From 5a5f7ed62dd6725f2cec0bb3c501d008433d91fb Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Fri, 10 Oct 2025 02:03:44 -0500
Subject: [PATCH] feat: added syncthing

---
 modules/config/instances/config/syncthing.nix |  1 +
 modules/nixos/services/forgejo/default.nix    | 28 +++++++++----------
 modules/nixos/services/postgresql/default.nix | 14 ++--------
 modules/nixos/services/syncthing/default.nix  | 22 +++++++++++----
 4 files changed, 34 insertions(+), 31 deletions(-)

diff --git a/modules/config/instances/config/syncthing.nix b/modules/config/instances/config/syncthing.nix
index b18d577..5f32a34 100755
--- a/modules/config/instances/config/syncthing.nix
+++ b/modules/config/instances/config/syncthing.nix
@@ -21,6 +21,7 @@ in
   };
   paths = {
     path0 = "${varLib}/${name}";
+    path1 = "${varLib}/${name}/backups";
   };
   domains = {
     url0 = domain;
diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix
index 79c484e..1a0572a 100755
--- a/modules/nixos/services/forgejo/default.nix
+++ b/modules/nixos/services/forgejo/default.nix
@@ -6,16 +6,17 @@
 }:
 let
   inherit (flake.config.machines.devices) ceres;
-  inherit (flake.config.services.instances)
-    smtp
-    forgejo
-    syncthing
-    web
+  inherit (flake.config.services)
+    instances
     ;
-  service = forgejo;
-  localhost = web.localhost.address0;
+  service = instances.forgejo;
+  localhost = instances.web.localhost.address0;
   host = service.domains.url0;
-  backupPath = "${syncthing.paths.path0}/postgres-backups/${service.name}";
+
+  caddy = instances.caddy;
+  postgres = instances.postgresql;
+  syncthing = instances.syncthing;
+  backupPath = "${instances.syncthing.paths.path1}/${service.name}";
 in
 {
   services = {
@@ -51,11 +52,11 @@ in
         };
         mailer = {
           ENABLED = true;
-          SMTP_ADDR = smtp.hostname;
+          SMTP_ADDR = instances.smtp.hostname;
           FROM = service.email.address0;
           USER = service.email.address0;
           PROTOCOL = "smtp+starttls";
-          SMTP_PORT = smtp.ports.port0;
+          SMTP_PORT = instances.smtp.ports.port0;
           SEND_AS_PLAIN_TEXT = true;
           USE_CLIENT_CERT = false;
         };
@@ -117,13 +118,12 @@ in
   systemd.tmpfiles.rules = [
     "Z ${service.paths.path0} 755 ${service.name} ${service.name} -"
     "Z ${service.sops.path0} 755 ${service.name} ${service.name} -"
-    "d ${backupPath} 0750 ${service.name} ${syncthing.name} -"
   ];
 
   users.users.${service.name}.extraGroups = [
-    "caddy"
-    "postgres"
-    "syncthing"
+    caddy.name
+    postgres.name
+    syncthing.name
   ];
 
   networking = {
diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix
index 309cbbe..2cfa247 100755
--- a/modules/nixos/services/postgresql/default.nix
+++ b/modules/nixos/services/postgresql/default.nix
@@ -8,7 +8,7 @@ let
     ;
 
   service = instances.postgresql;
-  backupPath = "${instances.syncthing.paths.path0}/postgres-backups";
+  backupPath = "${instances.syncthing.paths.path1}/${service.name}";
 in
 {
   services = {
@@ -25,13 +25,6 @@ in
     };
     postgresql = {
       enable = true;
-      # ensureDatabases = [ firefly-iii.name ];
-      # ensureUsers = [
-      #   {
-      #     name = firefly-iii.name;
-      #     ensureDBOwnership = true;
-      #   }
-      # ];
     };
   };
   networking = {
@@ -53,14 +46,11 @@ in
     ];
   };
 
-  systemd.tmpfiles.rules = [
-    "d ${backupPath} 0750 ${service.name} ${instances.syncthing.name} -"
-  ];
-
   users.users.${service.name}.extraGroups = [
     instances.nextcloud.name
     instances.mastodon.name
     instances.forgejo.name
+    instances.syncthing.name
   ];
 
   system.activationScripts.postgresCommands = ''
diff --git a/modules/nixos/services/syncthing/default.nix b/modules/nixos/services/syncthing/default.nix
index 921efaa..98ee961 100755
--- a/modules/nixos/services/syncthing/default.nix
+++ b/modules/nixos/services/syncthing/default.nix
@@ -6,13 +6,15 @@ let
     mars
     ceres
     ;
-  inherit (flake.config.services.instances)
-    syncthing
-    web
+  inherit (flake.config.services)
+    instances
     ;
   hostname = config.networking.hostName;
-  localhost = web.localhost.address1;
-  service = syncthing;
+  localhost = instances.web.localhost.address1;
+  service = instances.syncthing;
+  postgres = instances.postgresql;
+  forgejo = instances.forgejo;
+  backupPath = "${service.paths.path1}";
 
   syncDevices = {
     synologySync = {
@@ -59,6 +61,16 @@ in
     };
   };
 
+  systemd.tmpfiles.rules = [
+    # Main syncthing directory
+    "d ${service.paths.path0} 0755 ${service.name} ${service.name} -"
+
+    # Backup directories
+    "d ${backupPath} 0755 ${service.name} ${service.name} -"
+    "d ${backupPath}/${postgres.name} 0755 ${postgres.name} ${service.name} -"
+    "d ${backupPath}/${forgejo.name} 0750 ${forgejo.name} ${service.name} -"
+  ];
+
   networking = {
     firewall = {
       allowedTCPPorts = [