chore: activate syncthing on several machines

chore: update readme
2025-03-22 20:00:54 +01:00 · 2025-01-25 16:49:42 +01:00 · 2025-01-25 16:48:53 +01:00
7 changed files with 122 additions and 21 deletions
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-# My NixOS Configurations ❄ 
+# Snowfield ❄ 
 [![Build status](https://ci.julienmalka.me/badges/JulienMalka_snowfield_nix-eval.svg)](https://ci.julienmalka.me/#/builders/16) [![built with nix](https://img.shields.io/static/v1?logo=nixos&logoColor=white&label=&message=Built%20with%20Nix&color=41439a)](https://builtwithnix.org)

 This repository contains the configurations of my machines using NixOS. 
@ -7,19 +7,6 @@ This repository contains the configurations of my machines using NixOS.

 NixOS is a linux distribution based on the Nix package manager. It allows fully reproducible builds and a declarative configuration style, using a functionnal langage called Nix (yes, it is the same name as the package manager and the OS).

-### *What is a flake ?*
-
-This whole repository is a flake. It is an experimental feature of Nix, allowing for pure evaluation of code. Dependency are fully specified and locked.
-
-### *How does this work ?*
-
-#### Machines 
-
-This project manage the configuration of three machines :
- **Macintosh**, a thinkpad laptop,
- **Lisa**, a high performance server,
- **Newton**, a low performance stockage server.
-
 Machines configurations are located in the machines folder, and are using all the custom modules defined in this project.

 #### Modules
@ -28,7 +15,7 @@ This configuration defines a number of custom NixOS and home-manager modules. Th

 #### Secrets

-Secrets are stored in the secrets folder. They are uncrypted upon system activation using the host ssh key. Secrets are managed using nix-sops.
+Secrets are stored in the secrets folder. They are uncrypted upon system activation using the host ssh key. Secrets are managed using agenix.

 ### Inspirations 

--- a/machines/gallifrey/default.nix
+++ b/machines/gallifrey/default.nix
@ -10,6 +10,7 @@
  imports = [
    ./hardware.nix
    ./home-julien.nix
+    ./syncthing.nix
  ];

  machine.meta = {
@ -26,7 +27,8 @@

  networking.networkmanager.enable = true;

-  programs.ssh.knownHosts."epyc.infra.newtype.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXT9Init1MhKt4rjBANLq0t0bPww/WQZ96uB4AEDrml";
+  programs.ssh.knownHosts."epyc.infra.newtype.fr".publicKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXT9Init1MhKt4rjBANLq0t0bPww/WQZ96uB4AEDrml";

  networking.networkmanager.dns = "systemd-resolved";
  services.resolved.enable = true;
--- a/machines/gallifrey/home-julien.nix
+++ b/machines/gallifrey/home-julien.nix
@ -122,7 +122,6 @@
    home.persistence."/persistent/home/julien" = {
      files = [
        ".config/gnome-initial-setup-done"
-        ".config/monitors.xml"
        ".config/background"
        ".cert/nm-openvpn/telecom-paris-ca.pem"
        ".local/share/com.ranfdev.Notify.sqlite"
@ -131,8 +130,8 @@
        "Pictures"
        "Documents"
        ".ssh"
-        "dev"
        ".mozilla"
+        "devold"
        ".config/cosmic"
        ".local/share/direnv"
        ".local/state/cosmic-comp"
--- a/machines/gallifrey/syncthing.nix
+++ b/machines/gallifrey/syncthing.nix
@ -0,0 +1,52 @@
+{ config, ... }:
+{
+  services.syncthing = {
+    enable = true;
+    user = "julien";
+    group = "users";
+    overrideDevices = true;
+    overrideFolders = true;
+
+    settings.options = {
+      urAccepted = -1;
+      listenAddresses = [ "tcp://${config.machine.meta.ips.vpn.ipv4}" ];
+    };
+
+    devices = {
+      "gustave" = {
+        id = "6APF3EP-TIV7ZBK-5WB5SA4-Y2K37CR-AMIB2TM-6T2VORK-UYNQO2X-TO6V2QH";
+        addresses = [
+          "tcp://gustave.luj:22000"
+        ];
+      };
+
+      "fischer" = {
+        id = "PLIMD3Z-L4DYKDB-MY4PFTS-3RMQUNF-GFWFOBB-SELW6MB-WIQJ2LM-QAC45QQ";
+        addresses = [
+          "tcp://fischer.luj:22000"
+        ];
+      };
+
+    };
+    folders = {
+      "dev" = {
+        path = "/home/julien/dev";
+        devices = [
+          "gustave"
+          "fischer"
+        ];
+      };
+    };
+  };
+
+  systemd.services.syncthing.serviceConfig.StateDirectory = "syncthing";
+  systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
+  environment.persistence."/persistent".directories = [
+    {
+      directory = "/home/julien/dev";
+      user = "julien";
+      group = "users";
+    }
+  ];
+
+}
--- a/machines/gustave/default.nix
+++ b/machines/gustave/default.nix
@ -47,6 +47,7 @@

