From 17bfb62adce28119c59e33dcc092bb525c961864 Mon Sep 17 00:00:00 2001
From: Patrick Stevens <3138005+Smaug123@users.noreply.github.com>
Date: Sun, 12 Oct 2025 11:05:01 +0100
Subject: [PATCH] Syncthing (#47)

---
 PulumiWebServer/Domain.fs                     |  3 ++
 PulumiWebServer/Nix/configuration.nix         |  3 ++
 .../Nix/syncthing/syncthing-config.nix        | 41 +++++++++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 PulumiWebServer/Nix/syncthing/syncthing-config.nix

diff --git a/PulumiWebServer/Domain.fs b/PulumiWebServer/Domain.fs
index 14ad983..fa60de6 100644
--- a/PulumiWebServer/Domain.fs
+++ b/PulumiWebServer/Domain.fs
@@ -105,6 +105,7 @@ type WellKnownSubdomain =
     | PureGym
     | Whisper
     | Robocop
+    | Syncthing
 
     override this.ToString () =
         match this with
@@ -119,6 +120,7 @@ type WellKnownSubdomain =
         | WellKnownSubdomain.PureGym -> "puregym"
         | WellKnownSubdomain.Whisper -> "whisper"
         | WellKnownSubdomain.Robocop -> "robocop"
+        | WellKnownSubdomain.Syncthing -> "syncthing"
 
     static member Parse (s : string) =
         match s with
@@ -133,6 +135,7 @@ type WellKnownSubdomain =
         | "puregym" -> WellKnownSubdomain.PureGym
         | "whisper" -> WellKnownSubdomain.Whisper
         | "robocop" -> WellKnownSubdomain.Robocop
+        | "syncthing" -> WellKnownSubdomain.Syncthing
         | _ -> failwith $"Failed to deserialise: {s}"
 
 
diff --git a/PulumiWebServer/Nix/configuration.nix b/PulumiWebServer/Nix/configuration.nix
index 924f34c..f4d2435 100644
--- a/PulumiWebServer/Nix/configuration.nix
+++ b/PulumiWebServer/Nix/configuration.nix
@@ -9,6 +9,7 @@ in {
     ./sops.nix
     ./apps/apps.nix
     ./radicale/radicale-config.nix
+    ./syncthing/syncthing-config.nix
     ./gitea/gitea-config.nix
     ./miniflux/miniflux.nix
     ./userconfig.nix
@@ -48,6 +49,8 @@ in {
   services.apps-config.domain = userConfig.domain;
   # services.whisper-config.domain = userConfig.domain;
   # services.whisper-config.subdomain = "whisper";
+  services.syncthing-config.subdomain = "syncthing";
+  services.syncthing-config.domain = userConfig.domain;
 
   services.journald.extraConfig = "SystemMaxUse=100M";
 
diff --git a/PulumiWebServer/Nix/syncthing/syncthing-config.nix b/PulumiWebServer/Nix/syncthing/syncthing-config.nix
new file mode 100644
index 0000000..8ca8bda
--- /dev/null
+++ b/PulumiWebServer/Nix/syncthing/syncthing-config.nix
@@ -0,0 +1,41 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}: {
+  options = {
+    services.syncthing-config = {
+      domain = lib.mkOption {
+        type = lib.types.str;
+        example = "example.com";
+        description = lib.mdDoc "Top-level domain to configure";
+      };
+      subdomain = lib.mkOption {
+        type = lib.types.str;
+        example = "syncthing";
+        description = lib.mdDoc "Subdomain in which to put Syncthing";
+      };
+      port = lib.mkOption {
+        type = lib.types.port;
+        description = lib.mdDoc "Syncthing localhost port";
+        default = 8384;
+      };
+    };
+  };
+  config = let
+    filesystem_folder = "/preserve/syncthing/";
+  in {
+    services.syncthing = {
+      enable = true;
+      user = "syncthing";
+      dataDir = "${filesystem_folder}/data"; # Default folder for new synced folders
+      configDir = "${filesystem_folder}/config"; # Folder for Syncthing's settings and keys
+      openDefaultPorts = true;
+    };
+
+    systemd.services.syncthing.serviceConfig.ReadWritePaths = [filesystem_folder];
+
+    systemd.tmpfiles.rules = ["d ${filesystem_folder} 0750 syncthing syncthing -"];
+  };
+}