Package: guix-patches;
Reported by: Zacchaeus <eikcaz <at> zacchae.us>
Date: Fri, 31 Jan 2025 04:18:03 UTC
Severity: normal
Tags: patch
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 75959 in the body.
You can then email your comments to 75959 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 31 Jan 2025 04:18:03 GMT) Full text and rfc822 format available.Zacchaeus <eikcaz <at> zacchae.us>:guix-patches <at> gnu.org.
(Fri, 31 Jan 2025 04:18:04 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus <eikcaz <at> zacchae.us> To: guix-patches <at> gnu.org Subject: [PATCH] (home-)syncthing-service: added support for config serialization Date: Thu, 30 Jan 2025 13:59:12 -0800
From 48c227546ea15aadbd5f5832d8cd30887f65ace9 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH] (home-)syncthing-service: added support for config
serialization
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
doc/guix.texi | 281 ++++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 459 +++++++++++++++++++++++++++++++-
3 files changed, 752 insertions(+), 5 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..966fe852a4 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22669,8 +22670,284 @@ This assumes that the specified group exists.
Common configuration and data directory. The default configuration
directory is @file{$HOME} of the specified Syncthing @code{user}.
-@end table
-@end deftp
+@item @code{syncthing-config-file} (default: @var{#f})
+Either a file-like object that resolves to a syncthing configuraton xml
+file, or a syncthing-config-file record (see below).
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will ``ping'' others, are presented. Otherwise, you should
+consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
+config documentation}. Camelcase is preserved below only as to be
+consistent with its appearance in Syncthing code/documentation. If you
+would like to migrate to Guix-powerd Syncthing configuration, the
+generated config adds newlines/whitespace to the produced config such
+that your old config can be diff'ed with the new one.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s, or strings corresponding to
+the device ids. A device entry corresponding to the current device is
+silently ignored by Syncthing.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see belowe).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-sendBasicAuthPrompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+@item @code{gui-apikey} (default: @var{"Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"})
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bindDN} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecureSkipVerify} (default: @var{""})
+@item @code{ldap-searchBaseDN} (default: @var{""})
+@item @code{ldap-searchFilter} (default: @var{""})
+@item @code{listenAddress} (default: @var{"default"})
+@item @code{globalAnnounceServer} (default: @var{"default"})
+@item @code{globalAnnounceEnabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{localAnnounceEnabled} (default: @var{"true"})
+This makes devices find eachother very easily on the same LAN. Often,
+this will allow you to just plug an ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{localAnnouncePort} (default: @var{"21027"})
+@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{reconnectionIntervalS} (default: @var{"60"})
+@item @code{relaysEnabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relayReconnectIntervalM} (default: @var{"10"})
+@item @code{startBrowser} (default: @var{"true"})
+@item @code{natEnabled} (default: @var{"true"})
+@item @code{natLeaseMinutes} (default: @var{"60"})
+@item @code{natRenewalMinutes} (default: @var{"30"})
+@item @code{natTimeoutSeconds} (default: @var{"10"})
+@item @code{urAccepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{urSeen} (default: @var{"0"})
+@item @code{urUniqueID} (default: @var{""})
+@item @code{urURL} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{urPostInsecurely} (default: @var{"false"})
+@item @code{urInitialDelayS} (default: @var{"1800"})
+@item @code{autoUpgradeIntervalH} (default: @var{"12"})
+@item @code{upgradeToPreReleases} (default: @var{"false"})
+@item @code{keepTemporariesH} (default: @var{"24"})
+@item @code{cacheIgnoredFiles} (default: @var{"false"})
+@item @code{progressUpdateIntervalS} (default: @var{"5"})
+@item @code{limitBandwidthInLan} (default: @var{"false"})
+@item @code{minHomeDiskFree-unit} (default: @var{"%"})
+@item @code{minHomeDiskFree} (default: @var{"1"})
+@item @code{releasesURL} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwriteRemoteDeviceNamesOnConnect} (default: @var{"false"})
+@item @code{tempIndexMinBlocks} (default: @var{"10"})
+@item @code{unackedNotificationID} (default: @var{"authenticationUserAndPassword"})
+@item @code{trafficClass} (default: @var{"0"})
+@item @code{setLowPriority} (default: @var{"true"})
+@item @code{maxFolderConcurrency} (default: @var{"0"})
+@item @code{crashReportingURL} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crashReportingEnabled} (default: @var{"true"})
+@item @code{stunKeepaliveStartS} (default: @var{"180"})
+@item @code{stunKeepaliveMinS} (default: @var{"20"})
+@item @code{stunServer} (default: @var{"default"})
+@item @code{databaseTuning} (default: @var{"auto"})
+@item @code{maxConcurrentIncomingRequestKiB} (default: @var{"0"})
+@item @code{announceLANAddresses} (default: @var{"true"})
+@item @code{sendFullIndexOnUpgrade} (default: @var{"false"})
+@item @code{connectionLimitEnough} (default: @var{"0"})
+@item @code{connectionLimitMax} (default: @var{"0"})
+@item @code{insecureAllowOldTLSVersions} (default: @var{"false"})
+@item @code{connectionPriorityTcpLan} (default: @var{"10"})
+@item @code{connectionPriorityQuicLan} (default: @var{"20"})
+@item @code{connectionPriorityTcpWan} (default: @var{"30"})
+@item @code{connectionPriorityQuicWan} (default: @var{"40"})
+@item @code{connectionPriorityRelay} (default: @var{"50"})
+@item @code{connectionPriorityUpgradeThreshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, or by an ``introducer''.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inpsecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skipIntroductionRemovals} (default: @var{"false"})
+@item @code{introducedBy} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{autoAcceptFolders} (default: @var{"false"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{maxRequestKiB} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remoteGUIPort} (default: @var{"0"})
+@item @code{numConnections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescanIntervalS} (default: @var{"3600"})
+@item @code{fsWatcherEnabled} (default: @var{"true"})
+@item @code{fsWatcherDelayS} (default: @var{"10"})
+@item @code{ignorePerms} (default: @var{"false"})
+@item @code{autoNormalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+Devices should be a list of other Syncthing devices. If the current
+device is included, it is silently ignored by syncthing (which makes for
+lazier scheme code). Each device can be listed as a string representing
+the device id, a @code{syncthing-device} object, or a
+@code{syncthing-folder-device} object.
+
+@item @code{filesystemType} (default: @var{"basic"})
+@item @code{minDiskFree-unit} (default: @var{"%"})
+@item @code{minDiskFree} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fsPath} (default: @var{""})
+@item @code{versioning-fsType} (default: @var{"basic"})
+@item @code{versioning-cleanupIntervalS} (default: @var{"3600"})
+@item @code{versioning-cleanoutDays} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-maxAge} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{pullerMaxPendingKiB} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignoreDelete} (default: @var{"false"})
+@item @code{scanProgressIntervalS} (default: @var{"0"})
+@item @code{pullerPauseS} (default: @var{"0"})
+@item @code{maxConflicts} (default: @var{"10"})
+@item @code{disableSparseFiles} (default: @var{"false"})
+@item @code{disableTempIndexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weakHashThresholdPct} (default: @var{"25"})
+@item @code{markerName} (default: @var{".stfolder"})
+@item @code{copyOwnershipFromParent} (default: @var{"false"})
+@item @code{modTimeWindowS} (default: @var{"0"})
+@item @code{maxConcurrentWrites} (default: @var{"2"})
+@item @code{disableFsync} (default: @var{"false"})
+@item @code{blockPullOrder} (default: @var{"standard"})
+@item @code{copyRangeMethod} (default: @var{"standard"})
+@item @code{caseSensitiveFS} (default: @var{"false"})
+@item @code{junctionsAsDirs} (default: @var{"false"})
+@item @code{syncOwnership} (default: @var{"false"})
+@item @code{sendOwnership} (default: @var{"false"})
+@item @code{syncXattrs} (default: @var{"false"})
+@item @code{sendXattrs} (default: @var{"false"})
+@item @code{xattrFilter-maxSingleEntrySize} (default: @var{"1024"})
+@item @code{xattrFilter-maxTotalSize} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There is some configuration which is specific to the relationship
+between a specific folder and a specific device. If you are fine
+leaving these as their default, then you can simply specify a
+syncthing-device instead of a syncthing-folder-device.
+
+@table @asis
+@item @code{id} (default: @var{""})
+id can be provided as a string of the id, or a @code{syncthing-device}.
+
+@item @code{introducedBy} (default: @var{""})
+@item @code{encryptionPassword} (default: @var{""})
+if encryptionPassword is non-empty, then it will be used as a password
+to encrypt file chunks as they are synced to that device. For more info
+on syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
+Note that file transfers are always end-to-end encrypted, regardless of
+this setting.
+
+@end table
+@end deftp
+
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("mydomain.com"))))
+ (bob-desktop "KYIMEGO-...-FT77EAO"))
+ (syncthing-configuration
+ (user "alice")
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (id bob-desktop)
+ (encryptionPassword "mypassword")))))))
+ ;; any device used above should be in this list
+ (devices (list laptop desktop bob-desktop))))
+@end lisp
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..4f0d4c1082 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,431 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skipIntroductionRemovals syncthing-device-skipIntroductionRemovals (default "false"))
+ (introducedBy syncthing-device-introducedBy (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (autoAcceptFolders syncthing-device-autoAcceptFolders (default "false"))
+ (maxSendKbps syncthing-device-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-device-maxRecvKbps (default "0"))
+ (maxRequestKiB syncthing-device-maxRequestKiB (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remoteGUIPort syncthing-device-remoteGUIPort (default "0"))
+ (numConnections syncthing-device-numConnections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skipIntroductionRemovals introducedBy addresses paused autoAcceptFolders maxSendKbps maxRecvKbps maxRequestKiB untrusted remoteGUIPort numConnections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skipIntroductionRemovals)
+ (introducedBy ,introducedBy))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,autoAcceptFolders)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (maxRequestKiB ,maxRequestKiB)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remoteGUIPort)
+ (numConnections ,numConnections))))
+
+(define (id-or-device->id id-or-device)
+ (if (syncthing-device? id-or-device)
+ (syncthing-device-id id-or-device)
+ id-or-device))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (id syncthing-folder-device-id
+ (sanitize id-or-device->id))
+ (introducedBy syncthing-folder-device-introducedBy (default "")
+ (sanitize id-or-device->id))
+ (encryptionPassword syncthing-folder-device-encryptionPassword (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (id introducedBy encryptionPassword)
+ `(device (@ (id ,id)
+ (introducedBy ,introducedBy))
+ (encryptionPassword ,encryptionPassword))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescanIntervalS syncthing-folder-rescanIntervalS (default "3600"))
+ (fsWatcherEnabled syncthing-folder-fsWatcherEnabled (default "true"))
+ (fsWatcherDelayS syncthing-folder-fsWatcherDelayS (default "10"))
+ (ignorePerms syncthing-folder-ignorePerms (default "false"))
+ (autoNormalize syncthing-folder-autoNormalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (id device))))
+ folder-device-list))))
+ (filesystemType syncthing-folder-filesystemType (default "basic"))
+ (minDiskFree-unit syncthing-folder-minDiskFree-unit (default "%"))
+ (minDiskFree syncthing-folder-minDiskFree (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fsPath syncthing-folder-versioning-fsPath (default ""))
+ (versioning-fsType syncthing-folder-versioning-fsType (default "basic"))
+ (versioning-cleanupIntervalS syncthing-folder-versioning-cleanupIntervalS (default "3600"))
+ (versioning-cleanoutDays syncthing-folder-versioning-cleanoutDays (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-maxAge syncthing-folder-versioning-maxAge (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (pullerMaxPendingKiB syncthing-folder-pullerMaxPendingKiB (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignoreDelete syncthing-folder-ignoreDelete (default "false"))
+ (scanProgressIntervalS syncthing-folder-scanProgressIntervalS (default "0"))
+ (pullerPauseS syncthing-folder-pullerPauseS (default "0"))
+ (maxConflicts syncthing-folder-maxConflicts (default "10"))
+ (disableSparseFiles syncthing-folder-disableSparseFiles (default "false"))
+ (disableTempIndexes syncthing-folder-disableTempIndexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weakHashThresholdPct syncthing-folder-weakHashThresholdPct (default "25"))
+ (markerName syncthing-folder-markerName (default ".stfolder"))
+ (copyOwnershipFromParent syncthing-folder-copyOwnershipFromParent (default "false"))
+ (modTimeWindowS syncthing-folder-modTimeWindowS (default "0"))
+ (maxConcurrentWrites syncthing-folder-maxConcurrentWrites (default "2"))
+ (disableFsync syncthing-folder-disableFsync (default "false"))
+ (blockPullOrder syncthing-folder-blockPullOrder (default "standard"))
+ (copyRangeMethod syncthing-folder-copyRangeMethod (default "standard"))
+ (caseSensitiveFS syncthing-folder-caseSensitiveFS (default "false"))
+ (junctionsAsDirs syncthing-folder-junctionsAsDirs (default "false"))
+ (syncOwnership syncthing-folder-syncOwnership (default "false"))
+ (sendOwnership syncthing-folder-sendOwnership (default "false"))
+ (syncXattrs syncthing-folder-syncXattrs (default "false"))
+ (sendXattrs syncthing-folder-sendXattrs (default "false"))
+ (xattrFilter-maxSingleEntrySize syncthing-folder-xattrFilter-maxSingleEntrySize (default "1024"))
+ (xattrFilter-maxTotalSize syncthing-folder-xattrFilter-maxTotalSize (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescanIntervalS fsWatcherEnabled fsWatcherDelayS
+ ignorePerms autoNormalize devices filesystemType minDiskFree-unit
+ minDiskFree versioning-type versioning-fsPath versioning-fsType
+ versioning-cleanupIntervalS versioning-cleanoutDays versioning-keep
+ versioning-maxAge versioning-command copiers pullerMaxPendingKiB
+ hashers order ignoreDelete scanProgressIntervalS pullerPauseS
+ maxConflicts disableSparseFiles disableTempIndexes paused
+ weakHashThresholdPct markerName copyOwnershipFromParent modTimeWindowS
+ maxConcurrentWrites disableFsync blockPullOrder copyRangeMethod
+ caseSensitiveFS junctionsAsDirs syncOwnership sendOwnership syncXattrs
+ sendXattrs xattrFilter-maxSingleEntrySize xattrFilter-maxTotalSize)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescanIntervalS)
+ (fsWatcherEnabled ,fsWatcherEnabled)
+ (fsWatcherDelayS ,fsWatcherDelayS)
+ (ignorePerms ,ignorePerms)
+ (autoNormalize ,autoNormalize))
+ (filesystemType ,filesystemType)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,minDiskFree-unit))
+ ,minDiskFree)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanoutDays)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-maxAge)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanupIntervalS)
+ (fsPath ,versioning-fsPath)
+ (fsType ,versioning-fsType))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,pullerMaxPendingKiB)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignoreDelete)
+ (scanProgressIntervalS ,scanProgressIntervalS)
+ (pullerPauseS ,pullerPauseS)
+ (maxConflicts ,maxConflicts)
+ (disableSparseFiles ,disableSparseFiles)
+ (disableTempIndexes ,disableTempIndexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weakHashThresholdPct)
+ (markerName ,markerName)
+ (copyOwnershipFromParent ,copyOwnershipFromParent)
+ (modTimeWindowS ,modTimeWindowS)
+ (maxConcurrentWrites ,maxConcurrentWrites)
+ (disableFsync ,disableFsync)
+ (blockPullOrder ,blockPullOrder)
+ (copyRangeMethod ,copyRangeMethod)
+ (caseSensitiveFS ,caseSensitiveFS)
+ (junctionsAsDirs ,junctionsAsDirs)
+ (syncOwnership ,syncOwnership)
+ (sendOwnership ,sendOwnership)
+ (syncXattrs ,syncXattrs)
+ (sendXattrs ,sendXattrs)
+ (xattrFilter (maxSingleEntrySize ,xattrFilter-maxSingleEntrySize)
+ (maxTotalSize ,xattrFilter-maxTotalSize)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-sendBasicAuthPrompt syncthing-config-gui-sendBasicAuthPrompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bindDN syncthing-config-ldap-bindDN (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecureSkipVerify syncthing-config-ldap-insecureSkipVerify (default ""))
+ (ldap-searchBaseDN syncthing-config-ldap-searchBaseDN (default ""))
+ (ldap-searchFilter syncthing-config-ldap-searchFilter (default ""))
+ (listenAddress syncthing-config-listenAddress (default "default"))
+ (globalAnnounceServer syncthing-config-globalAnnounceServer (default "default"))
+ (globalAnnounceEnabled syncthing-config-globalAnnounceEnabled (default "true"))
+ (localAnnounceEnabled syncthing-config-localAnnounceEnabled (default "true"))
+ (localAnnouncePort syncthing-config-localAnnouncePort (default "21027"))
+ (localAnnounceMCAddr syncthing-config-localAnnounceMCAddr (default "[ff12::8384]:21027"))
+ (maxSendKbps syncthing-config-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-config-maxRecvKbps (default "0"))
+ (reconnectionIntervalS syncthing-config-reconnectionIntervalS (default "60"))
+ (relaysEnabled syncthing-config-relaysEnabled (default "true"))
+ (relayReconnectIntervalM syncthing-config-relayReconnectIntervalM (default "10"))
+ (startBrowser syncthing-config-startBrowser (default "true"))
+ (natEnabled syncthing-config-natEnabled (default "true"))
+ (natLeaseMinutes syncthing-config-natLeaseMinutes (default "60"))
+ (natRenewalMinutes syncthing-config-natRenewalMinutes (default "30"))
+ (natTimeoutSeconds syncthing-config-natTimeoutSeconds (default "10"))
+ (urAccepted syncthing-config-urAccepted (default "0"))
+ (urSeen syncthing-config-urSeen (default "0"))
+ (urUniqueID syncthing-config-urUniqueID (default ""))
+ (urURL syncthing-config-urURL (default "https://data.syncthing.net/newdata"))
+ (urPostInsecurely syncthing-config-urPostInsecurely (default "false"))
+ (urInitialDelayS syncthing-config-urInitialDelayS (default "1800"))
+ (autoUpgradeIntervalH syncthing-config-autoUpgradeIntervalH (default "12"))
+ (upgradeToPreReleases syncthing-config-upgradeToPreReleases (default "false"))
+ (keepTemporariesH syncthing-config-keepTemporariesH (default "24"))
+ (cacheIgnoredFiles syncthing-config-cacheIgnoredFiles (default "false"))
+ (progressUpdateIntervalS syncthing-config-progressUpdateIntervalS (default "5"))
+ (limitBandwidthInLan syncthing-config-limitBandwidthInLan (default "false"))
+ (minHomeDiskFree-unit syncthing-config-minHomeDiskFree-unit (default "%"))
+ (minHomeDiskFree syncthing-config-minHomeDiskFree (default "1"))
+ (releasesURL syncthing-config-releasesURL (default "https://upgrades.syncthing.net/meta.json"))
+ (overwriteRemoteDeviceNamesOnConnect syncthing-config-overwriteRemoteDeviceNamesOnConnect (default "false"))
+ (tempIndexMinBlocks syncthing-config-tempIndexMinBlocks (default "10"))
+ (unackedNotificationID syncthing-config-unackedNotificationID (default "authenticationUserAndPassword"))
+ (trafficClass syncthing-config-trafficClass (default "0"))
+ (setLowPriority syncthing-config-setLowPriority (default "true"))
+ (maxFolderConcurrency syncthing-config-maxFolderConcurrency (default "0"))
+ (crashReportingURL syncthing-config-crashReportingURL (default "https://crash.syncthing.net/newcrash"))
+ (crashReportingEnabled syncthing-config-crashReportingEnabled (default "true"))
+ (stunKeepaliveStartS syncthing-config-stunKeepaliveStartS (default "180"))
+ (stunKeepaliveMinS syncthing-config-stunKeepaliveMinS (default "20"))
+ (stunServer syncthing-config-stunServer (default "default"))
+ (databaseTuning syncthing-config-databaseTuning (default "auto"))
+ (maxConcurrentIncomingRequestKiB syncthing-config-maxConcurrentIncomingRequestKiB (default "0"))
+ (announceLANAddresses syncthing-config-announceLANAddresses (default "true"))
+ (sendFullIndexOnUpgrade syncthing-config-sendFullIndexOnUpgrade (default "false"))
+ (connectionLimitEnough syncthing-config-connectionLimitEnough (default "0"))
+ (connectionLimitMax syncthing-config-connectionLimitMax (default "0"))
+ (insecureAllowOldTLSVersions syncthing-config-insecureAllowOldTLSVersions (default "false"))
+ (connectionPriorityTcpLan syncthing-config-connectionPriorityTcpLan (default "10"))
+ (connectionPriorityQuicLan syncthing-config-connectionPriorityQuicLan (default "20"))
+ (connectionPriorityTcpWan syncthing-config-connectionPriorityTcpWan (default "30"))
+ (connectionPriorityQuicWan syncthing-config-connectionPriorityQuicWan (default "40"))
+ (connectionPriorityRelay syncthing-config-connectionPriorityRelay (default "50"))
+ (connectionPriorityUpgradeThreshold syncthing-config-connectionPriorityUpgradeThreshold (default "0"))
+ (default-folder syncthing-config-defaultFolder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-defaultDevice
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-defaultIgnores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-sendBasicAuthPrompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bindDN ldap-transport ldap-insecureSkipVerify
+ ldap-searchBaseDN ldap-searchFilter listenAddress globalAnnounceServer
+ globalAnnounceEnabled localAnnounceEnabled localAnnouncePort
+ localAnnounceMCAddr maxSendKbps maxRecvKbps reconnectionIntervalS
+ relaysEnabled relayReconnectIntervalM startBrowser natEnabled
+ natLeaseMinutes natRenewalMinutes natTimeoutSeconds urAccepted
+ urSeen urUniqueID urURL urPostInsecurely urInitialDelayS
+ autoUpgradeIntervalH upgradeToPreReleases keepTemporariesH
+ cacheIgnoredFiles progressUpdateIntervalS limitBandwidthInLan
+ minHomeDiskFree-unit minHomeDiskFree releasesURL
+ overwriteRemoteDeviceNamesOnConnect tempIndexMinBlocks
+ unackedNotificationID trafficClass setLowPriority maxFolderConcurrency
+ crashReportingURL crashReportingEnabled stunKeepaliveStartS
+ stunKeepaliveMinS stunServer databaseTuning
+ maxConcurrentIncomingRequestKiB announceLANAddresses
+ sendFullIndexOnUpgrade connectionLimitEnough connectionLimitMax
+ insecureAllowOldTLSVersions connectionPriorityTcpLan
+ connectionPriorityQuicLan connectionPriorityTcpWan
+ connectionPriorityQuicWan connectionPriorityRelay
+ connectionPriorityUpgradeThreshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ,@(map syncthing-device->sxml
+ devices)
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-sendBasicAuthPrompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ (apikey ,gui-apikey)
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bindDN)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecureSkipVerify
+ `((insecureSkipVerify ,ldap-insecureSkipVerify))
+ '())
+ ,@(if ldap-searchBaseDN
+ `((searchBaseDN ,ldap-searchBaseDN))
+ '())
+ ,@(if ldap-searchFilter
+ `((searchFilter ,ldap-searchFilter))
+ '()))
+ ""))
+ (options (listenAddress ,listenAddress)
+ (globalAnnounceServer ,globalAnnounceServer)
+ (globalAnnounceEnabled ,globalAnnounceEnabled)
+ (localAnnounceEnabled ,localAnnounceEnabled)
+ (localAnnouncePort ,localAnnouncePort)
+ (localAnnounceMCAddr ,localAnnounceMCAddr)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (reconnectionIntervalS ,reconnectionIntervalS)
+ (relaysEnabled ,relaysEnabled)
+ (relayReconnectIntervalM ,relayReconnectIntervalM)
+ (startBrowser ,startBrowser)
+ (natEnabled ,natEnabled)
+ (natLeaseMinutes ,natLeaseMinutes)
+ (natRenewalMinutes ,natRenewalMinutes)
+ (natTimeoutSeconds ,natTimeoutSeconds)
+ (urAccepted ,urAccepted)
+ (urSeen ,urSeen)
+ (urUniqueID ,urUniqueID)
+ (urURL ,urURL)
+ (urPostInsecurely ,urPostInsecurely)
+ (urInitialDelayS ,urInitialDelayS)
+ (autoUpgradeIntervalH ,autoUpgradeIntervalH)
+ (upgradeToPreReleases ,upgradeToPreReleases)
+ (keepTemporariesH ,keepTemporariesH)
+ (cacheIgnoredFiles ,cacheIgnoredFiles)
+ (progressUpdateIntervalS ,progressUpdateIntervalS)
+ (limitBandwidthInLan ,limitBandwidthInLan)
+ (minHomeDiskFree (@ (unit ,minHomeDiskFree-unit))
+ ,minHomeDiskFree)
+ (releasesURL ,releasesURL)
+ (overwriteRemoteDeviceNamesOnConnect ,overwriteRemoteDeviceNamesOnConnect)
+ (tempIndexMinBlocks ,tempIndexMinBlocks)
+ (unackedNotificationID ,unackedNotificationID)
+ (trafficClass ,trafficClass)
+ (setLowPriority ,setLowPriority)
+ (maxFolderConcurrency ,maxFolderConcurrency)
+ (crashReportingURL ,crashReportingURL)
+ (crashReportingEnabled ,crashReportingEnabled)
+ (stunKeepaliveStartS ,stunKeepaliveStartS)
+ (stunKeepaliveMinS ,stunKeepaliveMinS)
+ (stunServer ,stunServer)
+ (databaseTuning ,databaseTuning)
+ (maxConcurrentIncomingRequestKiB ,maxConcurrentIncomingRequestKiB)
+ (announceLANAddresses ,announceLANAddresses)
+ (sendFullIndexOnUpgrade ,sendFullIndexOnUpgrade)
+ (connectionLimitEnough ,connectionLimitEnough)
+ (connectionLimitMax ,connectionLimitMax)
+ (insecureAllowOldTLSVersions ,insecureAllowOldTLSVersions)
+ (connectionPriorityTcpLan ,connectionPriorityTcpLan)
+ (connectionPriorityQuicLan ,connectionPriorityQuicLan)
+ (connectionPriorityTcpWan ,connectionPriorityTcpWan)
+ (connectionPriorityQuicWan ,connectionPriorityQuicWan)
+ (connectionPriorityRelay ,connectionPriorityRelay)
+ (connectionPriorityUpgradeThreshold ,connectionPriorityUpgradeThreshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+;; It is useful to be able to view the xml output by Guix, and to be able to
+;; diff it with a users previous config, especially when migrating one's
+;; config to Guix. This function adds whitespace that matches the whitespace
+;; of config files managed by syncthing for easy diffing
+(define (indent-sxml sxml indent-increment current-indent)
+ (match sxml
+ (((tag ('@ properties ...) (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag ('@ properties ...) primitive ...) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag primitive ...) sibling-tags ...)
