chore: activate syncthing on several machines

README.md

@@ -1,4 +1,4 @@
-# My NixOS Configurations ❄ 
+# Snowfield ❄ 
 [![Build status](https://ci.julienmalka.me/badges/JulienMalka_snowfield_nix-eval.svg)](https://ci.julienmalka.me/#/builders/16) [![built with nix](https://img.shields.io/static/v1?logo=nixos&logoColor=white&label=&message=Built%20with%20Nix&color=41439a)](https://builtwithnix.org)
 
 This repository contains the configurations of my machines using NixOS. 
@@ -7,19 +7,6 @@ This repository contains the configurations of my machines using NixOS.
 
 NixOS is a linux distribution based on the Nix package manager. It allows fully reproducible builds and a declarative configuration style, using a functionnal langage called Nix (yes, it is the same name as the package manager and the OS).
 
-### *What is a flake ?*
-
-This whole repository is a flake. It is an experimental feature of Nix, allowing for pure evaluation of code. Dependency are fully specified and locked.
-
-### *How does this work ?*
-
-#### Machines 
-
-This project manage the configuration of three machines :
-- **Macintosh**, a thinkpad laptop,
-- **Lisa**, a high performance server,
-- **Newton**, a low performance stockage server.
-
 Machines configurations are located in the machines folder, and are using all the custom modules defined in this project.
 
 #### Modules
@@ -28,7 +15,7 @@ This configuration defines a number of custom NixOS and home-manager modules. Th
 
 #### Secrets
 
-Secrets are stored in the secrets folder. They are uncrypted upon system activation using the host ssh key. Secrets are managed using nix-sops.
+Secrets are stored in the secrets folder. They are uncrypted upon system activation using the host ssh key. Secrets are managed using agenix.
 
 ### Inspirations 
 

machines/gallifrey/default.nix

@@ -10,6 +10,7 @@
   imports = [
     ./hardware.nix
     ./home-julien.nix
+    ./syncthing.nix
   ];
 
   machine.meta = {
@@ -26,7 +27,8 @@
 
   networking.networkmanager.enable = true;
 
-  programs.ssh.knownHosts."epyc.infra.newtype.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXT9Init1MhKt4rjBANLq0t0bPww/WQZ96uB4AEDrml";
+  programs.ssh.knownHosts."epyc.infra.newtype.fr".publicKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXT9Init1MhKt4rjBANLq0t0bPww/WQZ96uB4AEDrml";
 
   networking.networkmanager.dns = "systemd-resolved";
   services.resolved.enable = true;

machines/gallifrey/home-julien.nix

@@ -122,7 +122,6 @@
     home.persistence."/persistent/home/julien" = {
       files = [
         ".config/gnome-initial-setup-done"
-        ".config/monitors.xml"
         ".config/background"
         ".cert/nm-openvpn/telecom-paris-ca.pem"
         ".local/share/com.ranfdev.Notify.sqlite"
@@ -131,8 +130,8 @@
         "Pictures"
         "Documents"
         ".ssh"
-        "dev"
         ".mozilla"
+        "devold"
         ".config/cosmic"
         ".local/share/direnv"
         ".local/state/cosmic-comp"

machines/gallifrey/syncthing.nix

@@ -0,0 +1,52 @@
+{ config, ... }:
+{
+  services.syncthing = {
+    enable = true;
+    user = "julien";
+    group = "users";
+    overrideDevices = true;
+    overrideFolders = true;
+
+    settings.options = {
+      urAccepted = -1;
+      listenAddresses = [ "tcp://${config.machine.meta.ips.vpn.ipv4}" ];
+    };
+
+    devices = {
+      "gustave" = {
+        id = "6APF3EP-TIV7ZBK-5WB5SA4-Y2K37CR-AMIB2TM-6T2VORK-UYNQO2X-TO6V2QH";
+        addresses = [
+          "tcp://gustave.luj:22000"
+        ];
+      };
+
+      "fischer" = {
+        id = "PLIMD3Z-L4DYKDB-MY4PFTS-3RMQUNF-GFWFOBB-SELW6MB-WIQJ2LM-QAC45QQ";
+        addresses = [
+          "tcp://fischer.luj:22000"
+        ];
+      };
+
+    };
+    folders = {
+      "dev" = {
+        path = "/home/julien/dev";
+        devices = [
+          "gustave"
+          "fischer"
+        ];
+      };
+    };
+  };
+
+  systemd.services.syncthing.serviceConfig.StateDirectory = "syncthing";
+  systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
+  environment.persistence."/persistent".directories = [
+    {
+      directory = "/home/julien/dev";
+      user = "julien";
+      group = "users";
+    }
+  ];
+
+}

machines/gustave/default.nix

@@ -47,6 +47,7 @@
 
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
+  programs.fuse.userAllowOther = true;
 
   deployment.tags = [ "server" ];
 

machines/gustave/home-julien.nix

@@ -1,4 +1,45 @@
-_:
+{ pkgs, ... }:
 {
-  luj.hmgr.julien = { };
+  luj.hmgr.julien = {
+
+    home.persistence."/persistent/home/julien" = {
+      files = [
+        ".config/gnome-initial-setup-done"
+        ".config/background"
+        ".cert/nm-openvpn/telecom-paris-ca.pem"
+        ".local/share/com.ranfdev.Notify.sqlite"
+      ];
+      directories = [
+        "Pictures"
+        "Documents"
+        ".ssh"
+        ".mozilla"
+        "devold"
+        ".config/cosmic"
+        ".local/share/direnv"
+        ".local/state/cosmic-comp"
+        ".local/share/atuin"
+        ".local/share/firefoxpwa"
+        ".config/Signal"
+        ".cache/spotify"
+        ".config/spotify"
+        ".config/autostart"
+        ".config/borg"
+        ".config/pika-backup"
+        ".config/Element"
+        ".step"
+        ".emacs.d"
+        ".gnupg"
+        "Zotero"
+        ".config/dconf"
+        ".local/share/keyrings"
+        ".cache/mu"
+        "Maildir"
+      ];
+      allowOther = true;
+    };
+
+    home.stateVersion = "23.11";
+    home.packages = [ pkgs.hello ];
+  };
 }

machines/gustave/syncthing.nix

@@ -14,7 +14,16 @@
 
     devices = {
       "fischer" = {
-        id = "XEPZZIP-GX73OKE-KNGZA47-XWWGI5G-LNXPU57-BMLXK5M-VNGS5UQ-ZFIZSAK";
+        id = "PLIMD3Z-L4DYKDB-MY4PFTS-3RMQUNF-GFWFOBB-SELW6MB-WIQJ2LM-QAC45QQ";
+        addresses = [
+          "tcp://fischer.luj:22000"
+        ];
+      };
+      "gallifrey" = {
+        id = "P3BTFAX-4MCSFQB-C5R5YBP-YGMJ6FU-OKJN4QG-MJ2BV6Y-YB4U7VL-3GFSTAM";
+        addresses = [
+          "tcp://gallifrey.luj:22000"
+        ];
       };
     };
     folders = {
@@ -22,6 +31,7 @@
         path = "/home/julien/dev";
         devices = [
           "fischer"
+          "gallifrey"
         ];
       };
     };
@@ -29,4 +39,13 @@
 
   systemd.services.syncthing.serviceConfig.StateDirectory = "syncthing";
   systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
+
+  environment.persistence."/persistent".directories = [
+    {
+      directory = "/home/julien/dev";
+      user = "julien";
+      group = "users";
+    }
+  ];
+
 }