From d772abff12b765b844f91b3a46faa2167934d1e1 Mon Sep 17 00:00:00 2001 From: Aly Raffauf Date: Sun, 9 Jun 2024 21:39:35 -0400 Subject: [PATCH] moved syncthing key/cert hosts -> nixosModules --- flake.nix | 1 + hosts/fallarbor/default.nix | 10 ---------- hosts/lavaridge/default.nix | 10 ---------- hosts/mauville/default.nix | 11 ----------- hosts/petalburg/default.nix | 11 ----------- hosts/rustboro/default.nix | 11 ----------- nixosModules/services/syncthing/default.nix | 10 +++++++++- 7 files changed, 10 insertions(+), 54 deletions(-) diff --git a/flake.nix b/flake.nix index 6b8c4211..0bbe99b3 100644 --- a/flake.nix +++ b/flake.nix @@ -96,6 +96,7 @@ specialArgs = {inherit inputs self;}; modules = [ ./hosts/${host} + self.nixosModules.default inputs.agenix.nixosModules.default ]; } diff --git a/hosts/fallarbor/default.nix b/hosts/fallarbor/default.nix index 268fe540..8271ad24 100644 --- a/hosts/fallarbor/default.nix +++ b/hosts/fallarbor/default.nix @@ -11,7 +11,6 @@ ./disko.nix ./hardware.nix ./home.nix - self.nixosModules.default ]; boot = { @@ -25,17 +24,8 @@ networking.hostName = "fallarbor"; # Define your hostname. - age.secrets = { - syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age"; - syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age"; - }; - services = { fwupd.enable = true; - syncthing = { - cert = config.age.secrets.syncthingCert.path; - key = config.age.secrets.syncthingKey.path; - }; }; alyraffauf = { diff --git a/hosts/lavaridge/default.nix b/hosts/lavaridge/default.nix index a272bb3d..45bc69cf 100644 --- a/hosts/lavaridge/default.nix +++ b/hosts/lavaridge/default.nix @@ -11,7 +11,6 @@ ./disko.nix ./hardware.nix ./home.nix - self.nixosModules.default ]; boot = { @@ -25,17 +24,8 @@ networking.hostName = "lavaridge"; # Define your hostname. - age.secrets = { - syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age"; - syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age"; - }; - services = { fwupd.enable = true; - syncthing = { - cert = config.age.secrets.syncthingCert.path; - key = config.age.secrets.syncthingKey.path; - }; }; alyraffauf = { diff --git a/hosts/mauville/default.nix b/hosts/mauville/default.nix index 3d2067e9..c5c308c1 100644 --- a/hosts/mauville/default.nix +++ b/hosts/mauville/default.nix @@ -16,7 +16,6 @@ in { imports = [ ./hardware.nix ./home.nix - self.nixosModules.default ]; # Bootloader. @@ -25,16 +24,6 @@ in { networking.hostName = hostName; # Define your hostname. - age.secrets = { - syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age"; - syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age"; - }; - - services.syncthing = { - cert = config.age.secrets.syncthingCert.path; - key = config.age.secrets.syncthingKey.path; - }; - alyraffauf = { apps = { nicotine-plus.enable = true; diff --git a/hosts/petalburg/default.nix b/hosts/petalburg/default.nix index 6df1fbd9..f7a872a9 100644 --- a/hosts/petalburg/default.nix +++ b/hosts/petalburg/default.nix @@ -11,7 +11,6 @@ ./disko.nix ./hardware.nix ./home.nix - self.nixosModules.default ]; boot = { @@ -25,16 +24,6 @@ networking.hostName = "petalburg"; # Define your hostname. - age.secrets = { - syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age"; - syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age"; - }; - - services.syncthing = { - cert = config.age.secrets.syncthingCert.path; - key = config.age.secrets.syncthingKey.path; - }; - alyraffauf = { system = { plymouth.enable = true; diff --git a/hosts/rustboro/default.nix b/hosts/rustboro/default.nix index c69320e2..1b663ab8 100644 --- a/hosts/rustboro/default.nix +++ b/hosts/rustboro/default.nix @@ -11,7 +11,6 @@ ./disko.nix ./hardware.nix ./home.nix - self.nixosModules.default ]; boot = { @@ -22,16 +21,6 @@ networking.hostName = "rustboro"; # Define your hostname. - age.secrets = { - syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age"; - syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age"; - }; - - services.syncthing = { - cert = config.age.secrets.syncthingCert.path; - key = config.age.secrets.syncthingKey.path; - }; - alyraffauf = { system = { plymouth.enable = true; diff --git a/nixosModules/services/syncthing/default.nix b/nixosModules/services/syncthing/default.nix index 55c9deeb..e7bc1aa2 100644 --- a/nixosModules/services/syncthing/default.nix +++ b/nixosModules/services/syncthing/default.nix @@ -28,12 +28,20 @@ }; config = lib.mkIf config.alyraffauf.services.syncthing.enable { + age.secrets = { + syncthingCert.file = ../../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age"; + syncthingKey.file = ../../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age"; + }; + systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; + services.syncthing = { enable = true; + cert = config.age.secrets.syncthingCert.path; + dataDir = "/home/${config.alyraffauf.services.syncthing.user}"; + key = config.age.secrets.syncthingKey.path; openDefaultPorts = true; user = config.alyraffauf.services.syncthing.user; - dataDir = "/home/${config.alyraffauf.services.syncthing.user}"; settings = { options = { localAnnounceEnabled = true;