+ `(,current-indent (,tag ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (() '())))
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (indent-sxml (list (syncthing-config-file->sxml config))
+ " "
+ ""))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,6 +487,8 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (syncthing-config-file syncthing-configuration-syncthing-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
@@ -93,10 +532,26 @@ (define syncthing-shepherd-service
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (syncthing-config-file user home home-service?)
+ (if syncthing-config-file
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-join (or home (passwd:dir (getpw user)))
+ "/.config/syncthing/config.xml"))
+ ,(if (file-like? syncthing-config-file)
+ syncthing-config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ syncthing-config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 01 Feb 2025 08:59:02 GMT) Full text and rfc822 format available.Message #8 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus <eikcaz <at> zacchae.us> To: 75959 <at> debbugs.gnu.org Subject: Re: [PATCH] (home-)syncthing-service: added support for config serialization Date: Sat, 01 Feb 2025 03:58:48 -0500
Hi Guix!
In order to test my implementation, I compared two pairs of configs:
- the default config generated by syncthing with the default config
generated by (syncthing-configuration (syncthing-config-file
(syncthing-config-file))).
- my syncthing-gui-generated config with the config generated by a
syncthing-config-file reflecting my (rather complex) setup.
There are a few differences:
- The core differences hinge around the fact that the current device ID
is not known in advance. Of course, if you have already run
syncthing and know your device ID, you can specify that in your
config.
- The default ~/Sync folder normally includes the current device.
The documentaiton makes it clear that this is OK (and also I have
tested this).
- The config does not include the current device. The documentation
says "One or more device elements must be present in the file", but
it seems to work fine dispite this.
- The default folder template normally includes the current device.
Also fine.
- There are also three miscelaneous differences:
- The default device template normally omits the "name" field. I
suppose I could have added code to fix this, but I know it doesn't
break anything so I opted for slightly simpler code.
- The API key doesn't match. Of course it doesn't.
- The ~/Sync folder is normally specified by /home/<user>/Sync, but
since I know ~/Sync works, I found that better than trying to
compute ~/ in scheme.
In summary, there are differences, but those differences have been
accounted for and don't introduce bugs. There were a few undocumented
behaviors around the absense or presense of a value. In such cases, I
implemented whatever behavior was observed in a config file maintained
by the Syncthing GUI.
I considered submitting this as two patches, one for the home service
and one for the system service, but patching just the system service
broke the home service. Is that a valid reason to make it one patch?
If not, I can split up the patches and resubmit.
Addressing the elephant in the room, as I mentioned in the
documentation, I used camelCase only to match syncthing documentation.
For instance, the ldap searchFilter setting is configured by
(syncthing-config-file (ldap-searchFilter "...")). As nauseous as it
made me to write something like that, I think translating names to
snake-case adds too much confusion/complexity no matter where you add
it. It is useful when refencencing Syncthing documentation to know
exactly what keyword too look for. Though I believe exceptions exist to
every rule, and that this is maybe the only ecxeption to the no
camelcase rule, please do tell me if there is a better way and I will
resubmit the patch.
eikcaz-
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 01 Feb 2025 09:38:02 GMT) Full text and rfc822 format available.Message #11 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus <eikcaz <at> zacchae.us> To: 75959 <at> debbugs.gnu.org Subject: [PATCH] services: syncthing: Added support for config file serialization. Date: Sat, 01 Feb 2025 04:37:04 -0500
From 0e0a2b727f3e898440a437edd9ed9b5924547c91 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH] services: syncthing: Added support for config file
serialization.
* gnu/services/syncthing.scm: (syncthing-config-file) (syncthing-folder)
(syncthing-device) (syncthing-folder-device): New records;
(syncthing-service-type): added special-files-service-type extension for the
config file; (syncthing-files-service): service to create config file
* gnu/home/services/syncthing.scm: (home-syncthing-service-type): extended
home-files-services-type and re-exported more things from
gnu/services/syncthing.scm
* doc/guix.texi: (syncthing-service-type): document additions
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
Adds Syncthing config file serialization to Guix. My original patch
commit string was not formatted correctly. Please see my revised patch
here. More info on how I tested that everything worked can be found in
a seperate email in this thread.
doc/guix.texi | 281 ++++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 459 +++++++++++++++++++++++++++++++-
3 files changed, 752 insertions(+), 5 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..966fe852a4 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22669,8 +22670,284 @@ This assumes that the specified group exists.
Common configuration and data directory. The default configuration
directory is @file{$HOME} of the specified Syncthing @code{user}.
-@end table
-@end deftp
+@item @code{syncthing-config-file} (default: @var{#f})
+Either a file-like object that resolves to a syncthing configuraton xml
+file, or a syncthing-config-file record (see below).
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will ``ping'' others, are presented. Otherwise, you should
+consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
+config documentation}. Camelcase is preserved below only as to be
+consistent with its appearance in Syncthing code/documentation. If you
+would like to migrate to Guix-powerd Syncthing configuration, the
+generated config adds newlines/whitespace to the produced config such
+that your old config can be diff'ed with the new one.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s, or strings corresponding to
+the device ids. A device entry corresponding to the current device is
+silently ignored by Syncthing.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see belowe).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-sendBasicAuthPrompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+@item @code{gui-apikey} (default: @var{"Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"})
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bindDN} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecureSkipVerify} (default: @var{""})
+@item @code{ldap-searchBaseDN} (default: @var{""})
+@item @code{ldap-searchFilter} (default: @var{""})
+@item @code{listenAddress} (default: @var{"default"})
+@item @code{globalAnnounceServer} (default: @var{"default"})
+@item @code{globalAnnounceEnabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{localAnnounceEnabled} (default: @var{"true"})
+This makes devices find eachother very easily on the same LAN. Often,
+this will allow you to just plug an ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{localAnnouncePort} (default: @var{"21027"})
+@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{reconnectionIntervalS} (default: @var{"60"})
+@item @code{relaysEnabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relayReconnectIntervalM} (default: @var{"10"})
+@item @code{startBrowser} (default: @var{"true"})
+@item @code{natEnabled} (default: @var{"true"})
+@item @code{natLeaseMinutes} (default: @var{"60"})
+@item @code{natRenewalMinutes} (default: @var{"30"})
+@item @code{natTimeoutSeconds} (default: @var{"10"})
+@item @code{urAccepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{urSeen} (default: @var{"0"})
+@item @code{urUniqueID} (default: @var{""})
+@item @code{urURL} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{urPostInsecurely} (default: @var{"false"})
+@item @code{urInitialDelayS} (default: @var{"1800"})
+@item @code{autoUpgradeIntervalH} (default: @var{"12"})
+@item @code{upgradeToPreReleases} (default: @var{"false"})
+@item @code{keepTemporariesH} (default: @var{"24"})
+@item @code{cacheIgnoredFiles} (default: @var{"false"})
+@item @code{progressUpdateIntervalS} (default: @var{"5"})
+@item @code{limitBandwidthInLan} (default: @var{"false"})
+@item @code{minHomeDiskFree-unit} (default: @var{"%"})
+@item @code{minHomeDiskFree} (default: @var{"1"})
+@item @code{releasesURL} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwriteRemoteDeviceNamesOnConnect} (default: @var{"false"})
+@item @code{tempIndexMinBlocks} (default: @var{"10"})
+@item @code{unackedNotificationID} (default: @var{"authenticationUserAndPassword"})
+@item @code{trafficClass} (default: @var{"0"})
+@item @code{setLowPriority} (default: @var{"true"})
+@item @code{maxFolderConcurrency} (default: @var{"0"})
+@item @code{crashReportingURL} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crashReportingEnabled} (default: @var{"true"})
+@item @code{stunKeepaliveStartS} (default: @var{"180"})
+@item @code{stunKeepaliveMinS} (default: @var{"20"})
+@item @code{stunServer} (default: @var{"default"})
+@item @code{databaseTuning} (default: @var{"auto"})
+@item @code{maxConcurrentIncomingRequestKiB} (default: @var{"0"})
+@item @code{announceLANAddresses} (default: @var{"true"})
+@item @code{sendFullIndexOnUpgrade} (default: @var{"false"})
+@item @code{connectionLimitEnough} (default: @var{"0"})
+@item @code{connectionLimitMax} (default: @var{"0"})
+@item @code{insecureAllowOldTLSVersions} (default: @var{"false"})
+@item @code{connectionPriorityTcpLan} (default: @var{"10"})
+@item @code{connectionPriorityQuicLan} (default: @var{"20"})
+@item @code{connectionPriorityTcpWan} (default: @var{"30"})
+@item @code{connectionPriorityQuicWan} (default: @var{"40"})
+@item @code{connectionPriorityRelay} (default: @var{"50"})
+@item @code{connectionPriorityUpgradeThreshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, or by an ``introducer''.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inpsecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skipIntroductionRemovals} (default: @var{"false"})
+@item @code{introducedBy} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{autoAcceptFolders} (default: @var{"false"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{maxRequestKiB} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remoteGUIPort} (default: @var{"0"})
+@item @code{numConnections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescanIntervalS} (default: @var{"3600"})
+@item @code{fsWatcherEnabled} (default: @var{"true"})
+@item @code{fsWatcherDelayS} (default: @var{"10"})
+@item @code{ignorePerms} (default: @var{"false"})
+@item @code{autoNormalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+Devices should be a list of other Syncthing devices. If the current
+device is included, it is silently ignored by syncthing (which makes for
+lazier scheme code). Each device can be listed as a string representing
+the device id, a @code{syncthing-device} object, or a
+@code{syncthing-folder-device} object.
+
+@item @code{filesystemType} (default: @var{"basic"})
+@item @code{minDiskFree-unit} (default: @var{"%"})
+@item @code{minDiskFree} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fsPath} (default: @var{""})
+@item @code{versioning-fsType} (default: @var{"basic"})
+@item @code{versioning-cleanupIntervalS} (default: @var{"3600"})
+@item @code{versioning-cleanoutDays} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-maxAge} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{pullerMaxPendingKiB} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignoreDelete} (default: @var{"false"})
+@item @code{scanProgressIntervalS} (default: @var{"0"})
+@item @code{pullerPauseS} (default: @var{"0"})
+@item @code{maxConflicts} (default: @var{"10"})
+@item @code{disableSparseFiles} (default: @var{"false"})
+@item @code{disableTempIndexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weakHashThresholdPct} (default: @var{"25"})
+@item @code{markerName} (default: @var{".stfolder"})
+@item @code{copyOwnershipFromParent} (default: @var{"false"})
+@item @code{modTimeWindowS} (default: @var{"0"})
+@item @code{maxConcurrentWrites} (default: @var{"2"})
+@item @code{disableFsync} (default: @var{"false"})
+@item @code{blockPullOrder} (default: @var{"standard"})
+@item @code{copyRangeMethod} (default: @var{"standard"})
+@item @code{caseSensitiveFS} (default: @var{"false"})
+@item @code{junctionsAsDirs} (default: @var{"false"})
+@item @code{syncOwnership} (default: @var{"false"})
+@item @code{sendOwnership} (default: @var{"false"})
+@item @code{syncXattrs} (default: @var{"false"})
+@item @code{sendXattrs} (default: @var{"false"})
+@item @code{xattrFilter-maxSingleEntrySize} (default: @var{"1024"})
+@item @code{xattrFilter-maxTotalSize} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There is some configuration which is specific to the relationship
+between a specific folder and a specific device. If you are fine
+leaving these as their default, then you can simply specify a
+syncthing-device instead of a syncthing-folder-device.
+
+@table @asis
+@item @code{id} (default: @var{""})
+id can be provided as a string of the id, or a @code{syncthing-device}.
+
+@item @code{introducedBy} (default: @var{""})
+@item @code{encryptionPassword} (default: @var{""})
+if encryptionPassword is non-empty, then it will be used as a password
+to encrypt file chunks as they are synced to that device. For more info
+on syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
+Note that file transfers are always end-to-end encrypted, regardless of
+this setting.
+
+@end table
+@end deftp
+
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("mydomain.com"))))
+ (bob-desktop "KYIMEGO-...-FT77EAO"))
+ (syncthing-configuration
+ (user "alice")
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (id bob-desktop)
+ (encryptionPassword "mypassword")))))))
+ ;; any device used above should be in this list
+ (devices (list laptop desktop bob-desktop))))
+@end lisp
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..4f0d4c1082 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,431 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skipIntroductionRemovals syncthing-device-skipIntroductionRemovals (default "false"))
+ (introducedBy syncthing-device-introducedBy (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (autoAcceptFolders syncthing-device-autoAcceptFolders (default "false"))
+ (maxSendKbps syncthing-device-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-device-maxRecvKbps (default "0"))
+ (maxRequestKiB syncthing-device-maxRequestKiB (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remoteGUIPort syncthing-device-remoteGUIPort (default "0"))
+ (numConnections syncthing-device-numConnections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skipIntroductionRemovals introducedBy addresses paused autoAcceptFolders maxSendKbps maxRecvKbps maxRequestKiB untrusted remoteGUIPort numConnections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skipIntroductionRemovals)
+ (introducedBy ,introducedBy))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,autoAcceptFolders)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (maxRequestKiB ,maxRequestKiB)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remoteGUIPort)
+ (numConnections ,numConnections))))
+
+(define (id-or-device->id id-or-device)
+ (if (syncthing-device? id-or-device)
+ (syncthing-device-id id-or-device)
+ id-or-device))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (id syncthing-folder-device-id
+ (sanitize id-or-device->id))
+ (introducedBy syncthing-folder-device-introducedBy (default "")
+ (sanitize id-or-device->id))
+ (encryptionPassword syncthing-folder-device-encryptionPassword (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (id introducedBy encryptionPassword)
+ `(device (@ (id ,id)
+ (introducedBy ,introducedBy))
+ (encryptionPassword ,encryptionPassword))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescanIntervalS syncthing-folder-rescanIntervalS (default "3600"))
+ (fsWatcherEnabled syncthing-folder-fsWatcherEnabled (default "true"))
+ (fsWatcherDelayS syncthing-folder-fsWatcherDelayS (default "10"))
+ (ignorePerms syncthing-folder-ignorePerms (default "false"))
+ (autoNormalize syncthing-folder-autoNormalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (id device))))
+ folder-device-list))))
+ (filesystemType syncthing-folder-filesystemType (default "basic"))
+ (minDiskFree-unit syncthing-folder-minDiskFree-unit (default "%"))
+ (minDiskFree syncthing-folder-minDiskFree (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fsPath syncthing-folder-versioning-fsPath (default ""))
+ (versioning-fsType syncthing-folder-versioning-fsType (default "basic"))
+ (versioning-cleanupIntervalS syncthing-folder-versioning-cleanupIntervalS (default "3600"))
+ (versioning-cleanoutDays syncthing-folder-versioning-cleanoutDays (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-maxAge syncthing-folder-versioning-maxAge (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (pullerMaxPendingKiB syncthing-folder-pullerMaxPendingKiB (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignoreDelete syncthing-folder-ignoreDelete (default "false"))
+ (scanProgressIntervalS syncthing-folder-scanProgressIntervalS (default "0"))
+ (pullerPauseS syncthing-folder-pullerPauseS (default "0"))
+ (maxConflicts syncthing-folder-maxConflicts (default "10"))
+ (disableSparseFiles syncthing-folder-disableSparseFiles (default "false"))
+ (disableTempIndexes syncthing-folder-disableTempIndexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weakHashThresholdPct syncthing-folder-weakHashThresholdPct (default "25"))
+ (markerName syncthing-folder-markerName (default ".stfolder"))
+ (copyOwnershipFromParent syncthing-folder-copyOwnershipFromParent (default "false"))
+ (modTimeWindowS syncthing-folder-modTimeWindowS (default "0"))
+ (maxConcurrentWrites syncthing-folder-maxConcurrentWrites (default "2"))
+ (disableFsync syncthing-folder-disableFsync (default "false"))
+ (blockPullOrder syncthing-folder-blockPullOrder (default "standard"))
+ (copyRangeMethod syncthing-folder-copyRangeMethod (default "standard"))
+ (caseSensitiveFS syncthing-folder-caseSensitiveFS (default "false"))
+ (junctionsAsDirs syncthing-folder-junctionsAsDirs (default "false"))
+ (syncOwnership syncthing-folder-syncOwnership (default "false"))
+ (sendOwnership syncthing-folder-sendOwnership (default "false"))
+ (syncXattrs syncthing-folder-syncXattrs (default "false"))
+ (sendXattrs syncthing-folder-sendXattrs (default "false"))
+ (xattrFilter-maxSingleEntrySize syncthing-folder-xattrFilter-maxSingleEntrySize (default "1024"))
+ (xattrFilter-maxTotalSize syncthing-folder-xattrFilter-maxTotalSize (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescanIntervalS fsWatcherEnabled fsWatcherDelayS
+ ignorePerms autoNormalize devices filesystemType minDiskFree-unit
+ minDiskFree versioning-type versioning-fsPath versioning-fsType
+ versioning-cleanupIntervalS versioning-cleanoutDays versioning-keep
+ versioning-maxAge versioning-command copiers pullerMaxPendingKiB
+ hashers order ignoreDelete scanProgressIntervalS pullerPauseS
+ maxConflicts disableSparseFiles disableTempIndexes paused
+ weakHashThresholdPct markerName copyOwnershipFromParent modTimeWindowS
+ maxConcurrentWrites disableFsync blockPullOrder copyRangeMethod
+ caseSensitiveFS junctionsAsDirs syncOwnership sendOwnership syncXattrs
+ sendXattrs xattrFilter-maxSingleEntrySize xattrFilter-maxTotalSize)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescanIntervalS)
+ (fsWatcherEnabled ,fsWatcherEnabled)
+ (fsWatcherDelayS ,fsWatcherDelayS)
+ (ignorePerms ,ignorePerms)
+ (autoNormalize ,autoNormalize))
+ (filesystemType ,filesystemType)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,minDiskFree-unit))
+ ,minDiskFree)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanoutDays)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-maxAge)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanupIntervalS)
+ (fsPath ,versioning-fsPath)
+ (fsType ,versioning-fsType))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,pullerMaxPendingKiB)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignoreDelete)
+ (scanProgressIntervalS ,scanProgressIntervalS)
+ (pullerPauseS ,pullerPauseS)
+ (maxConflicts ,maxConflicts)
+ (disableSparseFiles ,disableSparseFiles)
+ (disableTempIndexes ,disableTempIndexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weakHashThresholdPct)
+ (markerName ,markerName)
+ (copyOwnershipFromParent ,copyOwnershipFromParent)
+ (modTimeWindowS ,modTimeWindowS)
+ (maxConcurrentWrites ,maxConcurrentWrites)
+ (disableFsync ,disableFsync)
+ (blockPullOrder ,blockPullOrder)
+ (copyRangeMethod ,copyRangeMethod)
+ (caseSensitiveFS ,caseSensitiveFS)
+ (junctionsAsDirs ,junctionsAsDirs)
+ (syncOwnership ,syncOwnership)
+ (sendOwnership ,sendOwnership)
+ (syncXattrs ,syncXattrs)
+ (sendXattrs ,sendXattrs)
+ (xattrFilter (maxSingleEntrySize ,xattrFilter-maxSingleEntrySize)
+ (maxTotalSize ,xattrFilter-maxTotalSize)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-sendBasicAuthPrompt syncthing-config-gui-sendBasicAuthPrompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bindDN syncthing-config-ldap-bindDN (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecureSkipVerify syncthing-config-ldap-insecureSkipVerify (default ""))
+ (ldap-searchBaseDN syncthing-config-ldap-searchBaseDN (default ""))
+ (ldap-searchFilter syncthing-config-ldap-searchFilter (default ""))
+ (listenAddress syncthing-config-listenAddress (default "default"))
+ (globalAnnounceServer syncthing-config-globalAnnounceServer (default "default"))
+ (globalAnnounceEnabled syncthing-config-globalAnnounceEnabled (default "true"))
+ (localAnnounceEnabled syncthing-config-localAnnounceEnabled (default "true"))
+ (localAnnouncePort syncthing-config-localAnnouncePort (default "21027"))
+ (localAnnounceMCAddr syncthing-config-localAnnounceMCAddr (default "[ff12::8384]:21027"))
+ (maxSendKbps syncthing-config-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-config-maxRecvKbps (default "0"))
+ (reconnectionIntervalS syncthing-config-reconnectionIntervalS (default "60"))
+ (relaysEnabled syncthing-config-relaysEnabled (default "true"))
+ (relayReconnectIntervalM syncthing-config-relayReconnectIntervalM (default "10"))
+ (startBrowser syncthing-config-startBrowser (default "true"))
+ (natEnabled syncthing-config-natEnabled (default "true"))
+ (natLeaseMinutes syncthing-config-natLeaseMinutes (default "60"))
+ (natRenewalMinutes syncthing-config-natRenewalMinutes (default "30"))
+ (natTimeoutSeconds syncthing-config-natTimeoutSeconds (default "10"))
+ (urAccepted syncthing-config-urAccepted (default "0"))
+ (urSeen syncthing-config-urSeen (default "0"))
+ (urUniqueID syncthing-config-urUniqueID (default ""))
+ (urURL syncthing-config-urURL (default "https://data.syncthing.net/newdata"))
+ (urPostInsecurely syncthing-config-urPostInsecurely (default "false"))
+ (urInitialDelayS syncthing-config-urInitialDelayS (default "1800"))
+ (autoUpgradeIntervalH syncthing-config-autoUpgradeIntervalH (default "12"))
+ (upgradeToPreReleases syncthing-config-upgradeToPreReleases (default "false"))
+ (keepTemporariesH syncthing-config-keepTemporariesH (default "24"))
+ (cacheIgnoredFiles syncthing-config-cacheIgnoredFiles (default "false"))
+ (progressUpdateIntervalS syncthing-config-progressUpdateIntervalS (default "5"))
+ (limitBandwidthInLan syncthing-config-limitBandwidthInLan (default "false"))
+ (minHomeDiskFree-unit syncthing-config-minHomeDiskFree-unit (default "%"))
+ (minHomeDiskFree syncthing-config-minHomeDiskFree (default "1"))
+ (releasesURL syncthing-config-releasesURL (default "https://upgrades.syncthing.net/meta.json"))
+ (overwriteRemoteDeviceNamesOnConnect syncthing-config-overwriteRemoteDeviceNamesOnConnect (default "false"))
+ (tempIndexMinBlocks syncthing-config-tempIndexMinBlocks (default "10"))
+ (unackedNotificationID syncthing-config-unackedNotificationID (default "authenticationUserAndPassword"))
+ (trafficClass syncthing-config-trafficClass (default "0"))
+ (setLowPriority syncthing-config-setLowPriority (default "true"))
+ (maxFolderConcurrency syncthing-config-maxFolderConcurrency (default "0"))
+ (crashReportingURL syncthing-config-crashReportingURL (default "https://crash.syncthing.net/newcrash"))
+ (crashReportingEnabled syncthing-config-crashReportingEnabled (default "true"))
+ (stunKeepaliveStartS syncthing-config-stunKeepaliveStartS (default "180"))
+ (stunKeepaliveMinS syncthing-config-stunKeepaliveMinS (default "20"))
+ (stunServer syncthing-config-stunServer (default "default"))
+ (databaseTuning syncthing-config-databaseTuning (default "auto"))
+ (maxConcurrentIncomingRequestKiB syncthing-config-maxConcurrentIncomingRequestKiB (default "0"))
+ (announceLANAddresses syncthing-config-announceLANAddresses (default "true"))
+ (sendFullIndexOnUpgrade syncthing-config-sendFullIndexOnUpgrade (default "false"))
+ (connectionLimitEnough syncthing-config-connectionLimitEnough (default "0"))
+ (connectionLimitMax syncthing-config-connectionLimitMax (default "0"))
+ (insecureAllowOldTLSVersions syncthing-config-insecureAllowOldTLSVersions (default "false"))
+ (connectionPriorityTcpLan syncthing-config-connectionPriorityTcpLan (default "10"))
+ (connectionPriorityQuicLan syncthing-config-connectionPriorityQuicLan (default "20"))
+ (connectionPriorityTcpWan syncthing-config-connectionPriorityTcpWan (default "30"))
+ (connectionPriorityQuicWan syncthing-config-connectionPriorityQuicWan (default "40"))
+ (connectionPriorityRelay syncthing-config-connectionPriorityRelay (default "50"))
+ (connectionPriorityUpgradeThreshold syncthing-config-connectionPriorityUpgradeThreshold (default "0"))
+ (default-folder syncthing-config-defaultFolder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-defaultDevice
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-defaultIgnores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-sendBasicAuthPrompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bindDN ldap-transport ldap-insecureSkipVerify
+ ldap-searchBaseDN ldap-searchFilter listenAddress globalAnnounceServer
+ globalAnnounceEnabled localAnnounceEnabled localAnnouncePort
+ localAnnounceMCAddr maxSendKbps maxRecvKbps reconnectionIntervalS
+ relaysEnabled relayReconnectIntervalM startBrowser natEnabled
+ natLeaseMinutes natRenewalMinutes natTimeoutSeconds urAccepted
+ urSeen urUniqueID urURL urPostInsecurely urInitialDelayS
+ autoUpgradeIntervalH upgradeToPreReleases keepTemporariesH
+ cacheIgnoredFiles progressUpdateIntervalS limitBandwidthInLan
+ minHomeDiskFree-unit minHomeDiskFree releasesURL
+ overwriteRemoteDeviceNamesOnConnect tempIndexMinBlocks
+ unackedNotificationID trafficClass setLowPriority maxFolderConcurrency
+ crashReportingURL crashReportingEnabled stunKeepaliveStartS
+ stunKeepaliveMinS stunServer databaseTuning
+ maxConcurrentIncomingRequestKiB announceLANAddresses
+ sendFullIndexOnUpgrade connectionLimitEnough connectionLimitMax
+ insecureAllowOldTLSVersions connectionPriorityTcpLan
+ connectionPriorityQuicLan connectionPriorityTcpWan
+ connectionPriorityQuicWan connectionPriorityRelay
+ connectionPriorityUpgradeThreshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ,@(map syncthing-device->sxml
+ devices)
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-sendBasicAuthPrompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ (apikey ,gui-apikey)
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bindDN)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecureSkipVerify
+ `((insecureSkipVerify ,ldap-insecureSkipVerify))
+ '())
+ ,@(if ldap-searchBaseDN
+ `((searchBaseDN ,ldap-searchBaseDN))
+ '())
+ ,@(if ldap-searchFilter
+ `((searchFilter ,ldap-searchFilter))
+ '()))
+ ""))
+ (options (listenAddress ,listenAddress)
+ (globalAnnounceServer ,globalAnnounceServer)
+ (globalAnnounceEnabled ,globalAnnounceEnabled)
+ (localAnnounceEnabled ,localAnnounceEnabled)
+ (localAnnouncePort ,localAnnouncePort)
+ (localAnnounceMCAddr ,localAnnounceMCAddr)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (reconnectionIntervalS ,reconnectionIntervalS)
+ (relaysEnabled ,relaysEnabled)
+ (relayReconnectIntervalM ,relayReconnectIntervalM)
+ (startBrowser ,startBrowser)
+ (natEnabled ,natEnabled)
+ (natLeaseMinutes ,natLeaseMinutes)
+ (natRenewalMinutes ,natRenewalMinutes)
+ (natTimeoutSeconds ,natTimeoutSeconds)
+ (urAccepted ,urAccepted)
+ (urSeen ,urSeen)
+ (urUniqueID ,urUniqueID)
+ (urURL ,urURL)
+ (urPostInsecurely ,urPostInsecurely)
+ (urInitialDelayS ,urInitialDelayS)
+ (autoUpgradeIntervalH ,autoUpgradeIntervalH)
+ (upgradeToPreReleases ,upgradeToPreReleases)
+ (keepTemporariesH ,keepTemporariesH)
+ (cacheIgnoredFiles ,cacheIgnoredFiles)
+ (progressUpdateIntervalS ,progressUpdateIntervalS)
+ (limitBandwidthInLan ,limitBandwidthInLan)
+ (minHomeDiskFree (@ (unit ,minHomeDiskFree-unit))
+ ,minHomeDiskFree)
+ (releasesURL ,releasesURL)
+ (overwriteRemoteDeviceNamesOnConnect ,overwriteRemoteDeviceNamesOnConnect)
+ (tempIndexMinBlocks ,tempIndexMinBlocks)
+ (unackedNotificationID ,unackedNotificationID)
+ (trafficClass ,trafficClass)
+ (setLowPriority ,setLowPriority)
+ (maxFolderConcurrency ,maxFolderConcurrency)
+ (crashReportingURL ,crashReportingURL)
+ (crashReportingEnabled ,crashReportingEnabled)
+ (stunKeepaliveStartS ,stunKeepaliveStartS)
+ (stunKeepaliveMinS ,stunKeepaliveMinS)
+ (stunServer ,stunServer)
+ (databaseTuning ,databaseTuning)
+ (maxConcurrentIncomingRequestKiB ,maxConcurrentIncomingRequestKiB)
+ (announceLANAddresses ,announceLANAddresses)
+ (sendFullIndexOnUpgrade ,sendFullIndexOnUpgrade)
+ (connectionLimitEnough ,connectionLimitEnough)
+ (connectionLimitMax ,connectionLimitMax)
+ (insecureAllowOldTLSVersions ,insecureAllowOldTLSVersions)
+ (connectionPriorityTcpLan ,connectionPriorityTcpLan)
+ (connectionPriorityQuicLan ,connectionPriorityQuicLan)
+ (connectionPriorityTcpWan ,connectionPriorityTcpWan)
+ (connectionPriorityQuicWan ,connectionPriorityQuicWan)
+ (connectionPriorityRelay ,connectionPriorityRelay)
+ (connectionPriorityUpgradeThreshold ,connectionPriorityUpgradeThreshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+;; It is useful to be able to view the xml output by Guix, and to be able to
+;; diff it with a users previous config, especially when migrating one's
+;; config to Guix. This function adds whitespace that matches the whitespace
+;; of config files managed by syncthing for easy diffing
+(define (indent-sxml sxml indent-increment current-indent)
+ (match sxml
+ (((tag ('@ properties ...) (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag ('@ properties ...) primitive ...) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag primitive ...) sibling-tags ...)
