SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 14:01:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Assert proper private usage of syncthing and filebrowser

Browse source
This commit is contained in:
SebastianStork 2025-10-12 01:56:41 +02:00
parent 28d36e71a1
commit 9996a3370f
2 changed files with 12 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/system/services/syncthing.nix
View file

@ -45,7 +45,11 @@ in
}
{
assertion = cfg.doBackups -> cfg.isServer;
message = "Syncthing backups can only be performed on a server.";
message = "Syncthing backups should only be performed on a server.";
}
{
assertion = cfg.gui.domain |> lib.hasSuffix tailscaleCfg.domain;
message = "The syncthing gui isn't yet configured with access controll.";
}
];

7
modules/system/web-services/filebrowser.nix
View file

@ -27,6 +27,13 @@ in
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = cfg.domain |> lib.hasSuffix config.custom.services.tailscale.domain;
message = "Filebrowser isn't yet configured with access controll.";
}
];
warnings = lib.optional (lib.pathExists "${modulesPath}/services/web-apps/filebrowser.nix") "TODO: Use filebrowser module from stable nixpkgs";
meta = {