From 3ebd680633a003f90f4705e8a042ffdc25483f3d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= <lelgenio@disroot.org>
Date: Tue, 24 Oct 2023 10:57:44 -0300
Subject: [PATCH] ghost: enable syncthing

---
 hosts/ghost.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/hosts/ghost.nix b/hosts/ghost.nix
index b0d2b5d..74e7eb6 100644
--- a/hosts/ghost.nix
+++ b/hosts/ghost.nix
@@ -94,6 +94,32 @@
     defaults.email = "lelgenio@disroot.org";
   };
 
+  services.syncthing = {
+    enable = true;
+    dataDir = "/var/lib/syncthing-data";
+    guiAddress = "0.0.0.0:8384";
+    openDefaultPorts = true;
+  };
+
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+  };
+  services.nginx.virtualHosts."syncthing.lelgenio.xyz" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:8384";
+      extraConfig =
+        # required when the target is also TLS server with multiple hosts
+        "proxy_ssl_server_name on;" +
+        # required when the server wants to use HTTP Authentication
+        "proxy_pass_header Authorization;"
+      ;
+    };
+  };
+
   networking.firewall.allowedTCPPorts = [ 80 443 ];
 
   swapDevices = [{