+ `(,current-indent (,tag ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (() '())))
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (indent-sxml (list (syncthing-config-file->sxml config))
+ " "
+ ""))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,6 +487,8 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (syncthing-config-file syncthing-configuration-syncthing-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
@@ -93,10 +532,26 @@ (define syncthing-shepherd-service
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (syncthing-config-file user home home-service?)
+ (if syncthing-config-file
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-join (or home (passwd:dir (getpw user)))
+ "/.config/syncthing/config.xml"))
+ ,(if (file-like? syncthing-config-file)
+ syncthing-config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ syncthing-config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 04 Feb 2025 01:14:02 GMT) Full text and rfc822 format available.Message #14 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Zacchaeus <eikcaz <at> zacchae.us> Cc: 75959 <at> debbugs.gnu.org Subject: Re: [bug#75959] [PATCH] (home-)syncthing-service: added support for config serialization Date: Mon, 3 Feb 2025 20:13:45 -0500
On Sat, Feb 01, 2025 at 03:58:48AM -0500, Zacchaeus wrote: > - The default ~/Sync folder normally includes the current device. > The documentaiton makes it clear that this is OK (and also I have > tested this). For reference: "All mentioned devices are those that will be sharing the folder in question. Each mentioned device must have a separate device element later in the file. It is customary that the local device ID is included in all folders. Syncthing will currently add this automatically if it is not present in the configuration file." https://docs.syncthing.net/users/config.html#config-option-folder.device
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 04 Feb 2025 23:18:02 GMT) Full text and rfc822 format available.Message #17 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus <eikcaz <at> zacchae.us> To: 75959 <at> debbugs.gnu.org Subject: Re: [PATCH] services: syncthing: Added support for config file serialization. Date: Tue, 04 Feb 2025 18:17:18 -0500
From cb625d0548dd97bb124ae6821f3555e095823ae7 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH] services: syncthing: Added support for config file
serialization.
* gnu/services/syncthing.scm: (syncthing-config-file) (syncthing-folder)
(syncthing-device) (syncthing-folder-device): New records;
(syncthing-service-type): added special-files-service-type extension for the
config file; (syncthing-files-service): service to create config file
* gnu/home/services/syncthing.scm: (home-syncthing-service-type): extended
home-files-services-type and re-exported more things from
gnu/services/syncthing.scm
* doc/guix.texi: (syncthing-service-type): document additions
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
I realized it was silly to have users specify devices in
syncthing-config-file whin 98% of the time this is obvious from the
folders. (Usually each device shares at least one folder.) I added
some code to extract the devices from the folders. I also updated the
documentation accordingly. See earlier standalone email for details
on how I verified that this service functions correctly. I followed
those exact same steps this time.
doc/guix.texi | 285 +++++++++++++++++++
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 466 +++++++++++++++++++++++++++++++-
3 files changed, 765 insertions(+), 3 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..f9986d195a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22669,9 +22670,293 @@ This assumes that the specified group exists.
Common configuration and data directory. The default configuration
directory is @file{$HOME} of the specified Syncthing @code{user}.
+@item @code{syncthing-config-file} (default: @var{#f})
+Either a file-like object that resolves to a syncthing configuration xml
+file, or a syncthing-config-file record (see below).
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will ``ping'' others, are presented. Otherwise, you should
+consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
+config documentation}. Camelcase is preserved below only as to be
+consistent with its appearance in Syncthing code/documentation. If you
+would like to migrate to Guix-powered Syncthing configuration, the
+generated config adds newlines/whitespace to the produced config such
+that your old config can be diff'ed with the new one. You can still
+modify Syncthing from the GUI or through ``introducer'' and
+``autoAcceptFolders'' mechanisms, but such changes will be reset on
+reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (same id) are discovered,
+the one in this list is prioritized. Otherwise, the first instance in
+the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-sendBasicAuthPrompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+@item @code{gui-apikey} (default: @var{"Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"})
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bindDN} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecureSkipVerify} (default: @var{""})
+@item @code{ldap-searchBaseDN} (default: @var{""})
+@item @code{ldap-searchFilter} (default: @var{""})
+@item @code{listenAddress} (default: @var{"default"})
+@item @code{globalAnnounceServer} (default: @var{"default"})
+@item @code{globalAnnounceEnabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{localAnnounceEnabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{localAnnouncePort} (default: @var{"21027"})
+@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{reconnectionIntervalS} (default: @var{"60"})
+@item @code{relaysEnabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relayReconnectIntervalM} (default: @var{"10"})
+@item @code{startBrowser} (default: @var{"true"})
+@item @code{natEnabled} (default: @var{"true"})
+@item @code{natLeaseMinutes} (default: @var{"60"})
+@item @code{natRenewalMinutes} (default: @var{"30"})
+@item @code{natTimeoutSeconds} (default: @var{"10"})
+@item @code{urAccepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{urSeen} (default: @var{"0"})
+@item @code{urUniqueID} (default: @var{""})
+@item @code{urURL} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{urPostInsecurely} (default: @var{"false"})
+@item @code{urInitialDelayS} (default: @var{"1800"})
+@item @code{autoUpgradeIntervalH} (default: @var{"12"})
+@item @code{upgradeToPreReleases} (default: @var{"false"})
+@item @code{keepTemporariesH} (default: @var{"24"})
+@item @code{cacheIgnoredFiles} (default: @var{"false"})
+@item @code{progressUpdateIntervalS} (default: @var{"5"})
+@item @code{limitBandwidthInLan} (default: @var{"false"})
+@item @code{minHomeDiskFree-unit} (default: @var{"%"})
+@item @code{minHomeDiskFree} (default: @var{"1"})
+@item @code{releasesURL} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwriteRemoteDeviceNamesOnConnect} (default: @var{"false"})
+@item @code{tempIndexMinBlocks} (default: @var{"10"})
+@item @code{unackedNotificationID} (default: @var{"authenticationUserAndPassword"})
+@item @code{trafficClass} (default: @var{"0"})
+@item @code{setLowPriority} (default: @var{"true"})
+@item @code{maxFolderConcurrency} (default: @var{"0"})
+@item @code{crashReportingURL} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crashReportingEnabled} (default: @var{"true"})
+@item @code{stunKeepaliveStartS} (default: @var{"180"})
+@item @code{stunKeepaliveMinS} (default: @var{"20"})
+@item @code{stunServer} (default: @var{"default"})
+@item @code{databaseTuning} (default: @var{"auto"})
+@item @code{maxConcurrentIncomingRequestKiB} (default: @var{"0"})
+@item @code{announceLANAddresses} (default: @var{"true"})
+@item @code{sendFullIndexOnUpgrade} (default: @var{"false"})
+@item @code{connectionLimitEnough} (default: @var{"0"})
+@item @code{connectionLimitMax} (default: @var{"0"})
+@item @code{insecureAllowOldTLSVersions} (default: @var{"false"})
+@item @code{connectionPriorityTcpLan} (default: @var{"10"})
+@item @code{connectionPriorityQuicLan} (default: @var{"20"})
+@item @code{connectionPriorityTcpWan} (default: @var{"30"})
+@item @code{connectionPriorityQuicWan} (default: @var{"40"})
+@item @code{connectionPriorityRelay} (default: @var{"50"})
+@item @code{connectionPriorityUpgradeThreshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, by an ``introducer'', or a device with
+``autoAcceptFolders''.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inspecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skipIntroductionRemovals} (default: @var{"false"})
+@item @code{introducedBy} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{autoAcceptFolders} (default: @var{"false"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{maxRequestKiB} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remoteGUIPort} (default: @var{"0"})
+@item @code{numConnections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescanIntervalS} (default: @var{"3600"})
+@item @code{fsWatcherEnabled} (default: @var{"true"})
+@item @code{fsWatcherDelayS} (default: @var{"10"})
+@item @code{ignorePerms} (default: @var{"false"})
+@item @code{autoNormalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+Devices should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk.
+
+@item @code{filesystemType} (default: @var{"basic"})
+@item @code{minDiskFree-unit} (default: @var{"%"})
+@item @code{minDiskFree} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fsPath} (default: @var{""})
+@item @code{versioning-fsType} (default: @var{"basic"})
+@item @code{versioning-cleanupIntervalS} (default: @var{"3600"})
+@item @code{versioning-cleanoutDays} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-maxAge} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{pullerMaxPendingKiB} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignoreDelete} (default: @var{"false"})
+@item @code{scanProgressIntervalS} (default: @var{"0"})
+@item @code{pullerPauseS} (default: @var{"0"})
+@item @code{maxConflicts} (default: @var{"10"})
+@item @code{disableSparseFiles} (default: @var{"false"})
+@item @code{disableTempIndexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weakHashThresholdPct} (default: @var{"25"})
+@item @code{markerName} (default: @var{".stfolder"})
+@item @code{copyOwnershipFromParent} (default: @var{"false"})
+@item @code{modTimeWindowS} (default: @var{"0"})
+@item @code{maxConcurrentWrites} (default: @var{"2"})
+@item @code{disableFsync} (default: @var{"false"})
+@item @code{blockPullOrder} (default: @var{"standard"})
+@item @code{copyRangeMethod} (default: @var{"standard"})
+@item @code{caseSensitiveFS} (default: @var{"false"})
+@item @code{junctionsAsDirs} (default: @var{"false"})
+@item @code{syncOwnership} (default: @var{"false"})
+@item @code{sendOwnership} (default: @var{"false"})
+@item @code{syncXattrs} (default: @var{"false"})
+@item @code{sendXattrs} (default: @var{"false"})
+@item @code{xattrFilter-maxSingleEntrySize} (default: @var{"1024"})
+@item @code{xattrFilter-maxTotalSize} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There is some configuration which is specific to the relationship
+between a specific folder and a specific device. If you are fine
+leaving these as their default, then you can simply specify a
+syncthing-device instead of a @code{syncthing-folder-device} in
+@code{syncthing-folder}s.
+
+@table @asis
+@item @code{device}
+device should be a @code{syncthing-device} for which this configuration
+applies.
+
+@item @code{introducedBy} (default: @var{""})
+@item @code{encryptionPassword} (default: @var{""})
+if encryptionPassword is non-empty, then it will be used as a password
+to encrypt file chunks as they are synced to that device. For more info
+on syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
+Note that file transfers are always end-to-end encrypted, regardless of
+this setting.
+
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("mydomain.example"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryptionPassword "mypassword")))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..2a58da8290 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,438 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skipIntroductionRemovals syncthing-device-skipIntroductionRemovals (default "false"))
+ (introducedBy syncthing-device-introducedBy (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (autoAcceptFolders syncthing-device-autoAcceptFolders (default "false"))
+ (maxSendKbps syncthing-device-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-device-maxRecvKbps (default "0"))
+ (maxRequestKiB syncthing-device-maxRequestKiB (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remoteGUIPort syncthing-device-remoteGUIPort (default "0"))
+ (numConnections syncthing-device-numConnections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skipIntroductionRemovals introducedBy addresses paused autoAcceptFolders maxSendKbps maxRecvKbps maxRequestKiB untrusted remoteGUIPort numConnections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skipIntroductionRemovals)
+ (introducedBy ,introducedBy))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,autoAcceptFolders)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (maxRequestKiB ,maxRequestKiB)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remoteGUIPort)
+ (numConnections ,numConnections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introducedBy syncthing-folder-device-introducedBy (default (syncthing-device (id ""))))
+ (encryptionPassword syncthing-folder-device-encryptionPassword (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introducedBy encryptionPassword)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introducedBy)))
+ (encryptionPassword ,encryptionPassword))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescanIntervalS syncthing-folder-rescanIntervalS (default "3600"))
+ (fsWatcherEnabled syncthing-folder-fsWatcherEnabled (default "true"))
+ (fsWatcherDelayS syncthing-folder-fsWatcherDelayS (default "10"))
+ (fsWatcherTimeoutS syncthing-folder-fsWatcherTimeoutS (default "0"))
+ (ignorePerms syncthing-folder-ignorePerms (default "false"))
+ (autoNormalize syncthing-folder-autoNormalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystemType syncthing-folder-filesystemType (default "basic"))
+ (minDiskFree-unit syncthing-folder-minDiskFree-unit (default "%"))
+ (minDiskFree syncthing-folder-minDiskFree (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fsPath syncthing-folder-versioning-fsPath (default ""))
+ (versioning-fsType syncthing-folder-versioning-fsType (default "basic"))
+ (versioning-cleanupIntervalS syncthing-folder-versioning-cleanupIntervalS (default "3600"))
+ (versioning-cleanoutDays syncthing-folder-versioning-cleanoutDays (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-maxAge syncthing-folder-versioning-maxAge (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (pullerMaxPendingKiB syncthing-folder-pullerMaxPendingKiB (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignoreDelete syncthing-folder-ignoreDelete (default "false"))
+ (scanProgressIntervalS syncthing-folder-scanProgressIntervalS (default "0"))
+ (pullerPauseS syncthing-folder-pullerPauseS (default "0"))
+ (maxConflicts syncthing-folder-maxConflicts (default "10"))
+ (disableSparseFiles syncthing-folder-disableSparseFiles (default "false"))
+ (disableTempIndexes syncthing-folder-disableTempIndexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weakHashThresholdPct syncthing-folder-weakHashThresholdPct (default "25"))
+ (markerName syncthing-folder-markerName (default ".stfolder"))
+ (copyOwnershipFromParent syncthing-folder-copyOwnershipFromParent (default "false"))
+ (modTimeWindowS syncthing-folder-modTimeWindowS (default "0"))
+ (maxConcurrentWrites syncthing-folder-maxConcurrentWrites (default "2"))
+ (disableFsync syncthing-folder-disableFsync (default "false"))
+ (blockPullOrder syncthing-folder-blockPullOrder (default "standard"))
+ (copyRangeMethod syncthing-folder-copyRangeMethod (default "standard"))
+ (caseSensitiveFS syncthing-folder-caseSensitiveFS (default "false"))
+ (junctionsAsDirs syncthing-folder-junctionsAsDirs (default "false"))
+ (syncOwnership syncthing-folder-syncOwnership (default "false"))
+ (sendOwnership syncthing-folder-sendOwnership (default "false"))
+ (syncXattrs syncthing-folder-syncXattrs (default "false"))
+ (sendXattrs syncthing-folder-sendXattrs (default "false"))
+ (xattrFilter-maxSingleEntrySize syncthing-folder-xattrFilter-maxSingleEntrySize (default "1024"))
+ (xattrFilter-maxTotalSize syncthing-folder-xattrFilter-maxTotalSize (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescanIntervalS fsWatcherEnabled fsWatcherDelayS
+ fsWatcherTimeoutS ignorePerms autoNormalize devices filesystemType
+ minDiskFree-unit minDiskFree versioning-type versioning-fsPath
+ versioning-fsType versioning-cleanupIntervalS versioning-cleanoutDays
+ versioning-keep versioning-maxAge versioning-command copiers
+ pullerMaxPendingKiB hashers order ignoreDelete scanProgressIntervalS
+ pullerPauseS maxConflicts disableSparseFiles disableTempIndexes paused
+ weakHashThresholdPct markerName copyOwnershipFromParent modTimeWindowS
+ maxConcurrentWrites disableFsync blockPullOrder copyRangeMethod
+ caseSensitiveFS junctionsAsDirs syncOwnership sendOwnership syncXattrs
+ sendXattrs xattrFilter-maxSingleEntrySize xattrFilter-maxTotalSize)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescanIntervalS)
+ (fsWatcherEnabled ,fsWatcherEnabled)
+ (fsWatcherDelayS ,fsWatcherDelayS)
+ (fsWatcherTimeoutS ,fsWatcherTimeoutS)
+ (ignorePerms ,ignorePerms)
+ (autoNormalize ,autoNormalize))
+ (filesystemType ,filesystemType)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,minDiskFree-unit))
+ ,minDiskFree)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanoutDays)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-maxAge)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanupIntervalS)
+ (fsPath ,versioning-fsPath)
+ (fsType ,versioning-fsType))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,pullerMaxPendingKiB)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignoreDelete)
+ (scanProgressIntervalS ,scanProgressIntervalS)
+ (pullerPauseS ,pullerPauseS)
+ (maxConflicts ,maxConflicts)
+ (disableSparseFiles ,disableSparseFiles)
+ (disableTempIndexes ,disableTempIndexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weakHashThresholdPct)
+ (markerName ,markerName)
+ (copyOwnershipFromParent ,copyOwnershipFromParent)
+ (modTimeWindowS ,modTimeWindowS)
+ (maxConcurrentWrites ,maxConcurrentWrites)
+ (disableFsync ,disableFsync)
+ (blockPullOrder ,blockPullOrder)
+ (copyRangeMethod ,copyRangeMethod)
+ (caseSensitiveFS ,caseSensitiveFS)
+ (junctionsAsDirs ,junctionsAsDirs)
+ (syncOwnership ,syncOwnership)
+ (sendOwnership ,sendOwnership)
+ (syncXattrs ,syncXattrs)
+ (sendXattrs ,sendXattrs)
+ (xattrFilter (maxSingleEntrySize ,xattrFilter-maxSingleEntrySize)
+ (maxTotalSize ,xattrFilter-maxTotalSize)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-sendBasicAuthPrompt syncthing-config-gui-sendBasicAuthPrompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bindDN syncthing-config-ldap-bindDN (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecureSkipVerify syncthing-config-ldap-insecureSkipVerify (default ""))
+ (ldap-searchBaseDN syncthing-config-ldap-searchBaseDN (default ""))
+ (ldap-searchFilter syncthing-config-ldap-searchFilter (default ""))
+ (listenAddress syncthing-config-listenAddress (default "default"))
+ (globalAnnounceServer syncthing-config-globalAnnounceServer (default "default"))
+ (globalAnnounceEnabled syncthing-config-globalAnnounceEnabled (default "true"))
+ (localAnnounceEnabled syncthing-config-localAnnounceEnabled (default "true"))
+ (localAnnouncePort syncthing-config-localAnnouncePort (default "21027"))
+ (localAnnounceMCAddr syncthing-config-localAnnounceMCAddr (default "[ff12::8384]:21027"))
+ (maxSendKbps syncthing-config-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-config-maxRecvKbps (default "0"))
+ (reconnectionIntervalS syncthing-config-reconnectionIntervalS (default "60"))
+ (relaysEnabled syncthing-config-relaysEnabled (default "true"))
+ (relayReconnectIntervalM syncthing-config-relayReconnectIntervalM (default "10"))
+ (startBrowser syncthing-config-startBrowser (default "true"))
+ (natEnabled syncthing-config-natEnabled (default "true"))
+ (natLeaseMinutes syncthing-config-natLeaseMinutes (default "60"))
+ (natRenewalMinutes syncthing-config-natRenewalMinutes (default "30"))
+ (natTimeoutSeconds syncthing-config-natTimeoutSeconds (default "10"))
+ (urAccepted syncthing-config-urAccepted (default "0"))
+ (urSeen syncthing-config-urSeen (default "0"))
+ (urUniqueID syncthing-config-urUniqueID (default ""))
+ (urURL syncthing-config-urURL (default "https://data.syncthing.net/newdata"))
+ (urPostInsecurely syncthing-config-urPostInsecurely (default "false"))
+ (urInitialDelayS syncthing-config-urInitialDelayS (default "1800"))
+ (autoUpgradeIntervalH syncthing-config-autoUpgradeIntervalH (default "12"))
+ (upgradeToPreReleases syncthing-config-upgradeToPreReleases (default "false"))
+ (keepTemporariesH syncthing-config-keepTemporariesH (default "24"))
+ (cacheIgnoredFiles syncthing-config-cacheIgnoredFiles (default "false"))
+ (progressUpdateIntervalS syncthing-config-progressUpdateIntervalS (default "5"))
+ (limitBandwidthInLan syncthing-config-limitBandwidthInLan (default "false"))
+ (minHomeDiskFree-unit syncthing-config-minHomeDiskFree-unit (default "%"))
+ (minHomeDiskFree syncthing-config-minHomeDiskFree (default "1"))
+ (releasesURL syncthing-config-releasesURL (default "https://upgrades.syncthing.net/meta.json"))
+ (overwriteRemoteDeviceNamesOnConnect syncthing-config-overwriteRemoteDeviceNamesOnConnect (default "false"))
+ (tempIndexMinBlocks syncthing-config-tempIndexMinBlocks (default "10"))
+ (unackedNotificationID syncthing-config-unackedNotificationID (default "authenticationUserAndPassword"))
+ (trafficClass syncthing-config-trafficClass (default "0"))
+ (setLowPriority syncthing-config-setLowPriority (default "true"))
+ (maxFolderConcurrency syncthing-config-maxFolderConcurrency (default "0"))
+ (crashReportingURL syncthing-config-crashReportingURL (default "https://crash.syncthing.net/newcrash"))
+ (crashReportingEnabled syncthing-config-crashReportingEnabled (default "true"))
+ (stunKeepaliveStartS syncthing-config-stunKeepaliveStartS (default "180"))
+ (stunKeepaliveMinS syncthing-config-stunKeepaliveMinS (default "20"))
+ (stunServer syncthing-config-stunServer (default "default"))
+ (databaseTuning syncthing-config-databaseTuning (default "auto"))
+ (maxConcurrentIncomingRequestKiB syncthing-config-maxConcurrentIncomingRequestKiB (default "0"))
+ (announceLANAddresses syncthing-config-announceLANAddresses (default "true"))
+ (sendFullIndexOnUpgrade syncthing-config-sendFullIndexOnUpgrade (default "false"))
+ (connectionLimitEnough syncthing-config-connectionLimitEnough (default "0"))
+ (connectionLimitMax syncthing-config-connectionLimitMax (default "0"))
+ (insecureAllowOldTLSVersions syncthing-config-insecureAllowOldTLSVersions (default "false"))
+ (connectionPriorityTcpLan syncthing-config-connectionPriorityTcpLan (default "10"))
+ (connectionPriorityQuicLan syncthing-config-connectionPriorityQuicLan (default "20"))
+ (connectionPriorityTcpWan syncthing-config-connectionPriorityTcpWan (default "30"))
+ (connectionPriorityQuicWan syncthing-config-connectionPriorityQuicWan (default "40"))
+ (connectionPriorityRelay syncthing-config-connectionPriorityRelay (default "50"))
+ (connectionPriorityUpgradeThreshold syncthing-config-connectionPriorityUpgradeThreshold (default "0"))
+ (default-folder syncthing-config-defaultFolder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-defaultDevice
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-defaultIgnores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-sendBasicAuthPrompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bindDN ldap-transport ldap-insecureSkipVerify
+ ldap-searchBaseDN ldap-searchFilter listenAddress globalAnnounceServer
+ globalAnnounceEnabled localAnnounceEnabled localAnnouncePort
+ localAnnounceMCAddr maxSendKbps maxRecvKbps reconnectionIntervalS
+ relaysEnabled relayReconnectIntervalM startBrowser natEnabled
+ natLeaseMinutes natRenewalMinutes natTimeoutSeconds urAccepted
+ urSeen urUniqueID urURL urPostInsecurely urInitialDelayS
+ autoUpgradeIntervalH upgradeToPreReleases keepTemporariesH
+ cacheIgnoredFiles progressUpdateIntervalS limitBandwidthInLan
+ minHomeDiskFree-unit minHomeDiskFree releasesURL
+ overwriteRemoteDeviceNamesOnConnect tempIndexMinBlocks
+ unackedNotificationID trafficClass setLowPriority maxFolderConcurrency
+ crashReportingURL crashReportingEnabled stunKeepaliveStartS
+ stunKeepaliveMinS stunServer databaseTuning
+ maxConcurrentIncomingRequestKiB announceLANAddresses
+ sendFullIndexOnUpgrade connectionLimitEnough connectionLimitMax
+ insecureAllowOldTLSVersions connectionPriorityTcpLan
+ connectionPriorityQuicLan connectionPriorityTcpWan
+ connectionPriorityQuicWan connectionPriorityRelay
+ connectionPriorityUpgradeThreshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-sendBasicAuthPrompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ (apikey ,gui-apikey)
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bindDN)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecureSkipVerify
+ `((insecureSkipVerify ,ldap-insecureSkipVerify))
+ '())
+ ,@(if ldap-searchBaseDN
+ `((searchBaseDN ,ldap-searchBaseDN))
+ '())
+ ,@(if ldap-searchFilter
+ `((searchFilter ,ldap-searchFilter))
+ '()))
+ ""))
+ (options (listenAddress ,listenAddress)
+ (globalAnnounceServer ,globalAnnounceServer)
+ (globalAnnounceEnabled ,globalAnnounceEnabled)
+ (localAnnounceEnabled ,localAnnounceEnabled)
+ (localAnnouncePort ,localAnnouncePort)
+ (localAnnounceMCAddr ,localAnnounceMCAddr)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (reconnectionIntervalS ,reconnectionIntervalS)
+ (relaysEnabled ,relaysEnabled)
+ (relayReconnectIntervalM ,relayReconnectIntervalM)
+ (startBrowser ,startBrowser)
+ (natEnabled ,natEnabled)
+ (natLeaseMinutes ,natLeaseMinutes)
+ (natRenewalMinutes ,natRenewalMinutes)
+ (natTimeoutSeconds ,natTimeoutSeconds)
+ (urAccepted ,urAccepted)
+ (urSeen ,urSeen)
+ (urUniqueID ,urUniqueID)
+ (urURL ,urURL)
+ (urPostInsecurely ,urPostInsecurely)
+ (urInitialDelayS ,urInitialDelayS)
+ (autoUpgradeIntervalH ,autoUpgradeIntervalH)
+ (upgradeToPreReleases ,upgradeToPreReleases)
+ (keepTemporariesH ,keepTemporariesH)
+ (cacheIgnoredFiles ,cacheIgnoredFiles)
+ (progressUpdateIntervalS ,progressUpdateIntervalS)
+ (limitBandwidthInLan ,limitBandwidthInLan)
+ (minHomeDiskFree (@ (unit ,minHomeDiskFree-unit))
+ ,minHomeDiskFree)
+ (releasesURL ,releasesURL)
+ (overwriteRemoteDeviceNamesOnConnect ,overwriteRemoteDeviceNamesOnConnect)
+ (tempIndexMinBlocks ,tempIndexMinBlocks)
+ (unackedNotificationID ,unackedNotificationID)
+ (trafficClass ,trafficClass)
+ (setLowPriority ,setLowPriority)
+ (maxFolderConcurrency ,maxFolderConcurrency)
+ (crashReportingURL ,crashReportingURL)
+ (crashReportingEnabled ,crashReportingEnabled)
+ (stunKeepaliveStartS ,stunKeepaliveStartS)
+ (stunKeepaliveMinS ,stunKeepaliveMinS)
+ (stunServer ,stunServer)
+ (databaseTuning ,databaseTuning)
+ (maxConcurrentIncomingRequestKiB ,maxConcurrentIncomingRequestKiB)
+ (announceLANAddresses ,announceLANAddresses)
+ (sendFullIndexOnUpgrade ,sendFullIndexOnUpgrade)
+ (connectionLimitEnough ,connectionLimitEnough)
+ (connectionLimitMax ,connectionLimitMax)
+ (insecureAllowOldTLSVersions ,insecureAllowOldTLSVersions)
+ (connectionPriorityTcpLan ,connectionPriorityTcpLan)
+ (connectionPriorityQuicLan ,connectionPriorityQuicLan)
+ (connectionPriorityTcpWan ,connectionPriorityTcpWan)
+ (connectionPriorityQuicWan ,connectionPriorityQuicWan)
+ (connectionPriorityRelay ,connectionPriorityRelay)
+ (connectionPriorityUpgradeThreshold ,connectionPriorityUpgradeThreshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+;; It is useful to be able to view the xml output by Guix, and to be able to
+;; diff it with a users previous config, especially when migrating one's
+;; config to Guix. This function adds whitespace that matches the whitespace
+;; of config files managed by syncthing for easy diffing
+(define (indent-sxml sxml indent-increment current-indent)
+ (match sxml
+ (((tag ('@ properties ...) (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag ('@ properties ...) primitive ...) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag primitive ...) sibling-tags ...)