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
+  programs.fuse.userAllowOther = true;

  deployment.tags = [ "server" ];

--- a/machines/gustave/home-julien.nix
+++ b/machines/gustave/home-julien.nix
@ -1,4 +1,45 @@
-_:
+{ pkgs, ... }:
 {
-  luj.hmgr.julien = { };
+  luj.hmgr.julien = {
+
+    home.persistence."/persistent/home/julien" = {
+      files = [
+        ".config/gnome-initial-setup-done"
+        ".config/background"
+        ".cert/nm-openvpn/telecom-paris-ca.pem"
+        ".local/share/com.ranfdev.Notify.sqlite"
+      ];
+      directories = [
+        "Pictures"
+        "Documents"
+        ".ssh"
+        ".mozilla"
+        "devold"
+        ".config/cosmic"
+        ".local/share/direnv"
+        ".local/state/cosmic-comp"
+        ".local/share/atuin"
+        ".local/share/firefoxpwa"
+        ".config/Signal"
+        ".cache/spotify"
+        ".config/spotify"
+        ".config/autostart"
+        ".config/borg"
+        ".config/pika-backup"
+        ".config/Element"
+        ".step"
+        ".emacs.d"
+        ".gnupg"
+        "Zotero"
+        ".config/dconf"
+        ".local/share/keyrings"
+        ".cache/mu"
+        "Maildir"
+      ];
+      allowOther = true;
+    };
+
+    home.stateVersion = "23.11";
+    home.packages = [ pkgs.hello ];
+  };
 }
--- a/machines/gustave/syncthing.nix
+++ b/machines/gustave/syncthing.nix
@ -14,7 +14,16 @@

    devices = {
      "fischer" = {
-        id = "XEPZZIP-GX73OKE-KNGZA47-XWWGI5G-LNXPU57-BMLXK5M-VNGS5UQ-ZFIZSAK";
+        id = "PLIMD3Z-L4DYKDB-MY4PFTS-3RMQUNF-GFWFOBB-SELW6MB-WIQJ2LM-QAC45QQ";
+        addresses = [
+          "tcp://fischer.luj:22000"
+        ];
+      };
+      "gallifrey" = {
+        id = "P3BTFAX-4MCSFQB-C5R5YBP-YGMJ6FU-OKJN4QG-MJ2BV6Y-YB4U7VL-3GFSTAM";
+        addresses = [
+          "tcp://gallifrey.luj:22000"
+        ];
      };
    };
    folders = {
@ -22,6 +31,7 @@
        path = "/home/julien/dev";
        devices = [
          "fischer"
+          "gallifrey"
        ];
      };
    };
@ -29,4 +39,13 @@

  systemd.services.syncthing.serviceConfig.StateDirectory = "syncthing";
  systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
+
+  environment.persistence."/persistent".directories = [
+    {
+      directory = "/home/julien/dev";
+      user = "julien";
+      group = "users";
+    }
+  ];
+
 }
Author	SHA1	Message	Date
Julien Malka	5b249c58e5	chore: activate syncthing on several machines	2025-01-25 16:49:42 +01:00
Julien Malka	9214bed77f	chore: update readme	2025-01-25 16:48:53 +01:00