Kyren223/server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated syncthing to be web-accessible

Browse Source
This commit is contained in:
Kyren223
2024-12-31 16:30:31 +02:00
parent ad29a1cc6e
commit 40f67cc5d3
2 changed files with 25 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nixosModules/secrets.yaml
View File

@@ -1,6 +1,7 @@
github-access-token: ENC[AES256_GCM,data:VXzObn7doHiMzHzzLaBp8Awe3lO256zUoC8u06APR2WQitvJZs1EIqJs92rA5aORny4J6EahBaKRlcrur8oxBfRSAYkzXrECNm6E8mDYFelKv3sjXlPC3KHvHWtNewkkOA8yDOjdvw7kQVWsqZcO73GxZtN6/LgNiZfW7HMC,iv:3jr6uz+3ZUmIXP9aeqzOtvrHZhbc7Wpbdi1ZA0L8r+I=,tag:4eaV7GsdGrP7sLZAPVIDyQ==,type:str]
cloudflare-dns-api-token: ENC[AES256_GCM,data:NtHjCIgY3O3hMdscGeBHLTzgxnW3uvIdf4Pin/v41ZV1YdsPtz2rXA==,iv:r5jOfkYFUgadCePCTCGeoRtmnrSfRCPytxwUBdLX290=,tag:Fq69nnShzj7QcGT4cPGftA==,type:str]
gitea-db-password: ENC[AES256_GCM,data:LHru7hpuT9dmEsfEfcsejfcyoNo2JHITmDzxcqHsj+XCBgQOroi9t+I57QN/Qs6+0Eq4wkSq3o2E,iv:mM9xzbXZK9JUMh078TvsNoMtb4g6dffQmRnYqC7UFf4=,tag:k3v1lKhdYSejoFgs3HTk2g==,type:str]
syncthing-gui-password: ENC[AES256_GCM,data:CSQuswlhnCX1ChRTffWvIFodQ3vU4PmlDj8H7MjtQ7aWEok330V2Cqs/4EV0PnVtFd3uBCQ=,iv:TqNYonoB7ygN3PT67MFjythf8a+gNPEwDNdtNadMHQk=,tag:hnGs0Z59EGOUKtit9wGD+A==,type:str]
sops:
kms: []
gcp_kms: []
@@ -16,8 +17,8 @@ sops:
b254YjZLRm9odks2Y1Erdk1NSU1CVncKnhMnBLjSLfMO3A7gTUI9vIRQvaK07I7k
mQdtsGZM+1FqlbxsFIoqji+xrqAvcBQENott5+tuFM+ePT5EjQUYGg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-29T20:46:56Z"
mac: ENC[AES256_GCM,data:KUlfjIJ0y8SdWSoH44m5fdA0Qy5X4tawjjKREYYBzyiST3vR4+zywl5WPNS7kqslXYJJwuZ0zk28UwrnEnFov8VkZu/lM0814pD3S0NnFlZtmIrXiCmYlnkTIG8M/qWFenes99gzHdHgv6eUWlosDVdX02JeSN1OmsnlsEzdYZo=,iv:3cSgN2GW+zrlv0obtGSWvIagRmfBUH7OYT7xXMPjqm8=,tag:cdYplNXDjcfIAQa5z802Ig==,type:str]
lastmodified: "2024-12-31T14:24:22Z"
mac: ENC[AES256_GCM,data:0GxemQRYL/FKCv1AIXwxpo/HXAZmueG0VLYxXY4epAHDEx59uUGmMPGbLD6j5WjPVA6mnRqE3VCKLFrbRbw+XmVjrWQuq9E2VTb22xcVMchUKY/rK1a+UJAr/cqKmNyjIoKLj3rJyKsOKMRDH6YQEqCJW6h4PE8bGHkcsqGH4NA=,iv:z28J10nK6ejRrFJJBi2y+f174YkGONDtL6en1lbUS1g=,tag:Sf69A3HiP5eDzIUSnljpXw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

24
nixosModules/syncthing.nix
View File

@@ -1,16 +1,30 @@
{ pkgs, lib, config, ... }: {
imports = [
./acme.nix
];
options = {
syncthing.enable = lib.mkEnableOption "enables syncthing";
};
config = lib.mkIf config.syncthing.enable {
# 443 and 80 for for http and https
# 22000 TCP and/or UDP for sync traffic
# 21027/UDP for discovery
networking.firewall.allowedTCPPorts = [ 22000 ];
networking.firewall.allowedTCPPorts = [ 22000 443 80 ];
networking.firewall.allowedUDPPorts = [ 22000 21027 ];
# Make sure acme module is active for the "kyren.codes" ssl cert
acme.enable = true;
services.nginx.enable = true;
services.nginx.virtualHosts."sync.kyren.codes" = {
useACMEHost = "kyren.codes";
forceSSL = true;
locations."/".proxyPass = "http://localhost:8384/";
};
servicessyncthing = {
enable = true;
group = "syncthing";
@@ -26,5 +40,11 @@
folders = { };
};
};
sops.secrets.syncthing-gui-password = { };
services.syncthing.settings.gui = {
user = "username";
password = ${config.sops.secrets.syncthing-gui-password.path};
};
};
}