+ `(,current-indent (,tag ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (() '())))
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (indent-sxml (list (syncthing-config-file->sxml config))
+ " "
+ ""))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,6 +494,8 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (syncthing-config-file syncthing-configuration-syncthing-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
@@ -93,10 +539,26 @@ (define syncthing-shepherd-service
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (syncthing-config-file user home home-service?)
+ (if syncthing-config-file
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-join (or home (passwd:dir (getpw user)))
+ "/.config/syncthing/config.xml"))
+ ,(if (file-like? syncthing-config-file)
+ syncthing-config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ syncthing-config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Thu, 06 Feb 2025 22:16:02 GMT) Full text and rfc822 format available.Message #20 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus <eikcaz <at> zacchae.us> To: 75959 <at> debbugs.gnu.org Subject: [PATCH] services: syncthing: Added support for config file serialization. Date: Thu, 06 Feb 2025 17:15:27 -0500
From 7ef311e85b1198c752b2eec57caa0256227e079c Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH] services: syncthing: Added support for config file
serialization.
* gnu/services/syncthing.scm: (syncthing-config-file) (syncthing-folder)
(syncthing-device) (syncthing-folder-device): New records;
(syncthing-service-type): added special-files-service-type extension for the
config file; (syncthing-files-service): service to create config file
* gnu/home/services/syncthing.scm: (home-syncthing-service-type): extended
home-files-services-type and re-exported more things from
gnu/services/syncthing.scm
* doc/guix.texi: (syncthing-service-type): document additions
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
Fixed a bug caused by running system service (home service was fine).
Also changed syncthing-config-file field of syncthing-configuration to
config-file (syncthing-config-file record name unchanged). Hence,
setting the config file looks something like:
(syncthing-configuration (config-file (syncthing-config-file ...)))
This matches the pattern observed in other services like:
(connman-configuration (general-configuration (connman-general-configuration ...)))
doc/guix.texi | 288 ++++++++++++++++++++
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 466 +++++++++++++++++++++++++++++++-
3 files changed, 768 insertions(+), 3 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..2a4829a6a6 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22669,9 +22670,296 @@ This assumes that the specified group exists.
Common configuration and data directory. The default configuration
directory is @file{$HOME} of the specified Syncthing @code{user}.
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a syncthing configuration xml
+file, or a syncthing-config-file record (see below). If set to #f, Guix
+will not try to generate a config file, and the syncthing will generate
+a default one which will not be touched on reconfigure.
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will ``ping'' others, are presented. Otherwise, you should
+consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
+config documentation}. Camelcase is preserved below only as to be
+consistent with its appearance in Syncthing code/documentation. If you
+would like to migrate to Guix-powered Syncthing configuration, the
+generated config adds newlines/whitespace to the produced config such
+that your old config can be diff'ed with the new one. You can still
+modify Syncthing from the GUI or through ``introducer'' and
+``autoAcceptFolders'' mechanisms, but such changes will be reset on
+reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (same id) are discovered,
+the one in this list is prioritized. Otherwise, the first instance in
+the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-sendBasicAuthPrompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+@item @code{gui-apikey} (default: @var{"Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"})
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bindDN} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecureSkipVerify} (default: @var{""})
+@item @code{ldap-searchBaseDN} (default: @var{""})
+@item @code{ldap-searchFilter} (default: @var{""})
+@item @code{listenAddress} (default: @var{"default"})
+@item @code{globalAnnounceServer} (default: @var{"default"})
+@item @code{globalAnnounceEnabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{localAnnounceEnabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{localAnnouncePort} (default: @var{"21027"})
+@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{reconnectionIntervalS} (default: @var{"60"})
+@item @code{relaysEnabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relayReconnectIntervalM} (default: @var{"10"})
+@item @code{startBrowser} (default: @var{"true"})
+@item @code{natEnabled} (default: @var{"true"})
+@item @code{natLeaseMinutes} (default: @var{"60"})
+@item @code{natRenewalMinutes} (default: @var{"30"})
+@item @code{natTimeoutSeconds} (default: @var{"10"})
+@item @code{urAccepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{urSeen} (default: @var{"0"})
+@item @code{urUniqueID} (default: @var{""})
+@item @code{urURL} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{urPostInsecurely} (default: @var{"false"})
+@item @code{urInitialDelayS} (default: @var{"1800"})
+@item @code{autoUpgradeIntervalH} (default: @var{"12"})
+@item @code{upgradeToPreReleases} (default: @var{"false"})
+@item @code{keepTemporariesH} (default: @var{"24"})
+@item @code{cacheIgnoredFiles} (default: @var{"false"})
+@item @code{progressUpdateIntervalS} (default: @var{"5"})
+@item @code{limitBandwidthInLan} (default: @var{"false"})
+@item @code{minHomeDiskFree-unit} (default: @var{"%"})
+@item @code{minHomeDiskFree} (default: @var{"1"})
+@item @code{releasesURL} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwriteRemoteDeviceNamesOnConnect} (default: @var{"false"})
+@item @code{tempIndexMinBlocks} (default: @var{"10"})
+@item @code{unackedNotificationID} (default: @var{"authenticationUserAndPassword"})
+@item @code{trafficClass} (default: @var{"0"})
+@item @code{setLowPriority} (default: @var{"true"})
+@item @code{maxFolderConcurrency} (default: @var{"0"})
+@item @code{crashReportingURL} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crashReportingEnabled} (default: @var{"true"})
+@item @code{stunKeepaliveStartS} (default: @var{"180"})
+@item @code{stunKeepaliveMinS} (default: @var{"20"})
+@item @code{stunServer} (default: @var{"default"})
+@item @code{databaseTuning} (default: @var{"auto"})
+@item @code{maxConcurrentIncomingRequestKiB} (default: @var{"0"})
+@item @code{announceLANAddresses} (default: @var{"true"})
+@item @code{sendFullIndexOnUpgrade} (default: @var{"false"})
+@item @code{connectionLimitEnough} (default: @var{"0"})
+@item @code{connectionLimitMax} (default: @var{"0"})
+@item @code{insecureAllowOldTLSVersions} (default: @var{"false"})
+@item @code{connectionPriorityTcpLan} (default: @var{"10"})
+@item @code{connectionPriorityQuicLan} (default: @var{"20"})
+@item @code{connectionPriorityTcpWan} (default: @var{"30"})
+@item @code{connectionPriorityQuicWan} (default: @var{"40"})
+@item @code{connectionPriorityRelay} (default: @var{"50"})
+@item @code{connectionPriorityUpgradeThreshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, by an ``introducer'', or a device with
+``autoAcceptFolders''.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inspecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skipIntroductionRemovals} (default: @var{"false"})
+@item @code{introducedBy} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{autoAcceptFolders} (default: @var{"false"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{maxRequestKiB} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remoteGUIPort} (default: @var{"0"})
+@item @code{numConnections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescanIntervalS} (default: @var{"3600"})
+@item @code{fsWatcherEnabled} (default: @var{"true"})
+@item @code{fsWatcherDelayS} (default: @var{"10"})
+@item @code{ignorePerms} (default: @var{"false"})
+@item @code{autoNormalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+Devices should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk.
+
+@item @code{filesystemType} (default: @var{"basic"})
+@item @code{minDiskFree-unit} (default: @var{"%"})
+@item @code{minDiskFree} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fsPath} (default: @var{""})
+@item @code{versioning-fsType} (default: @var{"basic"})
+@item @code{versioning-cleanupIntervalS} (default: @var{"3600"})
+@item @code{versioning-cleanoutDays} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-maxAge} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{pullerMaxPendingKiB} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignoreDelete} (default: @var{"false"})
+@item @code{scanProgressIntervalS} (default: @var{"0"})
+@item @code{pullerPauseS} (default: @var{"0"})
+@item @code{maxConflicts} (default: @var{"10"})
+@item @code{disableSparseFiles} (default: @var{"false"})
+@item @code{disableTempIndexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weakHashThresholdPct} (default: @var{"25"})
+@item @code{markerName} (default: @var{".stfolder"})
+@item @code{copyOwnershipFromParent} (default: @var{"false"})
+@item @code{modTimeWindowS} (default: @var{"0"})
+@item @code{maxConcurrentWrites} (default: @var{"2"})
+@item @code{disableFsync} (default: @var{"false"})
+@item @code{blockPullOrder} (default: @var{"standard"})
+@item @code{copyRangeMethod} (default: @var{"standard"})
+@item @code{caseSensitiveFS} (default: @var{"false"})
+@item @code{junctionsAsDirs} (default: @var{"false"})
+@item @code{syncOwnership} (default: @var{"false"})
+@item @code{sendOwnership} (default: @var{"false"})
+@item @code{syncXattrs} (default: @var{"false"})
+@item @code{sendXattrs} (default: @var{"false"})
+@item @code{xattrFilter-maxSingleEntrySize} (default: @var{"1024"})
+@item @code{xattrFilter-maxTotalSize} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There is some configuration which is specific to the relationship
+between a specific folder and a specific device. If you are fine
+leaving these as their default, then you can simply specify a
+syncthing-device instead of a @code{syncthing-folder-device} in
+@code{syncthing-folder}s.
+
+@table @asis
+@item @code{device}
+device should be a @code{syncthing-device} for which this configuration
+applies.
+
+@item @code{introducedBy} (default: @var{""})
+@item @code{encryptionPassword} (default: @var{""})
+if encryptionPassword is non-empty, then it will be used as a password
+to encrypt file chunks as they are synced to that device. For more info
+on syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
+Note that file transfers are always end-to-end encrypted, regardless of
+this setting.
+
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("mydomain.example"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryptionPassword "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..31e3dbe75f 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,438 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skipIntroductionRemovals syncthing-device-skipIntroductionRemovals (default "false"))
+ (introducedBy syncthing-device-introducedBy (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (autoAcceptFolders syncthing-device-autoAcceptFolders (default "false"))
+ (maxSendKbps syncthing-device-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-device-maxRecvKbps (default "0"))
+ (maxRequestKiB syncthing-device-maxRequestKiB (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remoteGUIPort syncthing-device-remoteGUIPort (default "0"))
+ (numConnections syncthing-device-numConnections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skipIntroductionRemovals introducedBy addresses paused autoAcceptFolders maxSendKbps maxRecvKbps maxRequestKiB untrusted remoteGUIPort numConnections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skipIntroductionRemovals)
+ (introducedBy ,introducedBy))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,autoAcceptFolders)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (maxRequestKiB ,maxRequestKiB)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remoteGUIPort)
+ (numConnections ,numConnections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introducedBy syncthing-folder-device-introducedBy (default (syncthing-device (id ""))))
+ (encryptionPassword syncthing-folder-device-encryptionPassword (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introducedBy encryptionPassword)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introducedBy)))
+ (encryptionPassword ,encryptionPassword))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescanIntervalS syncthing-folder-rescanIntervalS (default "3600"))
+ (fsWatcherEnabled syncthing-folder-fsWatcherEnabled (default "true"))
+ (fsWatcherDelayS syncthing-folder-fsWatcherDelayS (default "10"))
+ (fsWatcherTimeoutS syncthing-folder-fsWatcherTimeoutS (default "0"))
+ (ignorePerms syncthing-folder-ignorePerms (default "false"))
+ (autoNormalize syncthing-folder-autoNormalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystemType syncthing-folder-filesystemType (default "basic"))
+ (minDiskFree-unit syncthing-folder-minDiskFree-unit (default "%"))
+ (minDiskFree syncthing-folder-minDiskFree (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fsPath syncthing-folder-versioning-fsPath (default ""))
+ (versioning-fsType syncthing-folder-versioning-fsType (default "basic"))
+ (versioning-cleanupIntervalS syncthing-folder-versioning-cleanupIntervalS (default "3600"))
+ (versioning-cleanoutDays syncthing-folder-versioning-cleanoutDays (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-maxAge syncthing-folder-versioning-maxAge (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (pullerMaxPendingKiB syncthing-folder-pullerMaxPendingKiB (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignoreDelete syncthing-folder-ignoreDelete (default "false"))
+ (scanProgressIntervalS syncthing-folder-scanProgressIntervalS (default "0"))
+ (pullerPauseS syncthing-folder-pullerPauseS (default "0"))
+ (maxConflicts syncthing-folder-maxConflicts (default "10"))
+ (disableSparseFiles syncthing-folder-disableSparseFiles (default "false"))
+ (disableTempIndexes syncthing-folder-disableTempIndexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weakHashThresholdPct syncthing-folder-weakHashThresholdPct (default "25"))
+ (markerName syncthing-folder-markerName (default ".stfolder"))
+ (copyOwnershipFromParent syncthing-folder-copyOwnershipFromParent (default "false"))
+ (modTimeWindowS syncthing-folder-modTimeWindowS (default "0"))
+ (maxConcurrentWrites syncthing-folder-maxConcurrentWrites (default "2"))
+ (disableFsync syncthing-folder-disableFsync (default "false"))
+ (blockPullOrder syncthing-folder-blockPullOrder (default "standard"))
+ (copyRangeMethod syncthing-folder-copyRangeMethod (default "standard"))
+ (caseSensitiveFS syncthing-folder-caseSensitiveFS (default "false"))
+ (junctionsAsDirs syncthing-folder-junctionsAsDirs (default "false"))
+ (syncOwnership syncthing-folder-syncOwnership (default "false"))
+ (sendOwnership syncthing-folder-sendOwnership (default "false"))
+ (syncXattrs syncthing-folder-syncXattrs (default "false"))
+ (sendXattrs syncthing-folder-sendXattrs (default "false"))
+ (xattrFilter-maxSingleEntrySize syncthing-folder-xattrFilter-maxSingleEntrySize (default "1024"))
+ (xattrFilter-maxTotalSize syncthing-folder-xattrFilter-maxTotalSize (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescanIntervalS fsWatcherEnabled fsWatcherDelayS
+ fsWatcherTimeoutS ignorePerms autoNormalize devices filesystemType
+ minDiskFree-unit minDiskFree versioning-type versioning-fsPath
+ versioning-fsType versioning-cleanupIntervalS versioning-cleanoutDays
+ versioning-keep versioning-maxAge versioning-command copiers
+ pullerMaxPendingKiB hashers order ignoreDelete scanProgressIntervalS
+ pullerPauseS maxConflicts disableSparseFiles disableTempIndexes paused
+ weakHashThresholdPct markerName copyOwnershipFromParent modTimeWindowS
+ maxConcurrentWrites disableFsync blockPullOrder copyRangeMethod
+ caseSensitiveFS junctionsAsDirs syncOwnership sendOwnership syncXattrs
+ sendXattrs xattrFilter-maxSingleEntrySize xattrFilter-maxTotalSize)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescanIntervalS)
+ (fsWatcherEnabled ,fsWatcherEnabled)
+ (fsWatcherDelayS ,fsWatcherDelayS)
+ (fsWatcherTimeoutS ,fsWatcherTimeoutS)
+ (ignorePerms ,ignorePerms)
+ (autoNormalize ,autoNormalize))
+ (filesystemType ,filesystemType)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,minDiskFree-unit))
+ ,minDiskFree)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanoutDays)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-maxAge)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanupIntervalS)
+ (fsPath ,versioning-fsPath)
+ (fsType ,versioning-fsType))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,pullerMaxPendingKiB)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignoreDelete)
+ (scanProgressIntervalS ,scanProgressIntervalS)
+ (pullerPauseS ,pullerPauseS)
+ (maxConflicts ,maxConflicts)
+ (disableSparseFiles ,disableSparseFiles)
+ (disableTempIndexes ,disableTempIndexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weakHashThresholdPct)
+ (markerName ,markerName)
+ (copyOwnershipFromParent ,copyOwnershipFromParent)
+ (modTimeWindowS ,modTimeWindowS)
+ (maxConcurrentWrites ,maxConcurrentWrites)
+ (disableFsync ,disableFsync)
+ (blockPullOrder ,blockPullOrder)
+ (copyRangeMethod ,copyRangeMethod)
+ (caseSensitiveFS ,caseSensitiveFS)
+ (junctionsAsDirs ,junctionsAsDirs)
+ (syncOwnership ,syncOwnership)
+ (sendOwnership ,sendOwnership)
+ (syncXattrs ,syncXattrs)
+ (sendXattrs ,sendXattrs)
+ (xattrFilter (maxSingleEntrySize ,xattrFilter-maxSingleEntrySize)
+ (maxTotalSize ,xattrFilter-maxTotalSize)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-sendBasicAuthPrompt syncthing-config-gui-sendBasicAuthPrompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bindDN syncthing-config-ldap-bindDN (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecureSkipVerify syncthing-config-ldap-insecureSkipVerify (default ""))
+ (ldap-searchBaseDN syncthing-config-ldap-searchBaseDN (default ""))
+ (ldap-searchFilter syncthing-config-ldap-searchFilter (default ""))
+ (listenAddress syncthing-config-listenAddress (default "default"))
+ (globalAnnounceServer syncthing-config-globalAnnounceServer (default "default"))
+ (globalAnnounceEnabled syncthing-config-globalAnnounceEnabled (default "true"))
+ (localAnnounceEnabled syncthing-config-localAnnounceEnabled (default "true"))
+ (localAnnouncePort syncthing-config-localAnnouncePort (default "21027"))
+ (localAnnounceMCAddr syncthing-config-localAnnounceMCAddr (default "[ff12::8384]:21027"))
+ (maxSendKbps syncthing-config-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-config-maxRecvKbps (default "0"))
+ (reconnectionIntervalS syncthing-config-reconnectionIntervalS (default "60"))
+ (relaysEnabled syncthing-config-relaysEnabled (default "true"))
+ (relayReconnectIntervalM syncthing-config-relayReconnectIntervalM (default "10"))
+ (startBrowser syncthing-config-startBrowser (default "true"))
+ (natEnabled syncthing-config-natEnabled (default "true"))
+ (natLeaseMinutes syncthing-config-natLeaseMinutes (default "60"))
+ (natRenewalMinutes syncthing-config-natRenewalMinutes (default "30"))
+ (natTimeoutSeconds syncthing-config-natTimeoutSeconds (default "10"))
+ (urAccepted syncthing-config-urAccepted (default "0"))
+ (urSeen syncthing-config-urSeen (default "0"))
+ (urUniqueID syncthing-config-urUniqueID (default ""))
+ (urURL syncthing-config-urURL (default "https://data.syncthing.net/newdata"))
+ (urPostInsecurely syncthing-config-urPostInsecurely (default "false"))
+ (urInitialDelayS syncthing-config-urInitialDelayS (default "1800"))
+ (autoUpgradeIntervalH syncthing-config-autoUpgradeIntervalH (default "12"))
+ (upgradeToPreReleases syncthing-config-upgradeToPreReleases (default "false"))
