From ca5ddcee93a3722cbaf4a54ab77142b61a3f8054 Mon Sep 17 00:00:00 2001 From: a-kenji Date: Wed, 23 Apr 2025 07:40:44 +0200 Subject: [PATCH] clanModules/syncthing: Fix vars usage This fixes vars usage in the syncthing module. Also removes some of the assumptions that were made in order for `sysuser` to work, as we now use `userborn` for the vm functionality. --- clanModules/syncthing/shared.nix | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/clanModules/syncthing/shared.nix b/clanModules/syncthing/shared.nix index 0e172c0b1..ba1df47a3 100644 --- a/clanModules/syncthing/shared.nix +++ b/clanModules/syncthing/shared.nix @@ -13,8 +13,8 @@ ''; type = lib.types.nullOr lib.types.str; example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS"; - default = config.clan.core.vars.services.syncthing.files."syncthing.pub".value; - defaultText = "config.clan.core.vars.services.syncthing.files.\"syncthing.pub\".value"; + default = config.clan.core.vars.generators.syncthing.files."syncthing.pub".value; + defaultText = "config.clan.core.vars.generators.syncthing.files.\"syncthing.pub\".value"; }; introducer = lib.mkOption { description = '' @@ -79,7 +79,6 @@ services.syncthing = { enable = true; - configDir = "/var/lib/syncthing"; overrideFolders = lib.mkDefault ( if (config.clan.syncthing.introducer == null) then true else false @@ -88,17 +87,13 @@ if (config.clan.syncthing.introducer == null) then true else false ); - dataDir = lib.mkDefault "/home/user/"; - - group = "syncthing"; - - key = lib.mkDefault config.clan.secrets.syncthing.secrets."syncthing.key".path or null; - cert = lib.mkDefault config.clan.secrets.syncthing.secrets."syncthing.cert".path or null; + key = lib.mkDefault config.clan.core.vars.generators.syncthing.files."syncthing.key".path or null; + cert = lib.mkDefault config.clan.core.vars.generators.syncthing.files."syncthing.cert".path or null; settings = { options = { urAccepted = -1; - allowedNetworks = [ config.clan.core.networking.zerotier.subnet ]; + allowedNetworks = [ ]; }; devices = { } @@ -176,12 +171,11 @@ set -efu pipefail APIKEY=$(cat ${apiKey}) - ${lib.getExe pkgs.gnused} -i "s/.*<\/apikey>/$APIKEY<\/apikey>/" /var/lib/syncthing/config.xml + ${lib.getExe pkgs.gnused} -i "s/.*<\/apikey>/$APIKEY<\/apikey>/" ${config.services.syncthing.configDir}/config.xml # sudo systemctl restart syncthing.service systemctl restart syncthing.service ''; serviceConfig = { - WorkingDirectory = "/var/lib/syncthing"; BindReadOnlyPaths = [ apiKey ]; Type = "oneshot"; }; @@ -189,9 +183,12 @@ clan.core.vars.generators.syncthing = { migrateFact = "syncthing"; - files."syncthing.key" = { }; - files."syncthing.cert" = { }; - files."syncthing.api" = { }; + files."syncthing.key".group = config.services.syncthing.group; + files."syncthing.key".owner = config.services.syncthing.user; + files."syncthing.cert".group = config.services.syncthing.group; + files."syncthing.cert".owner = config.services.syncthing.user; + files."syncthing.api".group = config.services.syncthing.group; + files."syncthing.api".owner = config.services.syncthing.user; files."syncthing.pub".secret = false; runtimeInputs = [ pkgs.coreutils