{config, ...}: let ports = import ./Ports.nix; rootDomain = config.networking.domain; in { services.syncthing = { enable = true; guiAddress = "0.0.0.0:${toString ports.syncthing-gui}"; openDefaultPorts = true; systemService = true; configDir = "/var/lib/syncthing/.config/syncthing"; # Default settings for new users settings = { options = { relaysEnabled = true; urAccepted = -1; # Usage reporting: -1 = not decided, 0 = no, 1 = yes }; }; }; # Configure nginx as a reverse proxy for the Syncthing GUI services.nginx.virtualHosts."syncthing.${rootDomain}" = { forceSSL = true; enableACME = true; locations."/" = { proxyPass = "http://localhost:${toString ports.syncthing-gui}/"; proxyWebsockets = true; extraConfig = '' proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 600s; proxy_send_timeout 600s; ''; }; }; }