+ (keepTemporariesH syncthing-config-keepTemporariesH (default "24"))
+ (cacheIgnoredFiles syncthing-config-cacheIgnoredFiles (default "false"))
+ (progressUpdateIntervalS syncthing-config-progressUpdateIntervalS (default "5"))
+ (limitBandwidthInLan syncthing-config-limitBandwidthInLan (default "false"))
+ (minHomeDiskFree-unit syncthing-config-minHomeDiskFree-unit (default "%"))
+ (minHomeDiskFree syncthing-config-minHomeDiskFree (default "1"))
+ (releasesURL syncthing-config-releasesURL (default "https://upgrades.syncthing.net/meta.json"))
+ (overwriteRemoteDeviceNamesOnConnect syncthing-config-overwriteRemoteDeviceNamesOnConnect (default "false"))
+ (tempIndexMinBlocks syncthing-config-tempIndexMinBlocks (default "10"))
+ (unackedNotificationID syncthing-config-unackedNotificationID (default "authenticationUserAndPassword"))
+ (trafficClass syncthing-config-trafficClass (default "0"))
+ (setLowPriority syncthing-config-setLowPriority (default "true"))
+ (maxFolderConcurrency syncthing-config-maxFolderConcurrency (default "0"))
+ (crashReportingURL syncthing-config-crashReportingURL (default "https://crash.syncthing.net/newcrash"))
+ (crashReportingEnabled syncthing-config-crashReportingEnabled (default "true"))
+ (stunKeepaliveStartS syncthing-config-stunKeepaliveStartS (default "180"))
+ (stunKeepaliveMinS syncthing-config-stunKeepaliveMinS (default "20"))
+ (stunServer syncthing-config-stunServer (default "default"))
+ (databaseTuning syncthing-config-databaseTuning (default "auto"))
+ (maxConcurrentIncomingRequestKiB syncthing-config-maxConcurrentIncomingRequestKiB (default "0"))
+ (announceLANAddresses syncthing-config-announceLANAddresses (default "true"))
+ (sendFullIndexOnUpgrade syncthing-config-sendFullIndexOnUpgrade (default "false"))
+ (connectionLimitEnough syncthing-config-connectionLimitEnough (default "0"))
+ (connectionLimitMax syncthing-config-connectionLimitMax (default "0"))
+ (insecureAllowOldTLSVersions syncthing-config-insecureAllowOldTLSVersions (default "false"))
+ (connectionPriorityTcpLan syncthing-config-connectionPriorityTcpLan (default "10"))
+ (connectionPriorityQuicLan syncthing-config-connectionPriorityQuicLan (default "20"))
+ (connectionPriorityTcpWan syncthing-config-connectionPriorityTcpWan (default "30"))
+ (connectionPriorityQuicWan syncthing-config-connectionPriorityQuicWan (default "40"))
+ (connectionPriorityRelay syncthing-config-connectionPriorityRelay (default "50"))
+ (connectionPriorityUpgradeThreshold syncthing-config-connectionPriorityUpgradeThreshold (default "0"))
+ (default-folder syncthing-config-defaultFolder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-defaultDevice
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-defaultIgnores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-sendBasicAuthPrompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bindDN ldap-transport ldap-insecureSkipVerify
+ ldap-searchBaseDN ldap-searchFilter listenAddress globalAnnounceServer
+ globalAnnounceEnabled localAnnounceEnabled localAnnouncePort
+ localAnnounceMCAddr maxSendKbps maxRecvKbps reconnectionIntervalS
+ relaysEnabled relayReconnectIntervalM startBrowser natEnabled
+ natLeaseMinutes natRenewalMinutes natTimeoutSeconds urAccepted
+ urSeen urUniqueID urURL urPostInsecurely urInitialDelayS
+ autoUpgradeIntervalH upgradeToPreReleases keepTemporariesH
+ cacheIgnoredFiles progressUpdateIntervalS limitBandwidthInLan
+ minHomeDiskFree-unit minHomeDiskFree releasesURL
+ overwriteRemoteDeviceNamesOnConnect tempIndexMinBlocks
+ unackedNotificationID trafficClass setLowPriority maxFolderConcurrency
+ crashReportingURL crashReportingEnabled stunKeepaliveStartS
+ stunKeepaliveMinS stunServer databaseTuning
+ maxConcurrentIncomingRequestKiB announceLANAddresses
+ sendFullIndexOnUpgrade connectionLimitEnough connectionLimitMax
+ insecureAllowOldTLSVersions connectionPriorityTcpLan
+ connectionPriorityQuicLan connectionPriorityTcpWan
+ connectionPriorityQuicWan connectionPriorityRelay
+ connectionPriorityUpgradeThreshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-sendBasicAuthPrompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ (apikey ,gui-apikey)
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bindDN)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecureSkipVerify
+ `((insecureSkipVerify ,ldap-insecureSkipVerify))
+ '())
+ ,@(if ldap-searchBaseDN
+ `((searchBaseDN ,ldap-searchBaseDN))
+ '())
+ ,@(if ldap-searchFilter
+ `((searchFilter ,ldap-searchFilter))
+ '()))
+ ""))
+ (options (listenAddress ,listenAddress)
+ (globalAnnounceServer ,globalAnnounceServer)
+ (globalAnnounceEnabled ,globalAnnounceEnabled)
+ (localAnnounceEnabled ,localAnnounceEnabled)
+ (localAnnouncePort ,localAnnouncePort)
+ (localAnnounceMCAddr ,localAnnounceMCAddr)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (reconnectionIntervalS ,reconnectionIntervalS)
+ (relaysEnabled ,relaysEnabled)
+ (relayReconnectIntervalM ,relayReconnectIntervalM)
+ (startBrowser ,startBrowser)
+ (natEnabled ,natEnabled)
+ (natLeaseMinutes ,natLeaseMinutes)
+ (natRenewalMinutes ,natRenewalMinutes)
+ (natTimeoutSeconds ,natTimeoutSeconds)
+ (urAccepted ,urAccepted)
+ (urSeen ,urSeen)
+ (urUniqueID ,urUniqueID)
+ (urURL ,urURL)
+ (urPostInsecurely ,urPostInsecurely)
+ (urInitialDelayS ,urInitialDelayS)
+ (autoUpgradeIntervalH ,autoUpgradeIntervalH)
+ (upgradeToPreReleases ,upgradeToPreReleases)
+ (keepTemporariesH ,keepTemporariesH)
+ (cacheIgnoredFiles ,cacheIgnoredFiles)
+ (progressUpdateIntervalS ,progressUpdateIntervalS)
+ (limitBandwidthInLan ,limitBandwidthInLan)
+ (minHomeDiskFree (@ (unit ,minHomeDiskFree-unit))
+ ,minHomeDiskFree)
+ (releasesURL ,releasesURL)
+ (overwriteRemoteDeviceNamesOnConnect ,overwriteRemoteDeviceNamesOnConnect)
+ (tempIndexMinBlocks ,tempIndexMinBlocks)
+ (unackedNotificationID ,unackedNotificationID)
+ (trafficClass ,trafficClass)
+ (setLowPriority ,setLowPriority)
+ (maxFolderConcurrency ,maxFolderConcurrency)
+ (crashReportingURL ,crashReportingURL)
+ (crashReportingEnabled ,crashReportingEnabled)
+ (stunKeepaliveStartS ,stunKeepaliveStartS)
+ (stunKeepaliveMinS ,stunKeepaliveMinS)
+ (stunServer ,stunServer)
+ (databaseTuning ,databaseTuning)
+ (maxConcurrentIncomingRequestKiB ,maxConcurrentIncomingRequestKiB)
+ (announceLANAddresses ,announceLANAddresses)
+ (sendFullIndexOnUpgrade ,sendFullIndexOnUpgrade)
+ (connectionLimitEnough ,connectionLimitEnough)
+ (connectionLimitMax ,connectionLimitMax)
+ (insecureAllowOldTLSVersions ,insecureAllowOldTLSVersions)
+ (connectionPriorityTcpLan ,connectionPriorityTcpLan)
+ (connectionPriorityQuicLan ,connectionPriorityQuicLan)
+ (connectionPriorityTcpWan ,connectionPriorityTcpWan)
+ (connectionPriorityQuicWan ,connectionPriorityQuicWan)
+ (connectionPriorityRelay ,connectionPriorityRelay)
+ (connectionPriorityUpgradeThreshold ,connectionPriorityUpgradeThreshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+;; It is useful to be able to view the xml output by Guix, and to be able to
+;; diff it with a user's previous config, especially when migrating one's
+;; config to Guix. This function adds whitespace that matches the whitespace
+;; of config files managed by Syncthing for easy diffing.
+(define (indent-sxml sxml indent-increment current-indent)
+ (match sxml
+ (((tag ('@ properties ...) (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag ('@ properties ...) primitive ...) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag primitive ...) sibling-tags ...)
+ `(,current-indent (,tag ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (() '())))
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (indent-sxml (list (syncthing-config-file->sxml config))
+ " "
+ ""))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,6 +494,8 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
@@ -93,10 +539,26 @@ (define syncthing-shepherd-service
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append (or home (passwd:dir (getpw user)))
+ "/.config/syncthing/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 07 Feb 2025 00:22:02 GMT) Full text and rfc822 format available.Message #23 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Zacchaeus <eikcaz <at> zacchae.us> Cc: 75959 <at> debbugs.gnu.org Subject: Re: [bug#75959] [PATCH] services: syncthing: Added support for config file serialization. Date: Thu, 6 Feb 2025 19:21:34 -0500
[Message part 1 (text/plain, inline)]
On Thu, Feb 06, 2025 at 05:15:27PM -0500, Zacchaeus wrote: > From 7ef311e85b1198c752b2eec57caa0256227e079c Mon Sep 17 00:00:00 2001 > From: Zacchaeus <eikcaz <at> zacchae.us> > Date: Sun, 21 Jul 2024 00:54:25 -0700 > Subject: [PATCH] services: syncthing: Added support for config file > serialization. Thanks for the updated patch! By the way, when you generate the patches, please use the Git option --reroll-count, so that we can keep track of the revisions. I applied it to the current master branch, and created a VM image based on the lightweight-desktop template in our repo (attached). Then, I copied the image out of the store, made it writable, and booted it with QEMU. ------ $ ./pre-inst-env guix system image --image-type=qcow2 --no-grafts doc/os-config-lightweight-desktop.texi-syncthing --fallback --max-jobs=1 --cores=12 --keep-going --image-size=10G -v3 /gnu/store/86zz6i1x55irgg1r74riil8avgl8hlp9-image.qcow2 $ cp /gnu/store/86zz6i1x55irgg1r74riil8avgl8hlp9-image.qcow2 ~/tmp/guix.qcow2 && chmod 600 ~/tmp/guix.qcow2 $ qemu-system-x86_64 -nic user,model=virtio-net-pci -enable-kvm -m 1024 /home/leo/tmp/guix.qcow2 ------ However, when I have included an instance of syncthing-service-type in the OS declaration, my user's home directory is owned by root, and I'm unable to log in as my user. When I remove syncthing-service-type, that problem does not exist. Any ideas?
[os-config-lightweight-desktop.texi-syncthing (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 07 Feb 2025 04:40:02 GMT) Full text and rfc822 format available.Message #26 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus <eikcaz <at> zacchae.us> To: 75959 <at> debbugs.gnu.org Subject: [PATCH v5] services: syncthing: Added support for config file serialization. Date: Thu, 06 Feb 2025 23:39:48 -0500
From ad2bb352f8ff2cd93a2a1694faf353e02854ef2b Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH v5] services: syncthing: Added support for config file
serialization.
* gnu/services/syncthing.scm: (syncthing-config-file) (syncthing-folder)
(syncthing-device) (syncthing-folder-device): New records;
(syncthing-service-type): added special-files-service-type extension for the
config file; (syncthing-files-service): service to create config file
* gnu/home/services/syncthing.scm: (home-syncthing-service-type): extended
home-files-services-type and re-exported more things from
gnu/services/syncthing.scm
* doc/guix.texi: (syncthing-service-type): document additions
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
The previous patch had an issue with fresh system installs: the
Syncthing service would populate ~/.config/syncthing/config.xml too
early, so ~ would be owned by root, and ~ would be non-empty so
skeletons would never be copied in. I addressed this by moving
syncthing's config home to /var/lib/syncthing-<user>. I only do this if
it is a system service AND you are specifying a config-file. This is
important for backwards compatibility. We wouldn't want people's
syncthing to suddenly start looking in /var/lib/ for their gui-managed
config after a system upgrade.
doc/guix.texi | 290 +++++++++++++++++
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 533 ++++++++++++++++++++++++++++++--
3 files changed, 810 insertions(+), 30 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..1fdc772a1d 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22669,9 +22670,298 @@ This assumes that the specified group exists.
Common configuration and data directory. The default configuration
directory is @file{$HOME} of the specified Syncthing @code{user}.
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a syncthing configuration xml
+file, or a syncthing-config-file record (see below). If set to #f, Guix
+will not try to generate a config file, and the syncthing will generate
+a default one which will not be touched on reconfigure. Specifying this
+in a system service moves Syncthing's common configuration and data
+directory to @file{/var/lib/syncthnig-<user>}.
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will ``ping'' others, are presented. Otherwise, you should
+consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
+config documentation}. Camelcase is preserved below only as to be
+consistent with its appearance in Syncthing code/documentation. If you
+would like to migrate to Guix-powered Syncthing configuration, the
+generated config adds newlines/whitespace to the produced config such
+that your old config can be diff'ed with the new one. You can still
+modify Syncthing from the GUI or through ``introducer'' and
+``autoAcceptFolders'' mechanisms, but such changes will be reset on
+reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (same id) are discovered,
+the one in this list is prioritized. Otherwise, the first instance in
+the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-sendBasicAuthPrompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+@item @code{gui-apikey} (default: @var{"Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"})
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bindDN} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecureSkipVerify} (default: @var{""})
+@item @code{ldap-searchBaseDN} (default: @var{""})
+@item @code{ldap-searchFilter} (default: @var{""})
+@item @code{listenAddress} (default: @var{"default"})
+@item @code{globalAnnounceServer} (default: @var{"default"})
+@item @code{globalAnnounceEnabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{localAnnounceEnabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{localAnnouncePort} (default: @var{"21027"})
+@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{reconnectionIntervalS} (default: @var{"60"})
+@item @code{relaysEnabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relayReconnectIntervalM} (default: @var{"10"})
+@item @code{startBrowser} (default: @var{"true"})
+@item @code{natEnabled} (default: @var{"true"})
+@item @code{natLeaseMinutes} (default: @var{"60"})
+@item @code{natRenewalMinutes} (default: @var{"30"})
+@item @code{natTimeoutSeconds} (default: @var{"10"})
+@item @code{urAccepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{urSeen} (default: @var{"0"})
+@item @code{urUniqueID} (default: @var{""})
+@item @code{urURL} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{urPostInsecurely} (default: @var{"false"})
+@item @code{urInitialDelayS} (default: @var{"1800"})
+@item @code{autoUpgradeIntervalH} (default: @var{"12"})
+@item @code{upgradeToPreReleases} (default: @var{"false"})
+@item @code{keepTemporariesH} (default: @var{"24"})
+@item @code{cacheIgnoredFiles} (default: @var{"false"})
+@item @code{progressUpdateIntervalS} (default: @var{"5"})
+@item @code{limitBandwidthInLan} (default: @var{"false"})
+@item @code{minHomeDiskFree-unit} (default: @var{"%"})
+@item @code{minHomeDiskFree} (default: @var{"1"})
+@item @code{releasesURL} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwriteRemoteDeviceNamesOnConnect} (default: @var{"false"})
+@item @code{tempIndexMinBlocks} (default: @var{"10"})
+@item @code{unackedNotificationID} (default: @var{"authenticationUserAndPassword"})
+@item @code{trafficClass} (default: @var{"0"})
+@item @code{setLowPriority} (default: @var{"true"})
+@item @code{maxFolderConcurrency} (default: @var{"0"})
+@item @code{crashReportingURL} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crashReportingEnabled} (default: @var{"true"})
+@item @code{stunKeepaliveStartS} (default: @var{"180"})
+@item @code{stunKeepaliveMinS} (default: @var{"20"})
+@item @code{stunServer} (default: @var{"default"})
+@item @code{databaseTuning} (default: @var{"auto"})
+@item @code{maxConcurrentIncomingRequestKiB} (default: @var{"0"})
+@item @code{announceLANAddresses} (default: @var{"true"})
+@item @code{sendFullIndexOnUpgrade} (default: @var{"false"})
+@item @code{connectionLimitEnough} (default: @var{"0"})
+@item @code{connectionLimitMax} (default: @var{"0"})
+@item @code{insecureAllowOldTLSVersions} (default: @var{"false"})
+@item @code{connectionPriorityTcpLan} (default: @var{"10"})
+@item @code{connectionPriorityQuicLan} (default: @var{"20"})
+@item @code{connectionPriorityTcpWan} (default: @var{"30"})
+@item @code{connectionPriorityQuicWan} (default: @var{"40"})
+@item @code{connectionPriorityRelay} (default: @var{"50"})
+@item @code{connectionPriorityUpgradeThreshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, by an ``introducer'', or a device with
+``autoAcceptFolders''.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inspecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skipIntroductionRemovals} (default: @var{"false"})
+@item @code{introducedBy} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{autoAcceptFolders} (default: @var{"false"})
+@item @code{maxSendKbps} (default: @var{"0"})
+@item @code{maxRecvKbps} (default: @var{"0"})
+@item @code{maxRequestKiB} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remoteGUIPort} (default: @var{"0"})
+@item @code{numConnections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescanIntervalS} (default: @var{"3600"})
+@item @code{fsWatcherEnabled} (default: @var{"true"})
+@item @code{fsWatcherDelayS} (default: @var{"10"})
+@item @code{ignorePerms} (default: @var{"false"})
+@item @code{autoNormalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+Devices should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk.
+
+@item @code{filesystemType} (default: @var{"basic"})
+@item @code{minDiskFree-unit} (default: @var{"%"})
+@item @code{minDiskFree} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fsPath} (default: @var{""})
+@item @code{versioning-fsType} (default: @var{"basic"})
+@item @code{versioning-cleanupIntervalS} (default: @var{"3600"})
+@item @code{versioning-cleanoutDays} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-maxAge} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{pullerMaxPendingKiB} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignoreDelete} (default: @var{"false"})
+@item @code{scanProgressIntervalS} (default: @var{"0"})
+@item @code{pullerPauseS} (default: @var{"0"})
+@item @code{maxConflicts} (default: @var{"10"})
+@item @code{disableSparseFiles} (default: @var{"false"})
+@item @code{disableTempIndexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weakHashThresholdPct} (default: @var{"25"})
+@item @code{markerName} (default: @var{".stfolder"})
+@item @code{copyOwnershipFromParent} (default: @var{"false"})
+@item @code{modTimeWindowS} (default: @var{"0"})
+@item @code{maxConcurrentWrites} (default: @var{"2"})
+@item @code{disableFsync} (default: @var{"false"})
+@item @code{blockPullOrder} (default: @var{"standard"})
+@item @code{copyRangeMethod} (default: @var{"standard"})
+@item @code{caseSensitiveFS} (default: @var{"false"})
+@item @code{junctionsAsDirs} (default: @var{"false"})
+@item @code{syncOwnership} (default: @var{"false"})
+@item @code{sendOwnership} (default: @var{"false"})
+@item @code{syncXattrs} (default: @var{"false"})
+@item @code{sendXattrs} (default: @var{"false"})
+@item @code{xattrFilter-maxSingleEntrySize} (default: @var{"1024"})
+@item @code{xattrFilter-maxTotalSize} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There is some configuration which is specific to the relationship
+between a specific folder and a specific device. If you are fine
+leaving these as their default, then you can simply specify a
+syncthing-device instead of a @code{syncthing-folder-device} in
+@code{syncthing-folder}s.
+
+@table @asis
+@item @code{device}
+device should be a @code{syncthing-device} for which this configuration
+applies.
+
+@item @code{introducedBy} (default: @var{""})
+@item @code{encryptionPassword} (default: @var{""})
+if encryptionPassword is non-empty, then it will be used as a password
+to encrypt file chunks as they are synced to that device. For more info
+on syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
+Note that file transfers are always end-to-end encrypted, regardless of
+this setting.
