sydnix/modules/nixos/syncthing.nix

{ config, lib, pkgs, ... }:

let cfg = config.sydnix.syncthing;
in {
  options.sydnix.syncthing = {
    enable = lib.mkEnableOption "Syncthing";
    includeDevices = lib.mkOption {
      type =
        lib.types.listOf
          (lib.types.enum (builtins.attrNames cfg.devices));
      default = [];
      description = ''
        A list of device names to sync with.  See the read-only option
        `sydnix.syncthing.devices` for the concrete details.
      '';
    };
    devices = lib.mkOption {
      # This should generally be in sync with modules/home/syncthing.nix.
      default = {
        "guix-rebound".id =
          "Q5B6LIV-5HQMWWV-XFQL5IT-PHP7PVE-XFWUVHK-F6WJ42C-OPMR4M7-GFNK3AG";
        "deertopia".id =
          "OO6XGGQ-SORH6XW-YEMN3T3-CSW5QOO-2IRB2QE-NZOL6JE-RAV36GS-WZXXLQV";
        "nixos-testbed".id =
          "BO3AESA-LBKMZW7-QFE7NTT-GF62DOA-PYUACYU-HNTNYI5-EMF6PAN-TR6YHAL";
        "sydpc".id =
          "XROSJRC-SLAAOTG-L3HQ5TT-WAKL5PJ-QAIFJEY-FUG5AAO-5ACBTA3-MGQQFQI";
      };
      readOnly = true;
      description = ''
        The read-only 'universe' of devices available.  A subset of these
        devices — those named by `sydnix.syncthing.includeDevices` — will be
        handed to Syncthing's module.  This should generally match the option of
        the same name in the Home-manager module, `sydnix.syncthing.devices`.
      '';
    };
    directories = lib.mkOption {
      type = lib.types.anything;
      default = {};
      description = ''
        Directly handed to `services.syncthing.settings.folders`.
      '';
    };
  };

  config = lib.mkIf cfg.enable {
    sydnix.impermanence.directories = [
      # Most notably, preserves the device ID.
      "/var/lib/syncthing"
    ];

    services.syncthing = {
      enable = true;
      openDefaultPorts = true;
      overrideDevices = true;
      overrideFolders = true;
      settings = {
        gui = {
          # TODO: Figure out how to read credentials from a file.
          # tls = true;
          user = "lain";
          password = "my-awesome-password";
        };
        devices =
          lib.filterAttrs
            (k: _v: builtins.elem k cfg.includeDevices)
            cfg.devices;
        folders = cfg.directories;
      };
    };
  };
}