search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
17.28k stars 13.53k forks source link

nixos/syncthing: Can't declare devices in nixos config unless overrideDevice is false #326704

Open Redlonghead opened 1 month ago

Redlonghead commented 1 month ago

Describe the bug

When the option services.syncthing.overrideDevices is true you can not use services.syncthing.settings.devices to declare devices.

Steps To Reproduce

Steps to reproduce the behavior:

  1. Set a device under services.syncthing.settings.devices
  2. have the option services.syncthing.overrideDevices = true
  3. rebuild config

Expected behavior

Judging from the comment on the option I would be able to add the devices in a config permanently and add devices through the UI temporarily but the ones in the config would persist after a reboot.

Screenshots

If applicable, add screenshots to help explain your problem.

Additional context

My config for syncthing

services.syncthing = {
  enable = true;
  user = "beacon";
  dataDir = "/home/beacon";
  configDir = "/home/beacon/.config/syncthing/";
  overrideDevices = false;
  overrideFolders = true;

  key = config.sops.secrets."syncthing/CB-FW/key".path;
  cert = config.sops.secrets."syncthing/CB-FW/cert".path;

  settings = {
    devices = { "CB-SNAS-01" = { id = "<ID>"; }; };
    folders = {
      "CB-SRC" = {
        path = "~/src";
        devices = [ "CB-SNAS-01" ];
        ignorePerms = false;
      };
      "CB-Documents" = {
        path = "~/Documents";
        devices = [ "CB-SNAS-01" ];
      };
    };
  };
};

Notify maintainers

@Denperidge @johnhamelink

Metadata

Please run nix-shell -p nix-info --run "nix-info -m" and paste the result.

[user@system:~]$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 6.6.32, NixOS, 24.05 (Uakari), 24.05.20240531.63dacb4`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.18.2`
 - nixpkgs: `/nix/store/wzx1ba5hqqfa23vfrvqmfmkpj25p37mr-source`

Add a :+1: reaction to issues you find important.

eclairevoyant commented 1 month ago

Just to make sure, are those secrets listed above readable by the service user?

Redlonghead commented 1 month ago

Yes as I have those secrets owned by my user (beacon) and group of syncthing. I just followed the perms of the key and cert when they were first created so I have not had any problems so far.

Redhawk18 commented 3 weeks ago

I just ran into this issue

https://discourse.nixos.org/t/syncthing-client-side/50677/2

for me it seems like its impossible to declare shares on the client side.

Denperidge commented 3 weeks ago

Oh, I seemed to have missed the original notification, my apologies! I’ll try to take a look at how possible this is to implement Oh, I thought this was a feature request, but that is just how the original module is supposed to function. Definitely gotta look into that!

Denperidge commented 3 weeks ago

@Redhawk18 To double check: have you set overrideFolders to false? It is set to true by default, and would as such remove GUI-set shares by default. If you already did/the problem is elsewhere, can you post any relevant logs/output/screenshots/errors?

Redhawk18 commented 2 weeks ago

@Redhawk18 To double check: have you set overrideFolders to false? It is set to true by default, and would as such remove GUI-set shares by default. If you already did/the problem is elsewhere, can you post any relevant logs/output/screenshots/errors?

The aren't really any logs, the problem is the declarative options don't work on nixos for the client side. I believe I may be telling it to host two server folders? However what I linked made sense when I wrote it.

I turned off the override and did everything without nix and moved on.

Denperidge commented 2 weeks ago

@Redhawk18 To double check: have you set overrideFolders to false? It is set to true by default, and would as such remove GUI-set shares by default. If you already did/the problem is elsewhere, can you post any relevant logs/output/screenshots/errors?

The aren't really any logs, the problem is the declarative options don't work on nixos for the client side. I believe I may be telling it to host two server folders? However what I linked made sense when I wrote it.

I turned off the override and did everything without nix and moved on.

I'll try to replicate the problem. Keep you posted!

Redhawk18 commented 2 weeks ago

Thanks, I don't know if you can reproduce the problem with out two computers.

AidanRB commented 2 weeks ago

I'm having this issue as well. Two machines with basically identical configuration, here is one:

    syncthing = {
      enable = true;
      openDefaultPorts = true;
      settings = {
        options.relaysEnabled = false;
        folders.mariabackup = {
          path = "/backup/mariabackup";
          type = "sendonly";
          devices = [ "machine2" ];
        };

        devices.machine2 = {
          addresses = [ "tcp://address.for.machine2" ];
          id = "O73QLPW-machine2-id";
        };
      };
    };

In journalctl:

Connection from O73QLPW-machine2-id at address.for.machine1:22000 (tcp-server) rejected: unknown device
Established secure connection to O73QLPW at address.for.machine2:22000-address.for.machine1:22000/tcp-client/TLS1.3-...
Device O73QLPW client is "syncthing v1.27.9" named "" ...
Lost primary connection to O73QLPW at ... : reading length: EOF (0 remain)
Connection to O73QLPW at ... closed: reading length: EOF
Connection from O73QLPW-machine2-id ... rejected: unknown device