1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
{ config, lib, pkgs, ... }:
let
cfg = config.ctucxConfig.services.syncthingWithNginx;
in {
options = {
ctucxConfig.services.syncthingWithNginx = {
enable = lib.mkEnableOption "syncthing with nginx reverse-proxy";
};
};
config = lib.mkIf cfg.enable {
ctucxConfig.services.syncthing.enable = true;
dns.zones."ctu.cx".subdomains."syncthing.${config.networking.hostName}".CNAME = [ "${config.networking.fqdn}." ];
systemd.services.syncthing.onFailure = [ "email-notify@%i.service" ];
services = {
syncthing = {
guiAddress = "[::1]:8384";
settings.gui.insecureSkipHostcheck = true;
};
nginx = {
enable = true;
virtualHosts."syncthing.${config.networking.hostName}.ctu.cx" = {
enableACME = true;
forceSSL = true;
kTLS = true;
locations."/".proxyPass = "http://${toString config.services.syncthing.guiAddress}";
};
};
};
};
}