Enable backups of syncthing state on alto

2026-01-21 21:01:34 +01:00 · 2025-04-13 13:54:24 +02:00 · 2025-04-13 13:54:24 +02:00 · 5fb05b38a4
commit 5fb05b38a4
parent 4bf2aef5cf
3 changed files with 49 additions and 0 deletions
--- a/modules/system/syncthing/backups.nix
+++ b/modules/system/syncthing/backups.nix
@ -0,0 +1,48 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+let
+  cfg = config.myConfig.syncthing;
+in
+{
+  options.myConfig.syncthing.backups.enable = lib.mkEnableOption "";
+
+  config = lib.mkIf cfg.backups.enable {
+    assertions = [
+      {
+        assertion = cfg.isServer;
+        message = "syncthing backups can only be made on a server";
+      }
+    ];
+
+    myConfig.resticBackup.syncthing = {
+      healthchecks.enable = true;
+
+      extraConfig = {
+        backupPrepareCommand = ''
+          ${lib.getExe' pkgs.systemd "systemctl"} stop syncthing.service
+        '';
+        backupCleanupCommand = ''
+          ${lib.getExe' pkgs.systemd "systemctl"} start syncthing.service
+        '';
+        paths = [ "/var/lib/syncthing" ];
+      };
+    };
+
+    environment.systemPackages = [
+      (pkgs.writeShellApplication {
+        name = "syncthing-restore";
+        text = ''
+          sudo bash -c "
+            systemctl stop syncthing.service
+            restic-syncthing restore latest --target /
+            systemctl start syncthing.service
+          "
+        '';
+      })
+    ];
+  };
+}
--- a/modules/system/syncthing/default.nix
+++ b/modules/system/syncthing/default.nix
@ -0,0 +1,73 @@
+{
+  config,
+  self,
+  lib,
+  ...
+}:
+let
+  cfg = config.myConfig.syncthing;
+in
+{
+  options.myConfig.syncthing = {
+    enable = lib.mkEnableOption "";
+    isServer = lib.mkEnableOption "";
+    deviceId = lib.mkOption {
+      type = lib.types.nonEmptyStr;
+      default = "";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.syncthing = {
+      enable = true;
+
+      user = lib.mkIf (!cfg.isServer) "seb";
+      group = lib.mkIf (!cfg.isServer) "users";
+      dataDir = lib.mkIf (!cfg.isServer) "/home/seb";
+
+      guiAddress = lib.mkIf cfg.isServer "0.0.0.0:8384";
+
+      settings = {
+        # Get the devices and their ids from the configs of the other hosts
+        devices =
+          self.nixosConfigurations
+          |> lib.filterAttrs (name: _: name != config.networking.hostName)
+          |> lib.filterAttrs (_: value: value.config.myConfig.syncthing.enable)
+          |> lib.mapAttrs (
+            name: value: {
+              id = value.config.myConfig.syncthing.deviceId;
+              addresses = [ "tcp://${name}.${value.config.networking.domain}:22000" ];
+            }
+          );
+
+        folders =
+          let
+            genFolders =
+              folders:
+              lib.genAttrs folders (name: {
+                path = "${config.services.syncthing.dataDir}/${name}";
+                ignorePerms = false;
+                devices = lib.attrNames config.services.syncthing.settings.devices;
+              });
+          in
+          genFolders [
+            "Documents"
+            "Downloads"
+            "Music"
+            "Pictures"
+            "Projects"
+            "Videos"
+          ];
+
+        options = {
+          globalAnnounceEnabled = false;
+          localAnnounceEnabled = false;
+          relaysEnabled = false;
+          natEnabled = false;
+          urAccepted = -1;
+          autoUpgradeIntervalH = 0;
+        };
+      };
+    };
+  };
+}