# https://nixos.wiki/wiki/Syncthing

# Manually create syncthing.settings.folders.<name>.path and chown it to user/group `syncthing`
# before starting the Syncthing service.

# You can get your device id with:
#   sudo cat /var/lib/syncthing/.config/syncthing/config.xml | grep 'device id="'

{ config, pkgs, ... }:
{
  # Create user/group to be used by services.syncthing.user/group setting.
  users.users."www-data" = {
    group = "www-data";
    uid = 82;
  };
  users.groups."www-data".gid = 82;

  services = {
    syncthing = {
      enable = true;

      # Optionally change user and group.
      # This can be useful if your data directories shall belong to a different user/group.
      user = "82"; # Default: syncthing
      group = "82"; # Default: syncthing

      # Whether to open the default ports in the firewall: TCP/UDP 22000 for transfers and UDP 21027 for discovery.
      # With this enabled, the connection type of other syncthing clients in the same WiFi/LAN is "TCP LAN" and not "WAN Relay".
      openDefaultPorts = true;
      overrideDevices = true;     # overrides any devices added or deleted through the WebUI
      overrideFolders = true;     # overrides any folders added or deleted through the WebUI
      settings.devices = {
        "yodaTux" = { id = "AKAIZ66-G67WC4J-WEYBOGF-TNXWBT3-BCSETRQ-2BEHCT7-GSZQRWP-IGXKSQK"; };
        "yodaTab" = { id = "WKVVVEY-P7QCRKU-HO4QHHM-B4H5NC2-I3UG2TU-UEIUACZ-ZJEAVUY-4Q6FVQV"; };
        "yodaEnchilada" = { id = "UFLO2X5-3TFPLQM-GEKIQ27-75U3UP4-7OKBEV5-KNXLVBG-7Y5VFY6-DKDRAAN"; };
        "yodaA5xelte" = { id = "VYIC3PU-DUISUJT-BRFEDUB-BVGYK5W-M37ZH4I-S7DWWWA-LMBVPST-BJFL6Q5"; };
        "susanLaptop" = { id = "5VT2TZP-FCSREZY-BQTLWHP-VGYAQE3-A3HXOC2-N3S75Z2-TUFJWRZ-HHPQJQW"; };
        "susanHandy" = { id = "VEIKGQM-WVEQ2L2-RZQ5PHD-QII5N6D-42COGCA-NHICJKY-OX4LRRI-O3A7MAH"; };
        "sarahHandy" = { id = "VBRXT7I-7TR7KOZ-YEZFSZY-D7IEBDC-5V6TFUU-7HD2MOF-T6DYWDZ-LDHH7QK"; };
      };
      settings.folders = {
        # Name of folder in Syncthing, also the folder ID.
        # My personal Obsidian vault.
        "Notes" = {
          # Path to shared folder.
          path = "/mnt/data/jc-data/cloud.privacy1st.de/files_ncp/Notes";
          # Which devices to share the folder with.
          devices = [ "yodaTux" "yodaTab" "yodaEnchilada" "yodaA5xelte" ];
        };
        # My personal tasklist.
        "Tasks" = {
          path = "/mnt/data/jc-data/cloud.privacy1st.de/files_ncp/Tasks";
          devices = [ "yodaTux" "yodaTab" "yodaEnchilada" "yodaA5xelte" ];
        };
        # Obsidian vault of travel blog.
        "TravelDiary" = {
          path = "/mnt/data/jc-data/cloud.privacy1st.de/files_ncp/TravelDiary";
          devices = [ "yodaTux" "sarahHandy" ];
        };
        # Obsidian vault of Susan.
        "Obsidian" = {
          path = "/mnt/data/jc-data/cloud.privacy1st.de/files_susan/Obsidian";
          devices = [ "susanLaptop" "susanHandy" ];
        };
      };
    };
  };
}