+
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("mydomain.example"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryptionPassword "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..5b9567b716 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,438 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skipIntroductionRemovals syncthing-device-skipIntroductionRemovals (default "false"))
+ (introducedBy syncthing-device-introducedBy (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (autoAcceptFolders syncthing-device-autoAcceptFolders (default "false"))
+ (maxSendKbps syncthing-device-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-device-maxRecvKbps (default "0"))
+ (maxRequestKiB syncthing-device-maxRequestKiB (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remoteGUIPort syncthing-device-remoteGUIPort (default "0"))
+ (numConnections syncthing-device-numConnections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skipIntroductionRemovals introducedBy addresses paused autoAcceptFolders maxSendKbps maxRecvKbps maxRequestKiB untrusted remoteGUIPort numConnections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skipIntroductionRemovals)
+ (introducedBy ,introducedBy))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,autoAcceptFolders)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (maxRequestKiB ,maxRequestKiB)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remoteGUIPort)
+ (numConnections ,numConnections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introducedBy syncthing-folder-device-introducedBy (default (syncthing-device (id ""))))
+ (encryptionPassword syncthing-folder-device-encryptionPassword (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introducedBy encryptionPassword)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introducedBy)))
+ (encryptionPassword ,encryptionPassword))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescanIntervalS syncthing-folder-rescanIntervalS (default "3600"))
+ (fsWatcherEnabled syncthing-folder-fsWatcherEnabled (default "true"))
+ (fsWatcherDelayS syncthing-folder-fsWatcherDelayS (default "10"))
+ (fsWatcherTimeoutS syncthing-folder-fsWatcherTimeoutS (default "0"))
+ (ignorePerms syncthing-folder-ignorePerms (default "false"))
+ (autoNormalize syncthing-folder-autoNormalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystemType syncthing-folder-filesystemType (default "basic"))
+ (minDiskFree-unit syncthing-folder-minDiskFree-unit (default "%"))
+ (minDiskFree syncthing-folder-minDiskFree (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fsPath syncthing-folder-versioning-fsPath (default ""))
+ (versioning-fsType syncthing-folder-versioning-fsType (default "basic"))
+ (versioning-cleanupIntervalS syncthing-folder-versioning-cleanupIntervalS (default "3600"))
+ (versioning-cleanoutDays syncthing-folder-versioning-cleanoutDays (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-maxAge syncthing-folder-versioning-maxAge (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (pullerMaxPendingKiB syncthing-folder-pullerMaxPendingKiB (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignoreDelete syncthing-folder-ignoreDelete (default "false"))
+ (scanProgressIntervalS syncthing-folder-scanProgressIntervalS (default "0"))
+ (pullerPauseS syncthing-folder-pullerPauseS (default "0"))
+ (maxConflicts syncthing-folder-maxConflicts (default "10"))
+ (disableSparseFiles syncthing-folder-disableSparseFiles (default "false"))
+ (disableTempIndexes syncthing-folder-disableTempIndexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weakHashThresholdPct syncthing-folder-weakHashThresholdPct (default "25"))
+ (markerName syncthing-folder-markerName (default ".stfolder"))
+ (copyOwnershipFromParent syncthing-folder-copyOwnershipFromParent (default "false"))
+ (modTimeWindowS syncthing-folder-modTimeWindowS (default "0"))
+ (maxConcurrentWrites syncthing-folder-maxConcurrentWrites (default "2"))
+ (disableFsync syncthing-folder-disableFsync (default "false"))
+ (blockPullOrder syncthing-folder-blockPullOrder (default "standard"))
+ (copyRangeMethod syncthing-folder-copyRangeMethod (default "standard"))
+ (caseSensitiveFS syncthing-folder-caseSensitiveFS (default "false"))
+ (junctionsAsDirs syncthing-folder-junctionsAsDirs (default "false"))
+ (syncOwnership syncthing-folder-syncOwnership (default "false"))
+ (sendOwnership syncthing-folder-sendOwnership (default "false"))
+ (syncXattrs syncthing-folder-syncXattrs (default "false"))
+ (sendXattrs syncthing-folder-sendXattrs (default "false"))
+ (xattrFilter-maxSingleEntrySize syncthing-folder-xattrFilter-maxSingleEntrySize (default "1024"))
+ (xattrFilter-maxTotalSize syncthing-folder-xattrFilter-maxTotalSize (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescanIntervalS fsWatcherEnabled fsWatcherDelayS
+ fsWatcherTimeoutS ignorePerms autoNormalize devices filesystemType
+ minDiskFree-unit minDiskFree versioning-type versioning-fsPath
+ versioning-fsType versioning-cleanupIntervalS versioning-cleanoutDays
+ versioning-keep versioning-maxAge versioning-command copiers
+ pullerMaxPendingKiB hashers order ignoreDelete scanProgressIntervalS
+ pullerPauseS maxConflicts disableSparseFiles disableTempIndexes paused
+ weakHashThresholdPct markerName copyOwnershipFromParent modTimeWindowS
+ maxConcurrentWrites disableFsync blockPullOrder copyRangeMethod
+ caseSensitiveFS junctionsAsDirs syncOwnership sendOwnership syncXattrs
+ sendXattrs xattrFilter-maxSingleEntrySize xattrFilter-maxTotalSize)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescanIntervalS)
+ (fsWatcherEnabled ,fsWatcherEnabled)
+ (fsWatcherDelayS ,fsWatcherDelayS)
+ (fsWatcherTimeoutS ,fsWatcherTimeoutS)
+ (ignorePerms ,ignorePerms)
+ (autoNormalize ,autoNormalize))
+ (filesystemType ,filesystemType)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,minDiskFree-unit))
+ ,minDiskFree)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanoutDays)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-maxAge)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanupIntervalS)
+ (fsPath ,versioning-fsPath)
+ (fsType ,versioning-fsType))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,pullerMaxPendingKiB)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignoreDelete)
+ (scanProgressIntervalS ,scanProgressIntervalS)
+ (pullerPauseS ,pullerPauseS)
+ (maxConflicts ,maxConflicts)
+ (disableSparseFiles ,disableSparseFiles)
+ (disableTempIndexes ,disableTempIndexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weakHashThresholdPct)
+ (markerName ,markerName)
+ (copyOwnershipFromParent ,copyOwnershipFromParent)
+ (modTimeWindowS ,modTimeWindowS)
+ (maxConcurrentWrites ,maxConcurrentWrites)
+ (disableFsync ,disableFsync)
+ (blockPullOrder ,blockPullOrder)
+ (copyRangeMethod ,copyRangeMethod)
+ (caseSensitiveFS ,caseSensitiveFS)
+ (junctionsAsDirs ,junctionsAsDirs)
+ (syncOwnership ,syncOwnership)
+ (sendOwnership ,sendOwnership)
+ (syncXattrs ,syncXattrs)
+ (sendXattrs ,sendXattrs)
+ (xattrFilter (maxSingleEntrySize ,xattrFilter-maxSingleEntrySize)
+ (maxTotalSize ,xattrFilter-maxTotalSize)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-sendBasicAuthPrompt syncthing-config-gui-sendBasicAuthPrompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bindDN syncthing-config-ldap-bindDN (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecureSkipVerify syncthing-config-ldap-insecureSkipVerify (default ""))
+ (ldap-searchBaseDN syncthing-config-ldap-searchBaseDN (default ""))
+ (ldap-searchFilter syncthing-config-ldap-searchFilter (default ""))
+ (listenAddress syncthing-config-listenAddress (default "default"))
+ (globalAnnounceServer syncthing-config-globalAnnounceServer (default "default"))
+ (globalAnnounceEnabled syncthing-config-globalAnnounceEnabled (default "true"))
+ (localAnnounceEnabled syncthing-config-localAnnounceEnabled (default "true"))
+ (localAnnouncePort syncthing-config-localAnnouncePort (default "21027"))
+ (localAnnounceMCAddr syncthing-config-localAnnounceMCAddr (default "[ff12::8384]:21027"))
+ (maxSendKbps syncthing-config-maxSendKbps (default "0"))
+ (maxRecvKbps syncthing-config-maxRecvKbps (default "0"))
+ (reconnectionIntervalS syncthing-config-reconnectionIntervalS (default "60"))
+ (relaysEnabled syncthing-config-relaysEnabled (default "true"))
+ (relayReconnectIntervalM syncthing-config-relayReconnectIntervalM (default "10"))
+ (startBrowser syncthing-config-startBrowser (default "true"))
+ (natEnabled syncthing-config-natEnabled (default "true"))
+ (natLeaseMinutes syncthing-config-natLeaseMinutes (default "60"))
+ (natRenewalMinutes syncthing-config-natRenewalMinutes (default "30"))
+ (natTimeoutSeconds syncthing-config-natTimeoutSeconds (default "10"))
+ (urAccepted syncthing-config-urAccepted (default "0"))
+ (urSeen syncthing-config-urSeen (default "0"))
+ (urUniqueID syncthing-config-urUniqueID (default ""))
+ (urURL syncthing-config-urURL (default "https://data.syncthing.net/newdata"))
+ (urPostInsecurely syncthing-config-urPostInsecurely (default "false"))
+ (urInitialDelayS syncthing-config-urInitialDelayS (default "1800"))
+ (autoUpgradeIntervalH syncthing-config-autoUpgradeIntervalH (default "12"))
+ (upgradeToPreReleases syncthing-config-upgradeToPreReleases (default "false"))
+ (keepTemporariesH syncthing-config-keepTemporariesH (default "24"))
+ (cacheIgnoredFiles syncthing-config-cacheIgnoredFiles (default "false"))
+ (progressUpdateIntervalS syncthing-config-progressUpdateIntervalS (default "5"))
+ (limitBandwidthInLan syncthing-config-limitBandwidthInLan (default "false"))
+ (minHomeDiskFree-unit syncthing-config-minHomeDiskFree-unit (default "%"))
+ (minHomeDiskFree syncthing-config-minHomeDiskFree (default "1"))
+ (releasesURL syncthing-config-releasesURL (default "https://upgrades.syncthing.net/meta.json"))
+ (overwriteRemoteDeviceNamesOnConnect syncthing-config-overwriteRemoteDeviceNamesOnConnect (default "false"))
+ (tempIndexMinBlocks syncthing-config-tempIndexMinBlocks (default "10"))
+ (unackedNotificationID syncthing-config-unackedNotificationID (default "authenticationUserAndPassword"))
+ (trafficClass syncthing-config-trafficClass (default "0"))
+ (setLowPriority syncthing-config-setLowPriority (default "true"))
+ (maxFolderConcurrency syncthing-config-maxFolderConcurrency (default "0"))
+ (crashReportingURL syncthing-config-crashReportingURL (default "https://crash.syncthing.net/newcrash"))
+ (crashReportingEnabled syncthing-config-crashReportingEnabled (default "true"))
+ (stunKeepaliveStartS syncthing-config-stunKeepaliveStartS (default "180"))
+ (stunKeepaliveMinS syncthing-config-stunKeepaliveMinS (default "20"))
+ (stunServer syncthing-config-stunServer (default "default"))
+ (databaseTuning syncthing-config-databaseTuning (default "auto"))
+ (maxConcurrentIncomingRequestKiB syncthing-config-maxConcurrentIncomingRequestKiB (default "0"))
+ (announceLANAddresses syncthing-config-announceLANAddresses (default "true"))
+ (sendFullIndexOnUpgrade syncthing-config-sendFullIndexOnUpgrade (default "false"))
+ (connectionLimitEnough syncthing-config-connectionLimitEnough (default "0"))
+ (connectionLimitMax syncthing-config-connectionLimitMax (default "0"))
+ (insecureAllowOldTLSVersions syncthing-config-insecureAllowOldTLSVersions (default "false"))
+ (connectionPriorityTcpLan syncthing-config-connectionPriorityTcpLan (default "10"))
+ (connectionPriorityQuicLan syncthing-config-connectionPriorityQuicLan (default "20"))
+ (connectionPriorityTcpWan syncthing-config-connectionPriorityTcpWan (default "30"))
+ (connectionPriorityQuicWan syncthing-config-connectionPriorityQuicWan (default "40"))
+ (connectionPriorityRelay syncthing-config-connectionPriorityRelay (default "50"))
+ (connectionPriorityUpgradeThreshold syncthing-config-connectionPriorityUpgradeThreshold (default "0"))
+ (default-folder syncthing-config-defaultFolder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-defaultDevice
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-defaultIgnores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-sendBasicAuthPrompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bindDN ldap-transport ldap-insecureSkipVerify
+ ldap-searchBaseDN ldap-searchFilter listenAddress globalAnnounceServer
+ globalAnnounceEnabled localAnnounceEnabled localAnnouncePort
+ localAnnounceMCAddr maxSendKbps maxRecvKbps reconnectionIntervalS
+ relaysEnabled relayReconnectIntervalM startBrowser natEnabled
+ natLeaseMinutes natRenewalMinutes natTimeoutSeconds urAccepted
+ urSeen urUniqueID urURL urPostInsecurely urInitialDelayS
+ autoUpgradeIntervalH upgradeToPreReleases keepTemporariesH
+ cacheIgnoredFiles progressUpdateIntervalS limitBandwidthInLan
+ minHomeDiskFree-unit minHomeDiskFree releasesURL
+ overwriteRemoteDeviceNamesOnConnect tempIndexMinBlocks
+ unackedNotificationID trafficClass setLowPriority maxFolderConcurrency
+ crashReportingURL crashReportingEnabled stunKeepaliveStartS
+ stunKeepaliveMinS stunServer databaseTuning
+ maxConcurrentIncomingRequestKiB announceLANAddresses
+ sendFullIndexOnUpgrade connectionLimitEnough connectionLimitMax
+ insecureAllowOldTLSVersions connectionPriorityTcpLan
+ connectionPriorityQuicLan connectionPriorityTcpWan
+ connectionPriorityQuicWan connectionPriorityRelay
+ connectionPriorityUpgradeThreshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-sendBasicAuthPrompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ (apikey ,gui-apikey)
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bindDN)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecureSkipVerify
+ `((insecureSkipVerify ,ldap-insecureSkipVerify))
+ '())
+ ,@(if ldap-searchBaseDN
+ `((searchBaseDN ,ldap-searchBaseDN))
+ '())
+ ,@(if ldap-searchFilter
+ `((searchFilter ,ldap-searchFilter))
+ '()))
+ ""))
+ (options (listenAddress ,listenAddress)
+ (globalAnnounceServer ,globalAnnounceServer)
+ (globalAnnounceEnabled ,globalAnnounceEnabled)
+ (localAnnounceEnabled ,localAnnounceEnabled)
+ (localAnnouncePort ,localAnnouncePort)
+ (localAnnounceMCAddr ,localAnnounceMCAddr)
+ (maxSendKbps ,maxSendKbps)
+ (maxRecvKbps ,maxRecvKbps)
+ (reconnectionIntervalS ,reconnectionIntervalS)
+ (relaysEnabled ,relaysEnabled)
+ (relayReconnectIntervalM ,relayReconnectIntervalM)
+ (startBrowser ,startBrowser)
+ (natEnabled ,natEnabled)
+ (natLeaseMinutes ,natLeaseMinutes)
+ (natRenewalMinutes ,natRenewalMinutes)
+ (natTimeoutSeconds ,natTimeoutSeconds)
+ (urAccepted ,urAccepted)
+ (urSeen ,urSeen)
+ (urUniqueID ,urUniqueID)
+ (urURL ,urURL)
+ (urPostInsecurely ,urPostInsecurely)
+ (urInitialDelayS ,urInitialDelayS)
+ (autoUpgradeIntervalH ,autoUpgradeIntervalH)
+ (upgradeToPreReleases ,upgradeToPreReleases)
+ (keepTemporariesH ,keepTemporariesH)
+ (cacheIgnoredFiles ,cacheIgnoredFiles)
+ (progressUpdateIntervalS ,progressUpdateIntervalS)
+ (limitBandwidthInLan ,limitBandwidthInLan)
+ (minHomeDiskFree (@ (unit ,minHomeDiskFree-unit))
+ ,minHomeDiskFree)
+ (releasesURL ,releasesURL)
+ (overwriteRemoteDeviceNamesOnConnect ,overwriteRemoteDeviceNamesOnConnect)
+ (tempIndexMinBlocks ,tempIndexMinBlocks)
+ (unackedNotificationID ,unackedNotificationID)
+ (trafficClass ,trafficClass)
+ (setLowPriority ,setLowPriority)
+ (maxFolderConcurrency ,maxFolderConcurrency)
+ (crashReportingURL ,crashReportingURL)
+ (crashReportingEnabled ,crashReportingEnabled)
+ (stunKeepaliveStartS ,stunKeepaliveStartS)
+ (stunKeepaliveMinS ,stunKeepaliveMinS)
+ (stunServer ,stunServer)
+ (databaseTuning ,databaseTuning)
+ (maxConcurrentIncomingRequestKiB ,maxConcurrentIncomingRequestKiB)
+ (announceLANAddresses ,announceLANAddresses)
+ (sendFullIndexOnUpgrade ,sendFullIndexOnUpgrade)
+ (connectionLimitEnough ,connectionLimitEnough)
+ (connectionLimitMax ,connectionLimitMax)
+ (insecureAllowOldTLSVersions ,insecureAllowOldTLSVersions)
+ (connectionPriorityTcpLan ,connectionPriorityTcpLan)
+ (connectionPriorityQuicLan ,connectionPriorityQuicLan)
+ (connectionPriorityTcpWan ,connectionPriorityTcpWan)
+ (connectionPriorityQuicWan ,connectionPriorityQuicWan)
+ (connectionPriorityRelay ,connectionPriorityRelay)
+ (connectionPriorityUpgradeThreshold ,connectionPriorityUpgradeThreshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+;; It is useful to be able to view the xml output by Guix, and to be able to
+;; diff it with a user's previous config, especially when migrating one's
+;; config to Guix. This function adds whitespace that matches the whitespace
+;; of config files managed by Syncthing for easy diffing.
+(define (indent-sxml sxml indent-increment current-indent)
+ (match sxml
+ (((tag ('@ properties ...) (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag ('@ properties ...) primitive ...) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag primitive ...) sibling-tags ...)
+ `(,current-indent (,tag ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (() '())))
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (indent-sxml (list (syncthing-config-file->sxml config))
+ " "
+ ""))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,12 +494,14 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
(define syncthing-shepherd-service
(match-record-lambda <syncthing-configuration>
- (syncthing arguments logflags user group home home-service?)
+ (syncthing arguments logflags user group home home-service? config-file)
(list
(shepherd-service
(provision (if home-service?
@@ -64,39 +510,68 @@ (define syncthing-shepherd-service
(string-append "syncthing-" user)))))
(documentation "Run syncthing.")
(requirement (if home-service? '() '(loopback user-processes)))
- (start #~(make-forkexec-constructor
- (append (list (string-append #$syncthing "/bin/syncthing")
- "--no-browser"
- "--no-restart"
- (string-append "--logflags=" (number->string #$logflags)))
- '#$arguments)
- #:user #$(and (not home-service?) user)
- #:group #$(and (not home-service?) group)
- #:environment-variables
- (append
- (list
- (string-append "HOME="
- (or #$home
- (passwd:dir
- (getpw (if (and #$home-service?
- (not #$user))
- (getuid)
- #$user)))))
- "SSL_CERT_DIR=/etc/ssl/certs"
- "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
- (filter (negate ;XXX: 'remove' is not in (guile)
- (lambda (str)
- (or (string-prefix? "HOME=" str)
- (string-prefix? "SSL_CERT_DIR=" str)
- (string-prefix? "SSL_CERT_FILE=" str))))
- (environ)))))
+ (start #~(lambda _
+ ;; if we are managing the config, and it's not a home
+ ;; service, then exepect the config file at
+ ;; /var/lib/syncthing-<user>. This makes sure the ownership
+ ;; is correct
+ (unless (or #$(not config-file) #$home-service?)
+ (system* "chown" #$user (string-append "/var/lib/syncthing-" #$user))
+ (system* "chmod" "700" (string-append "/var/lib/syncthing-" #$user)))
+ (make-forkexec-constructor
+ (append (list (string-append #$syncthing "/bin/syncthing")
+ "--no-browser"
+ "--no-restart"
+ (string-append "--logflags=" (number->string #$logflags)))
+ (if (or #$(not config-file) #$home-service?) '()
+ (list (string-append "--home=/var/lib/syncthing-" #$user)))
+ '#$arguments)
+ #:user #$(and (not home-service?) user)
+ #:group #$(and (not home-service?) group)
+ #:environment-variables
+ (append
+ (list
+ (string-append "HOME="
+ (or #$home
+ (passwd:dir
+ (getpw (if (and #$home-service?
+ (not #$user))
+ (getuid)
+ #$user)))))
+ "SSL_CERT_DIR=/etc/ssl/certs"
+ "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
+ (filter (negate ;XXX: 'remove' is not in (guile)
+ (lambda (str)
+ (or (string-prefix? "HOME=" str)
+ (string-prefix? "SSL_CERT_DIR=" str)
+ (string-prefix? "SSL_CERT_FILE=" str))))
+ (environ))))))
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ ;; when used as a system service, this service might be executed
+ ;; before a user's home even exists, causing it to be owned by root,
+ ;; and the skeletons to never be applied to that user's home. In such
+ ;; cases, put the config at /var/lib/syncthnig-<user>/config.xml
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append "/var/lib/syncthing-" user "/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 07 Feb 2025 22:46:02 GMT) Full text and rfc822 format available.Message #29 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Zacchaeus <eikcaz <at> zacchae.us> Cc: 75959 <at> debbugs.gnu.org Subject: Re: [bug#75959] [PATCH v5] services: syncthing: Added support for config file serialization. Date: Fri, 7 Feb 2025 17:44:55 -0500
> Subject: [PATCH v5] services: syncthing: Added support for config file
> serialization.
Great! I tested the system-level service according to the config in my
last email and was able to successfully integrate into my existing
Syncthing cluster.
Since we have already worked out the bugs on IRC, my feedback here will
be largely cosmetic.
I think of this patch as being more about generating Syncthing config
files, rather than serializing them.
> * gnu/services/syncthing.scm: (syncthing-config-file) (syncthing-folder)
> (syncthing-device) (syncthing-folder-device): New records;
> (syncthing-service-type): added special-files-service-type extension for the
> config file; (syncthing-files-service): service to create config file
> * gnu/home/services/syncthing.scm: (home-syncthing-service-type): extended
> home-files-services-type and re-exported more things from
> gnu/services/syncthing.scm
> * doc/guix.texi: (syncthing-service-type): document additions
In the commit title and message, please capitalize and punctuate
sentences normally, and avoid unecessary abbreviations. Try to write
imperative sentences. For example, "Add support for configuration file
serialization [or generation]".
When listing the new records / variables, they can be contained in the
same parenthetical list, like (syncthing-config-file, syncthing-folder,
[...]): New records.
> @@ -22669,9 +22670,298 @@ This assumes that the specified group exists.
> Common configuration and data directory. The default configuration
> directory is @file{$HOME} of the specified Syncthing @code{user}.
>
> +@item @code{config-file} (default: @var{#f})
> +Either a file-like object that resolves to a syncthing configuration xml
> +file, or a syncthing-config-file record (see below). If set to #f, Guix
> +will not try to generate a config file, and the syncthing will generate
> +a default one which will not be touched on reconfigure. Specifying this
> +in a system service moves Syncthing's common configuration and data
> +directory to @file{/var/lib/syncthnig-<user>}.
Again, use standard capitalization, etc. Also, use texinfo markup and
cross-references when useful:
https://www.gnu.org/software/texinfo/manual/texinfo/html_node/Cross-References.html
For example, "Either a file-like object that resolves to a Syncthing
configuration XML file, or a @code{syncthing-config-file} record (see
below). When set to @code{#f} [...]"
If you like, I can copy-edit the documentation portion of this patch for
spelling, style, and grammar, as well as mark it up with texinfo. Let me
know. If you'd prefer I don't, I'll send another review with feedback on
those subjects.
> +In the below, only details specific to Guix, or related to how your
> +device will ``ping'' others, are presented. Otherwise, you should
> +consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
> +config documentation}. Camelcase is preserved below only as to be
> +consistent with its appearance in Syncthing code/documentation. If you
> +would like to migrate to Guix-powered Syncthing configuration, the
> +generated config adds newlines/whitespace to the produced config such
> +that your old config can be diff'ed with the new one. You can still
> +modify Syncthing from the GUI or through ``introducer'' and
> +``autoAcceptFolders'' mechanisms, but such changes will be reset on
> +reconfigure.
I have some misgivings about the use of camel case in user-facing
interfaces. I do understand the utility of preserving the upstream
names, but I wonder how much utility it really provides. In my
experience, it's not typical to edit Syncthing's config.xml "by hand" (I
did it some when I first started with Syncthing), so I'd expect users'
to have little familiarity with these names, nor for them to desire a
direct mapping between them. Additionally, there is utility in all Guix
interfaces sharing a consistent style, and the camel case is not
surfaced in Syncthing's own GUI.
What do you think?
> +@item @code{localAnnouncePort} (default: @var{"21027"})
> +@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
Not important for this patch, but do you have any ideas to facilitate
multi-user systems, with respect to automatically using alternate ports?
> +@deftp {Data Type} syncthing-folder-device
> +There is some configuration which is specific to the relationship
> +between a specific folder and a specific device. If you are fine
> +leaving these as their default, then you can simply specify a
> +syncthing-device instead of a @code{syncthing-folder-device} in
> +@code{syncthing-folder}s.
I think this paragraph is not clear enough, although it starts to make
sense after reading about the parameters. Still I think there is room
for improvement.
> +if encryptionPassword is non-empty, then it will be used as a password
> +to encrypt file chunks as they are synced to that device. For more info
> +on syncing to devices you don't totally trust, see
> +@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
I would write the hyperlink as "Syncthing Documentation on Untrusted
Devices".
> +Here is a more complex example configuration for illustrative purposes:
> +@lisp
> +(service syncthing-service-type
> + (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
> + (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
> + (addresses '("mydomain.example"))))
Let's use the reserved domain name 'example.com'. Also, Syncthing
requires these addresses to use a "protocol specific prefix", so how
about "tcp://example.com"?
https://docs.syncthing.net/users/config.html#config-option-device.address
> @@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
Okay. Sounds like you've tested the home service satisfactorily.
> @@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
> +;; Some parameters, when empty, are fully omitted from the config file. It is
> +;; unknown if this causes a functional difference, but stick to the normal
> +;; program's behavior to be safe.
Agreed
> + (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
I've never used the GUI API, but shouldn't this key be generated
per-device, rather than hard-coded here?
> +;; It is useful to be able to view the xml output by Guix, and to be able to
> +;; diff it with a user's previous config, especially when migrating one's
> +;; config to Guix. This function adds whitespace that matches the whitespace
> +;; of config files managed by Syncthing for easy diffing.
> +(define (indent-sxml sxml indent-increment current-indent)
Nice. Hopefully this doesn't go stale anytime soon.
Overall, it's looking good. Thanks a lot for this contribution! Let me
know what you think about the feedback I've given here.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 08 Feb 2025 01:12:02 GMT) Full text and rfc822 format available.Message #32 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Leo Famulari <leo <at> famulari.name> Cc: 75959 <at> debbugs.gnu.org Subject: Re: [bug#75959] [PATCH v5] services: syncthing: Added support for config file serialization. Date: Fri, 07 Feb 2025 20:11:06 -0500
Leo Famulari <leo <at> famulari.name> writes:
>> Subject: [PATCH v5] services: syncthing: Added support for config file
>> serialization.
>
> Great! I tested the system-level service according to the config in my
> last email and was able to successfully integrate into my existing
> Syncthing cluster.
>
> Since we have already worked out the bugs on IRC, my feedback here will
> be largely cosmetic.
>
> I think of this patch as being more about generating Syncthing config
> files, rather than serializing them.
Makes sense. I'll update serialization -> generation
>> * gnu/services/syncthing.scm: (syncthing-config-file) (syncthing-folder)
>> (syncthing-device) (syncthing-folder-device): New records;
>> (syncthing-service-type): added special-files-service-type extension for the
>> config file; (syncthing-files-service): service to create config file
>> * gnu/home/services/syncthing.scm: (home-syncthing-service-type): extended
>> home-files-services-type and re-exported more things from
>> gnu/services/syncthing.scm
>> * doc/guix.texi: (syncthing-service-type): document additions
>
> In the commit title and message, please capitalize and punctuate
> sentences normally, and avoid unecessary abbreviations. Try to write
> imperative sentences. For example, "Add support for configuration file
> serialization [or generation]".
Will do.
> When listing the new records / variables, they can be contained in the
> same parenthetical list, like (syncthing-config-file, syncthing-folder,
> [...]): New records.
Interesting. I'll do as you suggest, but that's not what I've seen in
other commit messages. e.g. commit
e73cf57a204f2bf430c90930394afa08e9ec3399
>> @@ -22669,9 +22670,298 @@ This assumes that the specified group exists.
>> Common configuration and data directory. The default configuration
>> directory is @file{$HOME} of the specified Syncthing @code{user}.
>>
>> +@item @code{config-file} (default: @var{#f})
>> +Either a file-like object that resolves to a syncthing configuration xml
>> +file, or a syncthing-config-file record (see below). If set to #f, Guix
>> +will not try to generate a config file, and the syncthing will generate
>> +a default one which will not be touched on reconfigure. Specifying this
>> +in a system service moves Syncthing's common configuration and data
>> +directory to @file{/var/lib/syncthnig-<user>}.
>
> Again, use standard capitalization, etc. Also, use texinfo markup and
> cross-references when useful:
>
> https://www.gnu.org/software/texinfo/manual/texinfo/html_node/Cross-References.html
>
> For example, "Either a file-like object that resolves to a Syncthing
> configuration XML file, or a @code{syncthing-config-file} record (see
> below). When set to @code{#f} [...]"
>
> If you like, I can copy-edit the documentation portion of this patch for
> spelling, style, and grammar, as well as mark it up with texinfo. Let me
> know. If you'd prefer I don't, I'll send another review with feedback on
> those subjects.
I'll try to clean up these points myself first (I feel bad giving you
more work), but feel free to make changes as you see fit. I'm aware
that my writing needs work...
>> +In the below, only details specific to Guix, or related to how your
>> +device will ``ping'' others, are presented. Otherwise, you should
>> +consult @uref{https://docs.syncthing.net/users/config.html, Syncthing
>> +config documentation}. Camelcase is preserved below only as to be
>> +consistent with its appearance in Syncthing code/documentation. If you
>> +would like to migrate to Guix-powered Syncthing configuration, the
>> +generated config adds newlines/whitespace to the produced config such
>> +that your old config can be diff'ed with the new one. You can still
>> +modify Syncthing from the GUI or through ``introducer'' and
>> +``autoAcceptFolders'' mechanisms, but such changes will be reset on
>> +reconfigure.
>
> I have some misgivings about the use of camel case in user-facing
> interfaces. I do understand the utility of preserving the upstream
> names, but I wonder how much utility it really provides. In my
> experience, it's not typical to edit Syncthing's config.xml "by hand" (I
> did it some when I first started with Syncthing), so I'd expect users'
> to have little familiarity with these names, nor for them to desire a
> direct mapping between them. Additionally, there is utility in all Guix
> interfaces sharing a consistent style, and the camel case is not
> surfaced in Syncthing's own GUI.
>
> What do you think?
I explained my reasoning in this thread and in the IRC, and didn't
recieve much pushback. However, I hadn't even realized that the
Syncthing GUI doesn't use camelcase... I've been generating config
files via Emacs Org Mode src blocks with heavy use of noweb-refs, so my
experience is probably skewed. If this were my library, I would
definitely use camelcase because I think that is clearest, but it's not
that important to me, and I don't think the draw-backs are that large.
I'll just put more effort into adding links to syncthing documentation
for things that don't map so obviously (e.g. ldap-transport is not found
in the documentation as ldapTransport, it is the transport field of the
ldap element).
>> +@item @code{localAnnouncePort} (default: @var{"21027"})
>> +@item @code{localAnnounceMCAddr} (default: @var{"[ff12::8384]:21027"})
>
> Not important for this patch, but do you have any ideas to facilitate
> multi-user systems, with respect to automatically using alternate
> ports?
