willifan/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

added syncthing password

Browse source
This commit is contained in:
willifan 2024-12-23 00:13:41 +01:00
parent a94fee1cd2
commit 985b5344f6
5 changed files with 20 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
flake.nix
View file

@ -72,6 +72,7 @@
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
} }
attrs.sops-nix.nixosModules.sops
attrs.disko.nixosModules.disko attrs.disko.nixosModules.disko
attrs.stylix.nixosModules.stylix attrs.stylix.nixosModules.stylix
attrs.nixvim.nixosModules.nixvim attrs.nixvim.nixosModules.nixvim
@ -101,6 +102,7 @@
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
} }
attrs.sops-nix.nixosModules.sops
attrs.disko.nixosModules.disko attrs.disko.nixosModules.disko
attrs.stylix.nixosModules.stylix attrs.stylix.nixosModules.stylix
attrs.nixvim.nixosModules.nixvim attrs.nixvim.nixosModules.nixvim
@ -132,6 +134,7 @@
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
} }
attrs.sops-nix.nixosModules.sops
attrs.disko.nixosModules.disko attrs.disko.nixosModules.disko
attrs.stylix.nixosModules.stylix attrs.stylix.nixosModules.stylix
attrs.nixvim.nixosModules.nixvim attrs.nixvim.nixosModules.nixvim
@ -163,6 +166,7 @@
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
} }
attrs.sops-nix.nixosModules.sops
attrs.disko.nixosModules.disko attrs.disko.nixosModules.disko
attrs.stylix.nixosModules.stylix attrs.stylix.nixosModules.stylix
attrs.nixvim.nixosModules.nixvim attrs.nixvim.nixosModules.nixvim

11
modules/common/sops.nix
View file

@ -1,9 +1,6 @@
{ attrs, ... }: { ... }:
{ {
imports = [
attrs.sops-nix.nixosModules.sops
];
sops.defaultSopsFile = ../../secrets/secrets.yaml; sops.defaultSopsFile = ../../secrets/secrets.yaml;
sops.defaultSopsFormat = "yaml"; sops.defaultSopsFormat = "yaml";
@ -13,6 +10,12 @@
sops.secrets."ssh/root/private" = { sops.secrets."ssh/root/private" = {
owner = "root"; owner = "root";
}; };
sops.secrets."syncthing/password" = { sops.secrets."syncthing/password" = {
mode = "440";
group = "syncthing";
}; };
users.groups.syncthing = { };
} }

13
modules/common/syncthing.nix
View file

@ -1,4 +1,4 @@
{ lib, types, config, ... }: { lib, config, ... }:
let let
deviceList = builtins.attrNames config.common.syncthing.devices; deviceList = builtins.attrNames config.common.syncthing.devices;
in in
@ -20,18 +20,13 @@ in
}; };
}; };
config.services.syncthing = lib.mkIf config.common.syncthing.enable { config.home-manager.users.willifan.services.syncthing = lib.mkIf config.common.syncthing.enable {
enable = lib.mkDefault true; enable = lib.mkDefault true;
user = lib.mkDefault "willifan";
dataDir = lib.mkDefault "/mnt/data";
configDir = lib.mkDefault "/mnt/data/.config/syncthing";
overrideDevices = lib.mkDefault true; overrideDevices = lib.mkDefault true;
overrideFolders = lib.mkDefault true; overrideFolders = lib.mkDefault true;
passwordFile = config.sops.secrets."syncthing/password".path;
settings = { settings = {
gui = { gui.user = "willifan";
user = lib.mkDefault "willifan";
password = lib.mkDefault "temppassword";
};
devices = config.common.syncthing.devices; devices = config.common.syncthing.devices;
folders = lib.mkDefault { folders = lib.mkDefault {
"Documents" = { "Documents" = {

8
secrets/secrets.yaml
View file

@ -3,7 +3,7 @@ ssh:
root: root:
private: ENC[AES256_GCM,data:DX6CCw==,iv:d+ju8wDKcuiEb5W2/xKMUu7TtyrLPvfZggrNCjJj/qc=,tag:kwTVpW706rgH9JGXhiu8yg==,type:str] private: ENC[AES256_GCM,data:DX6CCw==,iv:d+ju8wDKcuiEb5W2/xKMUu7TtyrLPvfZggrNCjJj/qc=,tag:kwTVpW706rgH9JGXhiu8yg==,type:str]
syncthing: syncthing:
password: ENC[AES256_GCM,data:LzF/9A==,iv:+w/Fg0hMGAw4FKvY0cnT5bKVNhwLf18EOFV4hnApzbI=,tag:qjGxsCb0m9yMvhEyIn/HJw==,type:str] password: ENC[AES256_GCM,data:GcHxNKGqzjELPefKVlzErm9Ysqk=,iv:3izHDNULVumtR8nvQtvGI5j5FvUoLv9crnRmRBzzLD0=,tag:jq6b1SUnJx+qqiHenHV4VA==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -19,8 +19,8 @@ sops:
K1NUZDI1SDQ2UVIyVWdkYW5PYWF1TDQKPFPXOdYOsqoh/ivAUl9SgJQeEI4yBJuq K1NUZDI1SDQ2UVIyVWdkYW5PYWF1TDQKPFPXOdYOsqoh/ivAUl9SgJQeEI4yBJuq
vfK/44pf9CcoWG0+J1di2pklliXRKqSrC63bdUgRVKOZwdxZOkQUKw== vfK/44pf9CcoWG0+J1di2pklliXRKqSrC63bdUgRVKOZwdxZOkQUKw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-08T16:40:52Z" lastmodified: "2024-12-22T22:52:20Z"
mac: ENC[AES256_GCM,data:FjDaDzAYWCWS9SsGKfh0yfofuzjW+p2hbt3tEYQhlWHU+VrEOOopaZXQ/Ut2QfafsEX3NV9TCJAhQsy4WsDs7Jz0XqfoydmDomhyOWMXOz9mpxFR+oKvct2bM5Ai0vibBaEJjPIw8ELFIeDI19V0IPmAFSdGeUgameKMn8Lpc4U=,iv:opqmhUsyYM4mhBqN8Nf1ec0E72rMbfxgD05ffKYDbWo=,tag:X6XR7oVcGg8sMXNGz58K4g==,type:str] mac: ENC[AES256_GCM,data:PyP4U9d5goV+kBk4Of9bBCW2emQK6pk8yCFfHK+1VlTZGK3UtbSUQ3l7nuLOhXrWg52gk7tQL2Wznq7GJCZ4ffHHDTwZC9OpcoOSKxoroEtlHxu7DUwR4E/Jz8DD0Y8yYpQ3psx5jZeBFSX8y60Xd4OMYq5Z9sJ9NdLw0QUt3JE=,iv:XlVylWl7rs9nhSdPVqN9rjLMVxf9Y8m049viK3pPWXI=,tag:TIbdl7ta8hMI9Re+Lo31Og==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.1 version: 3.9.2

2
users/willifan/common/user.nix
View file

@ -3,7 +3,7 @@
users.users.willifan = { users.users.willifan = {
isNormalUser = true; isNormalUser = true;
description = "willifan"; description = "willifan";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" "syncthing" ];
}; };
} }