Syncthing: Difference between revisions
Added 'declarative node IDs' section |
→Declarative node IDs: add instructions to generate key.pem and cert.pem |
||
| Line 87: | Line 87: | ||
You can optionally include the key.pem and cert.pem files in the NixOS configuration using a tool like sops-nix. See [[Comparison of secret managing schemes]]. | You can optionally include the key.pem and cert.pem files in the NixOS configuration using a tool like sops-nix. See [[Comparison of secret managing schemes]]. | ||
To generate a new key.cert and key.pem for a deployment, you can use the -generate argument: | |||
<syntaxhighlight lang="bash">$ nix-shell -p syncthing --run "syncthing -generate=myconfig" | |||
2024/04/23 11:41:17 INFO: Generating ECDSA key and certificate for syncthing... | |||
2024/04/23 11:41:17 INFO: Device ID: DMWVMM6-MKEQVB4-I4UZTRH-5A6E24O-XHQTL3K-AAI5R5L-MXNMUGX-QTGRHQ2 | |||
2024/04/23 11:41:17 INFO: Default folder created and/or linked to new config | |||
$ ls myconfig/ | |||
cert.pem config.xml key.pem</syntaxhighlight> | |||
== Disable default sync folder == | == Disable default sync folder == | ||
Syncthing creates a ‘Sync’ folder in your home directory every time it regenerates a configuration (even if your declarative configuration does not have this folder). You can disable that by setting the STNODEFAULTFOLDER environment variable: | Syncthing creates a ‘Sync’ folder in your home directory every time it regenerates a configuration (even if your declarative configuration does not have this folder). You can disable that by setting the STNODEFAULTFOLDER environment variable: | ||
< | <syntaxhighlight lang="nix">systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; # Don't create default ~/Sync folder</syntaxhighlight> | ||
== Home-manager service == | == Home-manager service == | ||