No, and I'm not sure you should as automatically changing a port means
another machine doesn't know which port to look at (or so I assume,
maybe nameservers fix this issue, but I'd rather not bake in a
dependancy on third-party services). Maybe this would make sense if
using guix-deploy because then you could tell each machine how the ports
match up.
>> +@deftp {Data Type} syncthing-folder-device
>> +There is some configuration which is specific to the relationship
>> +between a specific folder and a specific device. If you are fine
>> +leaving these as their default, then you can simply specify a
>> +syncthing-device instead of a @code{syncthing-folder-device} in
>> +@code{syncthing-folder}s.
>
> I think this paragraph is not clear enough, although it starts to make
> sense after reading about the parameters. Still I think there is room
> for improvement.
Basically, if you have D devices and F folders, then there are D*F
relationships between those folders. Specifically, we need to know, for
a given folder, if a device should only recieve encrypted data, and from
where we know that device (so we can automatically remove this device if
the introducing device is removed). This could be accomplished by
having devices be listed in a folder as a tuple (device password
introducer), but I think that would be abusing lists, so a record seems
appropriate here. I'll try and make this text more clear as to this
record's function.
>> +if encryptionPassword is non-empty, then it will be used as a password
>> +to encrypt file chunks as they are synced to that device. For more info
>> +on syncing to devices you don't totally trust, see
>> +@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing Documentation Untrusted}.
>
> I would write the hyperlink as "Syncthing Documentation on Untrusted
> Devices".
Will do
>> +Here is a more complex example configuration for illustrative purposes:
>> +@lisp
>> +(service syncthing-service-type
>> + (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
>> + (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
>> + (addresses '("mydomain.example"))))
>
> Let's use the reserved domain name 'example.com'. Also, Syncthing
> requires these addresses to use a "protocol specific prefix", so how
> about "tcp://example.com"?
>
> https://docs.syncthing.net/users/config.html#config-option-device.address
Yes that's right
>> @@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
>
> Okay. Sounds like you've tested the home service satisfactorily.
>
>> @@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
>> +;; Some parameters, when empty, are fully omitted from the config file. It is
>> +;; unknown if this causes a functional difference, but stick to the normal
>> +;; program's behavior to be safe.
>
> Agreed
>
>> + (gui-apikey syncthing-config-gui-apikey (default "Vuky3VHVseQEoSk9YgxhSkNTnjQmqYK9"))
>
> I've never used the GUI API, but shouldn't this key be generated
> per-device, rather than hard-coded here?
That's a good point. It's probably bad to have ANY default here. I
just tested, and syncthing does not complain when apikey is omitted, so
I've made that change. I'll add notes to this, the GUI password, and
encryption passwords that these are stored in /gnu/store and are
globally readable (GUI password is encrypted, but encryption passwords
are plain-text).
>> +;; It is useful to be able to view the xml output by Guix, and to be able to
>> +;; diff it with a user's previous config, especially when migrating one's
>> +;; config to Guix. This function adds whitespace that matches the whitespace
>> +;; of config files managed by Syncthing for easy diffing.
>> +(define (indent-sxml sxml indent-increment current-indent)
>
> Nice. Hopefully this doesn't go stale anytime soon.
The whitespace rules have been consistent for as long as I've used
syncthing, so my hopes are high.
> Overall, it's looking good. Thanks a lot for this contribution! Let me
> know what you think about the feedback I've given here.
Thank you for reviewing! I'll submit another patch shortly implementing
what we have discussed.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 08 Feb 2025 03:32:02 GMT) Full text and rfc822 format available.Message #35 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: [PATCH v6] services: syncthing: Add support for config file generation. Date: Fri, 07 Feb 2025 22:31:19 -0500
From c63deb42caf24f34a22b1a56c37146d1cfdff4ae Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH v6] services: syncthing: Add support for config file
generation.
* gnu/services/syncthing.scm: (syncthing-config-file,
syncthing-folder, syncthing-device, syncthing-folder-device): New
records; (syncthing-service-type): Add special-files-service-type
extension for the config file; (syncthing-files-service): Add service
to create config file.
* gnu/home/services/syncthing.scm: (home-syncthing-service-type):
Extend home-files-services-type and re-exported more things from
gnu/services/syncthing.scm.
* doc/guix.texi: (syncthing-service-type): Document changes.
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
I noticed a bug in the documentation; the syncthing-configuration home
field does (and did) not do what it claimed. I went ahead and updated
that documentation since I was already updating the Syncthing section.
I translated camelCase to kebab-case. Hopefully this does not cause
much confusion for the end user.
I tried to improve my grammar from my previous patch, but I don't think
I was successful; feel free to make any of those corrections/additions
as you see fit. I also remembered to warn the user about any sensitive
information they may be putting in /gnu/store. I wrapped all the record
instances I could find in @code{...}, but I may have missed some.
I also updated the commit comment as per lfam's request.
doc/guix.texi | 308 +++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 533 ++++++++++++++++++++++++++++++--
3 files changed, 826 insertions(+), 32 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..d8f35c5b16 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22666,12 +22667,315 @@ The group as which the Syncthing service is to be run.
This assumes that the specified group exists.
@item @code{home} (default: @var{#f})
-Common configuration and data directory. The default configuration
-directory is @file{$HOME} of the specified Syncthing @code{user}.
+Sets the @code{HOME} variable for the syncthing daemon. The default is
+@file{$HOME} of the specified Syncthing @code{user}.
+
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a Syncthing configuration xml
+file, or a @code{syncthing-config-file} record (see below). If set to
+@code{#f}, Guix will not try to generate a config file, and Syncthing
+will generate a default one which will not be touched on reconfigure.
+Specifying this in a system service moves Syncthing's common
+configuration and data directory (@code{--home} in
+@uref{https://docs.syncthing.net/users/syncthing.html}) to
+@file{/var/lib/syncthnig-<user>}.
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will connect to unrelated devices (relays, nameservers), are
+presented. Otherwise, you should consult
+@uref{https://docs.syncthing.net/users/config.html, Syncthing config
+documentation}; camelCase there is converted to kebab-case here. If
+you would like to migrate to a Guix-powered Syncthing configuration, the
+generated config adds newlines/whitespace to the produced config such
+that your old config can be @code{diff}'ed with the new one. You can
+still modify Syncthing from the GUI or through @code{introducer} and
+@code{autoAcceptFolders} mechanisms, but such changes will be reset on
+reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the Syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (as determined by
+comparing device id) are discovered, the one in this list is
+prioritized. Otherwise, the first instance in the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+A bcrypt hash of the GUI password. Remember that this will be globally
+exposed in @file{/gnu/store}.
+@item @code{gui-apikey} (default: @var{#f})
+You must specify this to use the Syncthing REST interface. Also exposed
+in @file{/gnu/store}.
+
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bind-dn} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecure-skip-verify} (default: @var{""})
+@item @code{ldap-search-base-dn} (default: @var{""})
+@item @code{ldap-search-filter} (default: @var{""})
+@item @code{listen-address} (default: @var{"default"})
+@item @code{global-announce-server} (default: @var{"default"})
+@item @code{global-announce-enabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{local-announce-enabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{local-announce-port} (default: @var{"21027"})
+@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{reconnection-interval-s} (default: @var{"60"})
+@item @code{relays-enabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relay-reconnect-interval-m} (default: @var{"10"})
+@item @code{start-browser} (default: @var{"true"})
+@item @code{nat-enabled} (default: @var{"true"})
+@item @code{nat-lease-minutes} (default: @var{"60"})
+@item @code{nat-renewal-minutes} (default: @var{"30"})
+@item @code{nat-timeout-seconds} (default: @var{"10"})
+@item @code{ur-accepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{ur-seen} (default: @var{"0"})
+@item @code{ur-unique-id} (default: @var{""})
+@item @code{ur-url} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{ur-post-insecurely} (default: @var{"false"})
+@item @code{ur-initial-delay-s} (default: @var{"1800"})
+@item @code{auto-upgrade-interval-h} (default: @var{"12"})
+@item @code{upgrade-to-pre-releases} (default: @var{"false"})
+@item @code{keep-temporaries-h} (default: @var{"24"})
+@item @code{cache-ignored-files} (default: @var{"false"})
+@item @code{progress-update-interval-s} (default: @var{"5"})
+@item @code{limit-bandwidth-in-lan} (default: @var{"false"})
+@item @code{min-home-disk-free-unit} (default: @var{"%"})
+@item @code{min-home-disk-free} (default: @var{"1"})
+@item @code{releases-url} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwrite-remote-device-names-on-connect} (default: @var{"false"})
+@item @code{temp-index-min-blocks} (default: @var{"10"})
+@item @code{unacked-notification-id} (default: @var{"authenticationUserAndPassword"})
+@item @code{traffic-class} (default: @var{"0"})
+@item @code{set-low-priority} (default: @var{"true"})
+@item @code{max-folder-concurrency} (default: @var{"0"})
+@item @code{crash-reporting-url} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crash-reporting-enabled} (default: @var{"true"})
+@item @code{stun-keepalive-start-s} (default: @var{"180"})
+@item @code{stun-keepalive-min-s} (default: @var{"20"})
+@item @code{stun-server} (default: @var{"default"})
+@item @code{database-tuning} (default: @var{"auto"})
+@item @code{max-concurrent-incoming-request-kib} (default: @var{"0"})
+@item @code{announce-lan-addresses} (default: @var{"true"})
+@item @code{send-full-index-on-upgrade} (default: @var{"false"})
+@item @code{connection-limit-enough} (default: @var{"0"})
+@item @code{connection-limit-max} (default: @var{"0"})
+@item @code{insecure-allow-old-tls-versions} (default: @var{"false"})
+@item @code{connection-priority-tcp-lan} (default: @var{"10"})
+@item @code{connection-priority-quic-lan} (default: @var{"20"})
+@item @code{connection-priority-tcp-wan} (default: @var{"30"})
+@item @code{connection-priority-quic-wan} (default: @var{"40"})
+@item @code{connection-priority-relay} (default: @var{"50"})
+@item @code{connection-priority-upgrade-threshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, by an @code{introducer}, or a device with
+@code{auto-accept-folders}.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescan-interval-s} (default: @var{"3600"})
+@item @code{fs-watcher-enabled} (default: @var{"true"})
+@item @code{fs-watcher-delay-s} (default: @var{"10"})
+@item @code{ignore-perms} (default: @var{"false"})
+@item @code{auto-normalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+This should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk. See below.
+
+@item @code{filesystem-type} (default: @var{"basic"})
+@item @code{min-disk-free-unit} (default: @var{"%"})
+@item @code{min-disk-free} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fs-path} (default: @var{""})
+@item @code{versioning-fs-type} (default: @var{"basic"})
+@item @code{versioning-cleanup-interval-s} (default: @var{"3600"})
+@item @code{versioning-cleanout-days} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-max-age} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{puller-max-pending-kib} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignore-delete} (default: @var{"false"})
+@item @code{scan-progress-interval-s} (default: @var{"0"})
+@item @code{puller-pause-s} (default: @var{"0"})
+@item @code{max-conflicts} (default: @var{"10"})
+@item @code{disable-sparse-files} (default: @var{"false"})
+@item @code{disable-temp-indexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weak-hash-threshold-pct} (default: @var{"25"})
+@item @code{marker-name} (default: @var{".stfolder"})
+@item @code{copy-ownership-from-parent} (default: @var{"false"})
+@item @code{mod-time-window-s} (default: @var{"0"})
+@item @code{max-concurrent-writes} (default: @var{"2"})
+@item @code{disable-fsync} (default: @var{"false"})
+@item @code{block-pull-order} (default: @var{"standard"})
+@item @code{copy-range-method} (default: @var{"standard"})
+@item @code{case-sensitive-fs} (default: @var{"false"})
+@item @code{junctions-as-dirs} (default: @var{"false"})
+@item @code{sync-ownership} (default: @var{"false"})
+@item @code{send-ownership} (default: @var{"false"})
+@item @code{sync-xattrs} (default: @var{"false"})
+@item @code{send-xattrs} (default: @var{"false"})
+@item @code{xattr-filter-max-single-entry-size} (default: @var{"1024"})
+@item @code{xattr-filter-max-total-size} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inspecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skip-introduction-removals} (default: @var{"false"})
+@item @code{introduced-by} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{auto-accept-folders} (default: @var{"false"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{max-request-kib} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remote-gui-port} (default: @var{"0"})
+@item @code{num-connections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There are two pieces of configuration specific to the relationship
+between a specific folder and a specific device. First, syncthing needs
+to know if the remote device should be able to see the files given to
+it. Second, syncthing needs to know from where that device originates.
+See
+@href{https://docs.syncthing.net/users/config.html#config-option-folder.device,
+the Syncthing Documentation on this}. If you leave these default, then
+you can just specify @code{syncthing-device}s instead of
+@code{syncthing-folder-device}s in a @code{syncthing-folder}'s
+@code{devices} field.
+
+@table @asis
+@item @code{device}
+device should be a @code{syncthing-device} for which this configuration
+applies.
+
+@item @code{introduced-by} (default: @var{""})
+@item @code{encryption-password} (default: @var{""})
+Beware: specifying this field will include this password as plain text
+(not encrypted) and globally visible in @file{/gnu/store/}. If
+encryption-password is non-empty, then it will be used as a password to
+encrypt file chunks as they are synced to that device. For more info on
+syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing
+Documentation on Untrusted Devices}. Note that file transfers are
+always end-to-end encrypted, regardless of this setting.
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("tcp://example.com"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryption-password "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..bdc00ec51f 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,438 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skip-introduction-removals syncthing-device-skip-introduction-removals (default "false"))
+ (introduced-by syncthing-device-introduced-by (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (auto-accept-folders syncthing-device-auto-accept-folders (default "false"))
+ (max-send-kbps syncthing-device-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-device-max-recv-kbps (default "0"))
+ (max-request-kib syncthing-device-max-request-kib (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remote-gui-port syncthing-device-remote-gui-port (default "0"))
+ (num-connections syncthing-device-num-connections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skip-introduction-removals introduced-by addresses paused auto-accept-folders max-send-kbps max-recv-kbps max-request-kib untrusted remote-gui-port num-connections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skip-introduction-removals)
+ (introducedBy ,introduced-by))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,auto-accept-folders)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (maxRequestKiB ,max-request-kib)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remote-gui-port)
+ (numConnections ,num-connections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introduced-by syncthing-folder-device-introduced-by (default (syncthing-device (id ""))))
+ (encryption-password syncthing-folder-device-encryption-password (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introduced-by encryption-password)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introduced-by)))
+ (encryptionPassword ,encryption-password))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescan-interval-s syncthing-folder-rescan-interval-s (default "3600"))
+ (fs-watcher-enabled syncthing-folder-fs-watcher-enabled (default "true"))
+ (fs-watcher-delay-s syncthing-folder-fs-watcher-delay-s (default "10"))
+ (fs-watcher-timeout-s syncthing-folder-fs-watcher-timeout-s (default "0"))
+ (ignore-perms syncthing-folder-ignore-perms (default "false"))
+ (auto-normalize syncthing-folder-auto-normalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystem-type syncthing-folder-filesystem-type (default "basic"))
+ (min-disk-free-unit syncthing-folder-min-disk-free-unit (default "%"))
+ (min-disk-free syncthing-folder-min-disk-free (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fs-path syncthing-folder-versioning-fs-path (default ""))
+ (versioning-fs-type syncthing-folder-versioning-fs-type (default "basic"))
+ (versioning-cleanup-interval-s syncthing-folder-versioning-cleanup-interval-s (default "3600"))
+ (versioning-cleanout-days syncthing-folder-versioning-cleanout-days (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-max-age syncthing-folder-versioning-max-age (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignore-delete syncthing-folder-ignore-delete (default "false"))
+ (scan-progress-interval-s syncthing-folder-scan-progress-interval-s (default "0"))
+ (puller-pause-s syncthing-folder-puller-pause-s (default "0"))
+ (max-conflicts syncthing-folder-max-conflicts (default "10"))
+ (disable-sparse-files syncthing-folder-disable-sparse-files (default "false"))
+ (disable-temp-indexes syncthing-folder-disable-temp-indexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weak-hash-threshold-pct syncthing-folder-weak-hash-threshold-pct (default "25"))
+ (marker-name syncthing-folder-marker-name (default ".stfolder"))
+ (copy-ownership-from-parent syncthing-folder-copy-ownership-from-parent (default "false"))
+ (mod-time-window-s syncthing-folder-mod-time-window-s (default "0"))
+ (max-concurrent-writes syncthing-folder-max-concurrent-writes (default "2"))
+ (disable-fsync syncthing-folder-disable-fsync (default "false"))
+ (block-pull-order syncthing-folder-block-pull-order (default "standard"))
+ (copy-range-method syncthing-folder-copy-range-method (default "standard"))
+ (case-sensitive-fs syncthing-folder-case-sensitive-fs (default "false"))
+ (junctions-as-dirs syncthing-folder-junctions-as-dirs (default "false"))
+ (sync-ownership syncthing-folder-sync-ownership (default "false"))
+ (send-ownership syncthing-folder-send-ownership (default "false"))
+ (sync-xattrs syncthing-folder-sync-xattrs (default "false"))
+ (send-xattrs syncthing-folder-send-xattrs (default "false"))
+ (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default "1024"))
+ (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescan-interval-s fs-watcher-enabled fs-watcher-delay-s
+ fs-watcher-timeout-s ignore-perms auto-normalize devices filesystem-type
+ min-disk-free-unit min-disk-free versioning-type versioning-fs-path
+ versioning-fs-type versioning-cleanup-interval-s versioning-cleanout-days
+ versioning-keep versioning-max-age versioning-command copiers
+ puller-max-pending-kib hashers order ignore-delete scan-progress-interval-s
+ puller-pause-s max-conflicts disable-sparse-files disable-temp-indexes paused
+ weak-hash-threshold-pct marker-name copy-ownership-from-parent mod-time-window-s
+ max-concurrent-writes disable-fsync block-pull-order copy-range-method
+ case-sensitive-fs junctions-as-dirs sync-ownership send-ownership sync-xattrs
+ send-xattrs xattr-filter-max-single-entry-size xattr-filter-max-total-size)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescan-interval-s)
+ (fsWatcherEnabled ,fs-watcher-enabled)
+ (fsWatcherDelayS ,fs-watcher-delay-s)
+ (fsWatcherTimeoutS ,fs-watcher-timeout-s)
+ (ignorePerms ,ignore-perms)
+ (autoNormalize ,auto-normalize))
+ (filesystemType ,filesystem-type)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,min-disk-free-unit))
+ ,min-disk-free)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanout-days)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-max-age)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanup-interval-s)
+ (fsPath ,versioning-fs-path)
+ (fsType ,versioning-fs-type))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,puller-max-pending-kib)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignore-delete)
+ (scanProgressIntervalS ,scan-progress-interval-s)
+ (pullerPauseS ,puller-pause-s)
+ (maxConflicts ,max-conflicts)
+ (disableSparseFiles ,disable-sparse-files)
+ (disableTempIndexes ,disable-temp-indexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weak-hash-threshold-pct)
+ (markerName ,marker-name)
+ (copyOwnershipFromParent ,copy-ownership-from-parent)
+ (modTimeWindowS ,mod-time-window-s)
+ (maxConcurrentWrites ,max-concurrent-writes)
+ (disableFsync ,disable-fsync)
+ (blockPullOrder ,block-pull-order)
+ (copyRangeMethod ,copy-range-method)
+ (caseSensitiveFS ,case-sensitive-fs)
+ (junctionsAsDirs ,junctions-as-dirs)
+ (syncOwnership ,sync-ownership)
+ (sendOwnership ,send-ownership)
+ (syncXattrs ,sync-xattrs)
+ (sendXattrs ,send-xattrs)
+ (xattrFilter (maxSingleEntrySize ,xattr-filter-max-single-entry-size)
+ (maxTotalSize ,xattr-filter-max-total-size)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-send-basic-auth-prompt syncthing-config-gui-send-basic-auth-prompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default #f))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bind-dn syncthing-config-ldap-bind-dn (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecure-skip-verify syncthing-config-ldap-insecure-skip-verify (default ""))
+ (ldap-search-base-dn syncthing-config-ldap-search-base-dn (default ""))
+ (ldap-search-filter syncthing-config-ldap-search-filter (default ""))
+ (listen-address syncthing-config-listen-address (default "default"))
+ (global-announce-server syncthing-config-global-announce-server (default "default"))
+ (global-announce-enabled syncthing-config-global-announce-enabled (default "true"))
+ (local-announce-enabled syncthing-config-local-announce-enabled (default "true"))
+ (local-announce-port syncthing-config-local-announce-port (default "21027"))
+ (local-announce-mcaddr syncthing-config-local-announce-mcaddr (default "[ff12::8384]:21027"))
+ (max-send-kbps syncthing-config-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-config-max-recv-kbps (default "0"))
+ (reconnection-interval-s syncthing-config-reconnection-interval-s (default "60"))
+ (relays-enabled syncthing-config-relays-enabled (default "true"))
+ (relay-reconnect-interval-m syncthing-config-relay-reconnect-interval-m (default "10"))
+ (start-browser syncthing-config-start-browser (default "true"))
+ (nat-enabled syncthing-config-nat-enabled (default "true"))
+ (nat-lease-minutes syncthing-config-nat-lease-minutes (default "60"))
+ (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default "30"))
+ (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default "10"))
+ (ur-accepted syncthing-config-ur-accepted (default "0"))
+ (ur-seen syncthing-config-ur-seen (default "0"))
+ (ur-unique-id syncthing-config-ur-unique-id (default ""))
+ (ur-url syncthing-config-ur-url (default "https://data.syncthing.net/newdata"))
+ (ur-post-insecurely syncthing-config-ur-post-insecurely (default "false"))
+ (ur-initial-delay-s syncthing-config-ur-initial-delay-s (default "1800"))
+ (auto-upgrade-interval-h syncthing-config-auto-upgrade-interval-h (default "12"))
+ (upgrade-to-pre-releases syncthing-config-upgrade-to-pre-releases (default "false"))
+ (keep-temporaries-h syncthing-config-keep-temporaries-h (default "24"))
+ (cache-ignored-files syncthing-config-cache-ignored-files (default "false"))
+ (progress-update-interval-s syncthing-config-progress-update-interval-s (default "5"))
+ (limit-bandwidth-in-lan syncthing-config-limit-bandwidth-in-lan (default "false"))
+ (min-home-disk-free-unit syncthing-config-min-home-disk-free-unit (default "%"))
+ (min-home-disk-free syncthing-config-min-home-disk-free (default "1"))
+ (releases-url syncthing-config-releases-url (default "https://upgrades.syncthing.net/meta.json"))
+ (overwrite-remote-device-names-on-connect syncthing-config-overwrite-remote-device-names-on-connect (default "false"))
+ (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default "10"))
+ (unacked-notification-id syncthing-config-unacked-notification-id (default "authenticationUserAndPassword"))
+ (traffic-class syncthing-config-traffic-class (default "0"))
+ (set-low-priority syncthing-config-set-low-priority (default "true"))
+ (max-folder-concurrency syncthing-config-max-folder-concurrency (default "0"))
+ (crash-reporting-url syncthing-config-crash-reporting-url (default "https://crash.syncthing.net/newcrash"))
+ (crash-reporting-enabled syncthing-config-crash-reporting-enabled (default "true"))
+ (stun-keepalive-start-s syncthing-config-stun-keepalive-start-s (default "180"))
+ (stun-keepalive-min-s syncthing-config-stun-keepalive-min-s (default "20"))
+ (stun-server syncthing-config-stun-server (default "default"))
+ (database-tuning syncthing-config-database-tuning (default "auto"))
+ (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default "0"))
+ (announce-lan-addresses syncthing-config-announce-lan-addresses (default "true"))
+ (send-full-index-on-upgrade syncthing-config-send-full-index-on-upgrade (default "false"))
+ (connection-limit-enough syncthing-config-connection-limit-enough (default "0"))
+ (connection-limit-max syncthing-config-connection-limit-max (default "0"))
+ (insecure-allow-old-tlsVersions syncthing-config-insecure-allow-old-tlsVersions (default "false"))
+ (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default "10"))
+ (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default "20"))
+ (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default "30"))
+ (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default "40"))
+ (connection-priority-relay syncthing-config-connection-priority-relay (default "50"))
+ (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default "0"))
+ (default-folder syncthing-config-default-folder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-default-device
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-default-ignores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-send-basic-auth-prompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bind-dn ldap-transport ldap-insecure-skip-verify
+ ldap-search-base-dn ldap-search-filter listen-address global-announce-server
+ global-announce-enabled local-announce-enabled local-announce-port
+ local-announce-mcaddr max-send-kbps max-recv-kbps reconnection-interval-s
+ relays-enabled relay-reconnect-interval-m start-browser nat-enabled
+ nat-lease-minutes nat-renewal-minutes nat-timeout-seconds ur-accepted
+ ur-seen ur-unique-id ur-url ur-post-insecurely ur-initial-delay-s
+ auto-upgrade-interval-h upgrade-to-pre-releases keep-temporaries-h
+ cache-ignored-files progress-update-interval-s limit-bandwidth-in-lan
+ min-home-disk-free-unit min-home-disk-free releases-url
+ overwrite-remote-device-names-on-connect temp-index-min-blocks
+ unacked-notification-id traffic-class set-low-priority max-folder-concurrency
+ crash-reporting-url crash-reporting-enabled stun-keepalive-start-s
+ stun-keepalive-min-s stun-server database-tuning
+ max-concurrent-incoming-request-kib announce-lan-addresses
+ send-full-index-on-upgrade connection-limit-enough connection-limit-max
+ insecure-allow-old-tlsVersions connection-priority-tcp-lan
+ connection-priority-quic-lan connection-priority-tcp-wan
+ connection-priority-quic-wan connection-priority-relay
+ connection-priority-upgrade-threshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-send-basic-auth-prompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ ,@(if gui-apikey `((apikey ,gui-apikey)) '())
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bind-dn)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecure-skip-verify
+ `((insecureSkipVerify ,ldap-insecure-skip-verify))
+ '())
+ ,@(if ldap-search-base-dn
+ `((searchBaseDN ,ldap-search-base-dn))
+ '())
+ ,@(if ldap-search-filter
+ `((searchFilter ,ldap-search-filter))
+ '()))
+ ""))
+ (options (listenAddress ,listen-address)
+ (globalAnnounceServer ,global-announce-server)
+ (globalAnnounceEnabled ,global-announce-enabled)
+ (localAnnounceEnabled ,local-announce-enabled)
+ (localAnnouncePort ,local-announce-port)
+ (localAnnounceMCAddr ,local-announce-mcaddr)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (reconnectionIntervalS ,reconnection-interval-s)
+ (relaysEnabled ,relays-enabled)
+ (relayReconnectIntervalM ,relay-reconnect-interval-m)
+ (startBrowser ,start-browser)
+ (natEnabled ,nat-enabled)
+ (natLeaseMinutes ,nat-lease-minutes)
+ (natRenewalMinutes ,nat-renewal-minutes)
+ (natTimeoutSeconds ,nat-timeout-seconds)
+ (urAccepted ,ur-accepted)
+ (urSeen ,ur-seen)
+ (urUniqueID ,ur-unique-id)
+ (urURL ,ur-url)
+ (urPostInsecurely ,ur-post-insecurely)
+ (urInitialDelayS ,ur-initial-delay-s)
+ (autoUpgradeIntervalH ,auto-upgrade-interval-h)
+ (upgradeToPreReleases ,upgrade-to-pre-releases)
+ (keepTemporariesH ,keep-temporaries-h)
+ (cacheIgnoredFiles ,cache-ignored-files)
+ (progressUpdateIntervalS ,progress-update-interval-s)
+ (limitBandwidthInLan ,limit-bandwidth-in-lan)
+ (minHomeDiskFree (@ (unit ,min-home-disk-free-unit))
+ ,min-home-disk-free)
+ (releasesURL ,releases-url)
+ (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect)
+ (tempIndexMinBlocks ,temp-index-min-blocks)
+ (unackedNotificationID ,unacked-notification-id)
+ (trafficClass ,traffic-class)
+ (setLowPriority ,set-low-priority)
+ (maxFolderConcurrency ,max-folder-concurrency)
+ (crashReportingURL ,crash-reporting-url)
+ (crashReportingEnabled ,crash-reporting-enabled)
+ (stunKeepaliveStartS ,stun-keepalive-start-s)
+ (stunKeepaliveMinS ,stun-keepalive-min-s)
+ (stunServer ,stun-server)
+ (databaseTuning ,database-tuning)
+ (maxConcurrentIncomingRequestKiB ,max-concurrent-incoming-request-kib)
+ (announceLANAddresses ,announce-lan-addresses)
+ (sendFullIndexOnUpgrade ,send-full-index-on-upgrade)
+ (connectionLimitEnough ,connection-limit-enough)
+ (connectionLimitMax ,connection-limit-max)
+ (insecureAllowOldTLSVersions ,insecure-allow-old-tlsVersions)
+ (connectionPriorityTcpLan ,connection-priority-tcp-lan)
+ (connectionPriorityQuicLan ,connection-priority-quic-lan)
+ (connectionPriorityTcpWan ,connection-priority-tcp-wan)
+ (connectionPriorityQuicWan ,connection-priority-quic-wan)
+ (connectionPriorityRelay ,connection-priority-relay)
+ (connectionPriorityUpgradeThreshold ,connection-priority-upgrade-threshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+;; It is useful to be able to view the xml output by Guix, and to be able to
+;; diff it with a user's previous config, especially when migrating one's
+;; config to Guix. This function adds whitespace that matches the whitespace
+;; of config files managed by Syncthing for easy diffing.
