath 'string(configuration/gui/apikey)'\
+ ${config.services.syncthing.dataDir}/config.xml
+ '';
+
+ updateConfig = pkgs.writeDash "merge-syncthing-config" ''
+ set -efu
+ API_KEY=$(${getApiKey})
+ CFG=$(${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config)
+ echo "$CFG" | ${pkgs.jq}/bin/jq -s '.[] * {
+ "devices": ${builtins.toJSON devices},
+ "folders": ${builtins.toJSON folders}
+ }' | ${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config -d @-
+ ${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/restart -X POST
+ '';
+
+in
+
+{
+ options.krebs.syncthing = {
+
+ enable = mkEnableOption "syncthing-init";
+
+ id = mkOption {
+ type = types.str;
+ default = config.krebs.build.host.name;
+ };
+
+ cert = mkOption {
+ type = types.nullOr types.absolute-pathname;
+ default = null;
+ };
+
+ key = mkOption {
+ type = types.nullOr types.absolute-pathname;
+ default = null;
+ };
+
+ peers = mkOption {
+ default = {};
+ type = types.attrsOf (types.submodule ({
+ options = {
+
+ # TODO make into addr + port submodule
+ addresses = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ };
+
+ #TODO check
+ id = mkOption {
+ type = types.str;
+ };
+
+ };
+ }));
+ };
+
+ folders = mkOption {
+ default = [];
+ type = types.listOf (types.submodule ({
+ options = {
+
+ path = mkOption {
+ type = types.absolute-pathname;
+ };
+
+ peers = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ };
+
+ rescanInterval = mkOption {
+ type = types.int;
+ default = 60;
+ };
+
+ type = mkOption {
+ type = types.enum [ "sendreceive" "sendonly" "receiveonly" ];
+ default = "sendreceive";
+ };
+
+ };
+ }));
+ };
+ };
+
+ config = (mkIf cfg.enable) {
+
+ systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) {
+ preStart = ''
+ ${optionalString (cfg.cert != null) "cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem"}
+ ${optionalString (cfg.key != null) "cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem"}
+ '';
+ };
+
+ systemd.services.syncthing-init = {
+ after = [ "syncthing.service" ];
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = {
+ User = config.services.syncthing.user;
+ RemainAfterExit = true;
+ Type = "oneshot";
+ ExecStart = updateConfig;
+ };
+ };
+ };
+}