+(define (indent-sxml sxml indent-increment current-indent)
+ (match sxml
+ (((tag ('@ properties ...) (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag ('@ properties ...) primitive ...) sibling-tags ...)
+ `(,current-indent (,tag (@ ,@properties) ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag (subtags ..1) ..1) sibling-tags ...)
+ `(,current-indent (,tag "\n"
+ ,@(indent-sxml subtags indent-increment
+ (string-append indent-increment current-indent))
+ ,current-indent) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (((tag primitive ...) sibling-tags ...)
+ `(,current-indent (,tag ,@primitive) "\n"
+ ,@(indent-sxml sibling-tags indent-increment current-indent)))
+ (() '())))
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (indent-sxml (list (syncthing-config-file->sxml config))
+ " "
+ ""))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,12 +494,14 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
(define syncthing-shepherd-service
(match-record-lambda <syncthing-configuration>
- (syncthing arguments logflags user group home home-service?)
+ (syncthing arguments logflags user group home home-service? config-file)
(list
(shepherd-service
(provision (if home-service?
@@ -64,39 +510,68 @@ (define syncthing-shepherd-service
(string-append "syncthing-" user)))))
(documentation "Run syncthing.")
(requirement (if home-service? '() '(loopback user-processes)))
- (start #~(make-forkexec-constructor
- (append (list (string-append #$syncthing "/bin/syncthing")
- "--no-browser"
- "--no-restart"
- (string-append "--logflags=" (number->string #$logflags)))
- '#$arguments)
- #:user #$(and (not home-service?) user)
- #:group #$(and (not home-service?) group)
- #:environment-variables
- (append
- (list
- (string-append "HOME="
- (or #$home
- (passwd:dir
- (getpw (if (and #$home-service?
- (not #$user))
- (getuid)
- #$user)))))
- "SSL_CERT_DIR=/etc/ssl/certs"
- "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
- (filter (negate ;XXX: 'remove' is not in (guile)
- (lambda (str)
- (or (string-prefix? "HOME=" str)
- (string-prefix? "SSL_CERT_DIR=" str)
- (string-prefix? "SSL_CERT_FILE=" str))))
- (environ)))))
+ (start #~(lambda _
+ ;; if we are managing the config, and it's not a home
+ ;; service, then exepect the config file at
+ ;; /var/lib/syncthing-<user>. This makes sure the ownership
+ ;; is correct
+ (unless (or #$(not config-file) #$home-service?)
+ (system* "chown" #$user (string-append "/var/lib/syncthing-" #$user))
+ (system* "chmod" "700" (string-append "/var/lib/syncthing-" #$user)))
+ (make-forkexec-constructor
+ (append (list (string-append #$syncthing "/bin/syncthing")
+ "--no-browser"
+ "--no-restart"
+ (string-append "--logflags=" (number->string #$logflags)))
+ (if (or #$(not config-file) #$home-service?) '()
+ (list (string-append "--home=/var/lib/syncthing-" #$user)))
+ '#$arguments)
+ #:user #$(and (not home-service?) user)
+ #:group #$(and (not home-service?) group)
+ #:environment-variables
+ (append
+ (list
+ (string-append "HOME="
+ (or #$home
+ (passwd:dir
+ (getpw (if (and #$home-service?
+ (not #$user))
+ (getuid)
+ #$user)))))
+ "SSL_CERT_DIR=/etc/ssl/certs"
+ "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
+ (filter (negate ;XXX: 'remove' is not in (guile)
+ (lambda (str)
+ (or (string-prefix? "HOME=" str)
+ (string-prefix? "SSL_CERT_DIR=" str)
+ (string-prefix? "SSL_CERT_FILE=" str))))
+ (environ))))))
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ ;; when used as a system service, this service might be executed
+ ;; before a user's home even exists, causing it to be owned by root,
+ ;; and the skeletons to never be applied to that user's home. In such
+ ;; cases, put the config at /var/lib/syncthnig-<user>/config.xml
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append "/var/lib/syncthing-" user "/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 08 Feb 2025 12:15:02 GMT) Full text and rfc822 format available.Message #38 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Bruno Victal <mirai <at> makinata.eu> To: Leo Famulari <leo <at> famulari.name>, Zacchaeus <eikcaz <at> zacchae.us> Cc: 75959 <at> debbugs.gnu.org Subject: Re: [bug#75959] [PATCH v5] services: syncthing: Added support for config file serialization. Date: Sat, 8 Feb 2025 12:14:36 +0000
On 2025-02-07 22:44, Leo Famulari wrote: >> +;; It is useful to be able to view the xml output by Guix, and to be able to >> +;; diff it with a user's previous config, especially when migrating one's >> +;; config to Guix. This function adds whitespace that matches the whitespace >> +;; of config files managed by Syncthing for easy diffing. >> +(define (indent-sxml sxml indent-increment current-indent) > > Nice. Hopefully this doesn't go stale anytime soon. > > Overall, it's looking good. Thanks a lot for this contribution! Let me > know what you think about the feedback I've given here. I think this addition is unnecessary since there's a well-known command to pretty-print any XML file: xmllint --format <the-file> Admittedly to my untrained eyes, this indent-sxml looks complex at a superficial glance and just adds maintenance burden without necessity in light of xmllint existence IMO. My 2¢, -- Bruno.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 08 Feb 2025 20:02:02 GMT) Full text and rfc822 format available.Message #41 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org Subject: Re: [bug#75959] [PATCH v5] services: syncthing: Added support for config file serialization. Date: Sat, 08 Feb 2025 15:01:36 -0500
From 45e289b4960e04c07dafedd39140ed2331b2be81 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH v7] services: syncthing: Add support for config file
generation.
* gnu/services/syncthing.scm: (syncthing-config-file,
syncthing-folder, syncthing-device, syncthing-folder-device): New
records; (syncthing-service-type): Add special-files-service-type
extension for the config file; (syncthing-files-service): Add service
to create config file.
* gnu/home/services/syncthing.scm: (home-syncthing-service-type):
Extend home-files-services-type and re-exported more things from
gnu/services/syncthing.scm.
* doc/guix.texi: (syncthing-service-type): Document changes.
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
As per Bruno's suggestion, I removed the (indent-sxml ...) function,
and added intstructions in the documentation for how to get the same
results with libxml2. I like my configs auto-indented, but Guix isn't
really the place for that functionality. If I feel inspired at some
point, maybe I'll try to add that functionality to sxml, but those
chances are low.
eikcaz-
doc/guix.texi | 316 +++++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 506 ++++++++++++++++++++++++++++++--
3 files changed, 807 insertions(+), 32 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..d5fdda733e 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22666,12 +22667,323 @@ The group as which the Syncthing service is to be run.
This assumes that the specified group exists.
@item @code{home} (default: @var{#f})
-Common configuration and data directory. The default configuration
-directory is @file{$HOME} of the specified Syncthing @code{user}.
+Sets the @code{HOME} variable for the syncthing daemon. The default is
+@file{$HOME} of the specified Syncthing @code{user}.
+
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a Syncthing configuration xml
+file, or a @code{syncthing-config-file} record (see below). If set to
+@code{#f}, Guix will not try to generate a config file, and Syncthing
+will generate a default one which will not be touched on reconfigure.
+Specifying this in a system service moves Syncthing's common
+configuration and data directory (@code{--home} in
+@uref{https://docs.syncthing.net/users/syncthing.html}) to
+@file{/var/lib/syncthnig-<user>}.
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will connect to unrelated devices (relays, nameservers), are
+presented. Otherwise, you should consult
+@uref{https://docs.syncthing.net/users/config.html, Syncthing config
+documentation}; camelCase there is converted to kebab-case here. If you
+are migrating to a Guix-powered Syncthing config file from a
+GUI-configured one, you can see what changes were introduced by
+@code{diff}ing them. Note that you will need to add whitespace with
+4-space indentation to the one generated by Guix. This can be done
+(requires @code{libxml2}) like so:
+
+@example
+XMLLINT_INDENT=" " xmllint --format /path/to/new/config.xml | diff /path/to/old/config.xml -
+@end example
+
+When generating a config file through Guix, you can still modify
+Syncthing from the GUI or through @code{introducer} and
+@code{autoAcceptFolders} mechanisms, but such changes will be reset on
+reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the Syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (as determined by
+comparing device id) are discovered, the one in this list is
+prioritized. Otherwise, the first instance in the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+A bcrypt hash of the GUI password. Remember that this will be globally
+exposed in @file{/gnu/store}.
+@item @code{gui-apikey} (default: @var{#f})
+You must specify this to use the Syncthing REST interface. Also exposed
+in @file{/gnu/store}.
+
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bind-dn} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecure-skip-verify} (default: @var{""})
+@item @code{ldap-search-base-dn} (default: @var{""})
+@item @code{ldap-search-filter} (default: @var{""})
+@item @code{listen-address} (default: @var{"default"})
+@item @code{global-announce-server} (default: @var{"default"})
+@item @code{global-announce-enabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{local-announce-enabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{local-announce-port} (default: @var{"21027"})
+@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{reconnection-interval-s} (default: @var{"60"})
+@item @code{relays-enabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relay-reconnect-interval-m} (default: @var{"10"})
+@item @code{start-browser} (default: @var{"true"})
+@item @code{nat-enabled} (default: @var{"true"})
+@item @code{nat-lease-minutes} (default: @var{"60"})
+@item @code{nat-renewal-minutes} (default: @var{"30"})
+@item @code{nat-timeout-seconds} (default: @var{"10"})
+@item @code{ur-accepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{ur-seen} (default: @var{"0"})
+@item @code{ur-unique-id} (default: @var{""})
+@item @code{ur-url} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{ur-post-insecurely} (default: @var{"false"})
+@item @code{ur-initial-delay-s} (default: @var{"1800"})
+@item @code{auto-upgrade-interval-h} (default: @var{"12"})
+@item @code{upgrade-to-pre-releases} (default: @var{"false"})
+@item @code{keep-temporaries-h} (default: @var{"24"})
+@item @code{cache-ignored-files} (default: @var{"false"})
+@item @code{progress-update-interval-s} (default: @var{"5"})
+@item @code{limit-bandwidth-in-lan} (default: @var{"false"})
+@item @code{min-home-disk-free-unit} (default: @var{"%"})
+@item @code{min-home-disk-free} (default: @var{"1"})
+@item @code{releases-url} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwrite-remote-device-names-on-connect} (default: @var{"false"})
+@item @code{temp-index-min-blocks} (default: @var{"10"})
+@item @code{unacked-notification-id} (default: @var{"authenticationUserAndPassword"})
+@item @code{traffic-class} (default: @var{"0"})
+@item @code{set-low-priority} (default: @var{"true"})
+@item @code{max-folder-concurrency} (default: @var{"0"})
+@item @code{crash-reporting-url} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crash-reporting-enabled} (default: @var{"true"})
+@item @code{stun-keepalive-start-s} (default: @var{"180"})
+@item @code{stun-keepalive-min-s} (default: @var{"20"})
+@item @code{stun-server} (default: @var{"default"})
+@item @code{database-tuning} (default: @var{"auto"})
+@item @code{max-concurrent-incoming-request-kib} (default: @var{"0"})
+@item @code{announce-lan-addresses} (default: @var{"true"})
+@item @code{send-full-index-on-upgrade} (default: @var{"false"})
+@item @code{connection-limit-enough} (default: @var{"0"})
+@item @code{connection-limit-max} (default: @var{"0"})
+@item @code{insecure-allow-old-tls-versions} (default: @var{"false"})
+@item @code{connection-priority-tcp-lan} (default: @var{"10"})
+@item @code{connection-priority-quic-lan} (default: @var{"20"})
+@item @code{connection-priority-tcp-wan} (default: @var{"30"})
+@item @code{connection-priority-quic-wan} (default: @var{"40"})
+@item @code{connection-priority-relay} (default: @var{"50"})
+@item @code{connection-priority-upgrade-threshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, by an @code{introducer}, or a device with
+@code{auto-accept-folders}.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescan-interval-s} (default: @var{"3600"})
+@item @code{fs-watcher-enabled} (default: @var{"true"})
+@item @code{fs-watcher-delay-s} (default: @var{"10"})
+@item @code{ignore-perms} (default: @var{"false"})
+@item @code{auto-normalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+This should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk. See below.
+
+@item @code{filesystem-type} (default: @var{"basic"})
+@item @code{min-disk-free-unit} (default: @var{"%"})
+@item @code{min-disk-free} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fs-path} (default: @var{""})
+@item @code{versioning-fs-type} (default: @var{"basic"})
+@item @code{versioning-cleanup-interval-s} (default: @var{"3600"})
+@item @code{versioning-cleanout-days} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-max-age} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{puller-max-pending-kib} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignore-delete} (default: @var{"false"})
+@item @code{scan-progress-interval-s} (default: @var{"0"})
+@item @code{puller-pause-s} (default: @var{"0"})
+@item @code{max-conflicts} (default: @var{"10"})
+@item @code{disable-sparse-files} (default: @var{"false"})
+@item @code{disable-temp-indexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weak-hash-threshold-pct} (default: @var{"25"})
+@item @code{marker-name} (default: @var{".stfolder"})
+@item @code{copy-ownership-from-parent} (default: @var{"false"})
+@item @code{mod-time-window-s} (default: @var{"0"})
+@item @code{max-concurrent-writes} (default: @var{"2"})
+@item @code{disable-fsync} (default: @var{"false"})
+@item @code{block-pull-order} (default: @var{"standard"})
+@item @code{copy-range-method} (default: @var{"standard"})
+@item @code{case-sensitive-fs} (default: @var{"false"})
+@item @code{junctions-as-dirs} (default: @var{"false"})
+@item @code{sync-ownership} (default: @var{"false"})
+@item @code{send-ownership} (default: @var{"false"})
+@item @code{sync-xattrs} (default: @var{"false"})
+@item @code{send-xattrs} (default: @var{"false"})
+@item @code{xattr-filter-max-single-entry-size} (default: @var{"1024"})
+@item @code{xattr-filter-max-total-size} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inspecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skip-introduction-removals} (default: @var{"false"})
+@item @code{introduced-by} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{auto-accept-folders} (default: @var{"false"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{max-request-kib} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remote-gui-port} (default: @var{"0"})
+@item @code{num-connections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There are two pieces of configuration specific to the relationship
+between a specific folder and a specific device. First, syncthing needs
+to know if the remote device should be able to see the files given to
+it. Second, syncthing needs to know from where that device originates.
+See
+@href{https://docs.syncthing.net/users/config.html#config-option-folder.device,
+the Syncthing Documentation on this}. If you leave these default, then
+you can just specify @code{syncthing-device}s instead of
+@code{syncthing-folder-device}s in a @code{syncthing-folder}'s
+@code{devices} field.
+
+@table @asis
+@item @code{device}
+device should be a @code{syncthing-device} for which this configuration
+applies.
+
+@item @code{introduced-by} (default: @var{""})
+@item @code{encryption-password} (default: @var{""})
+Beware: specifying this field will include this password as plain text
+(not encrypted) and globally visible in @file{/gnu/store/}. If
+encryption-password is non-empty, then it will be used as a password to
+encrypt file chunks as they are synced to that device. For more info on
+syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing
+Documentation on Untrusted Devices}. Note that file transfers are
+always end-to-end encrypted, regardless of this setting.
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("tcp://example.com"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryption-password "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..2707591d51 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,411 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skip-introduction-removals syncthing-device-skip-introduction-removals (default "false"))
+ (introduced-by syncthing-device-introduced-by (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (auto-accept-folders syncthing-device-auto-accept-folders (default "false"))
+ (max-send-kbps syncthing-device-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-device-max-recv-kbps (default "0"))
+ (max-request-kib syncthing-device-max-request-kib (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remote-gui-port syncthing-device-remote-gui-port (default "0"))
+ (num-connections syncthing-device-num-connections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skip-introduction-removals introduced-by addresses paused auto-accept-folders max-send-kbps max-recv-kbps max-request-kib untrusted remote-gui-port num-connections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skip-introduction-removals)
+ (introducedBy ,introduced-by))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,auto-accept-folders)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (maxRequestKiB ,max-request-kib)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remote-gui-port)
+ (numConnections ,num-connections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introduced-by syncthing-folder-device-introduced-by (default (syncthing-device (id ""))))
+ (encryption-password syncthing-folder-device-encryption-password (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introduced-by encryption-password)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introduced-by)))
+ (encryptionPassword ,encryption-password))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescan-interval-s syncthing-folder-rescan-interval-s (default "3600"))
+ (fs-watcher-enabled syncthing-folder-fs-watcher-enabled (default "true"))
+ (fs-watcher-delay-s syncthing-folder-fs-watcher-delay-s (default "10"))
+ (fs-watcher-timeout-s syncthing-folder-fs-watcher-timeout-s (default "0"))
+ (ignore-perms syncthing-folder-ignore-perms (default "false"))
+ (auto-normalize syncthing-folder-auto-normalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystem-type syncthing-folder-filesystem-type (default "basic"))
+ (min-disk-free-unit syncthing-folder-min-disk-free-unit (default "%"))
+ (min-disk-free syncthing-folder-min-disk-free (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fs-path syncthing-folder-versioning-fs-path (default ""))
+ (versioning-fs-type syncthing-folder-versioning-fs-type (default "basic"))
+ (versioning-cleanup-interval-s syncthing-folder-versioning-cleanup-interval-s (default "3600"))
+ (versioning-cleanout-days syncthing-folder-versioning-cleanout-days (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-max-age syncthing-folder-versioning-max-age (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignore-delete syncthing-folder-ignore-delete (default "false"))
+ (scan-progress-interval-s syncthing-folder-scan-progress-interval-s (default "0"))
+ (puller-pause-s syncthing-folder-puller-pause-s (default "0"))
+ (max-conflicts syncthing-folder-max-conflicts (default "10"))
+ (disable-sparse-files syncthing-folder-disable-sparse-files (default "false"))
+ (disable-temp-indexes syncthing-folder-disable-temp-indexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weak-hash-threshold-pct syncthing-folder-weak-hash-threshold-pct (default "25"))
+ (marker-name syncthing-folder-marker-name (default ".stfolder"))
+ (copy-ownership-from-parent syncthing-folder-copy-ownership-from-parent (default "false"))
+ (mod-time-window-s syncthing-folder-mod-time-window-s (default "0"))
+ (max-concurrent-writes syncthing-folder-max-concurrent-writes (default "2"))
+ (disable-fsync syncthing-folder-disable-fsync (default "false"))
+ (block-pull-order syncthing-folder-block-pull-order (default "standard"))
+ (copy-range-method syncthing-folder-copy-range-method (default "standard"))
+ (case-sensitive-fs syncthing-folder-case-sensitive-fs (default "false"))
+ (junctions-as-dirs syncthing-folder-junctions-as-dirs (default "false"))
+ (sync-ownership syncthing-folder-sync-ownership (default "false"))
+ (send-ownership syncthing-folder-send-ownership (default "false"))
+ (sync-xattrs syncthing-folder-sync-xattrs (default "false"))
+ (send-xattrs syncthing-folder-send-xattrs (default "false"))
+ (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default "1024"))
+ (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescan-interval-s fs-watcher-enabled fs-watcher-delay-s
+ fs-watcher-timeout-s ignore-perms auto-normalize devices filesystem-type
+ min-disk-free-unit min-disk-free versioning-type versioning-fs-path
+ versioning-fs-type versioning-cleanup-interval-s versioning-cleanout-days
+ versioning-keep versioning-max-age versioning-command copiers
+ puller-max-pending-kib hashers order ignore-delete scan-progress-interval-s
+ puller-pause-s max-conflicts disable-sparse-files disable-temp-indexes paused
+ weak-hash-threshold-pct marker-name copy-ownership-from-parent mod-time-window-s
+ max-concurrent-writes disable-fsync block-pull-order copy-range-method
+ case-sensitive-fs junctions-as-dirs sync-ownership send-ownership sync-xattrs
+ send-xattrs xattr-filter-max-single-entry-size xattr-filter-max-total-size)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescan-interval-s)
+ (fsWatcherEnabled ,fs-watcher-enabled)
+ (fsWatcherDelayS ,fs-watcher-delay-s)
+ (fsWatcherTimeoutS ,fs-watcher-timeout-s)
+ (ignorePerms ,ignore-perms)
+ (autoNormalize ,auto-normalize))
+ (filesystemType ,filesystem-type)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,min-disk-free-unit))
+ ,min-disk-free)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanout-days)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-max-age)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanup-interval-s)
+ (fsPath ,versioning-fs-path)
+ (fsType ,versioning-fs-type))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,puller-max-pending-kib)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignore-delete)
+ (scanProgressIntervalS ,scan-progress-interval-s)
+ (pullerPauseS ,puller-pause-s)
+ (maxConflicts ,max-conflicts)
+ (disableSparseFiles ,disable-sparse-files)
+ (disableTempIndexes ,disable-temp-indexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weak-hash-threshold-pct)
+ (markerName ,marker-name)
+ (copyOwnershipFromParent ,copy-ownership-from-parent)
+ (modTimeWindowS ,mod-time-window-s)
+ (maxConcurrentWrites ,max-concurrent-writes)
+ (disableFsync ,disable-fsync)
+ (blockPullOrder ,block-pull-order)
+ (copyRangeMethod ,copy-range-method)
+ (caseSensitiveFS ,case-sensitive-fs)
+ (junctionsAsDirs ,junctions-as-dirs)
+ (syncOwnership ,sync-ownership)
+ (sendOwnership ,send-ownership)
+ (syncXattrs ,sync-xattrs)
+ (sendXattrs ,send-xattrs)
+ (xattrFilter (maxSingleEntrySize ,xattr-filter-max-single-entry-size)
+ (maxTotalSize ,xattr-filter-max-total-size)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-send-basic-auth-prompt syncthing-config-gui-send-basic-auth-prompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default #f))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bind-dn syncthing-config-ldap-bind-dn (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecure-skip-verify syncthing-config-ldap-insecure-skip-verify (default ""))
+ (ldap-search-base-dn syncthing-config-ldap-search-base-dn (default ""))
+ (ldap-search-filter syncthing-config-ldap-search-filter (default ""))
+ (listen-address syncthing-config-listen-address (default "default"))
+ (global-announce-server syncthing-config-global-announce-server (default "default"))
+ (global-announce-enabled syncthing-config-global-announce-enabled (default "true"))
+ (local-announce-enabled syncthing-config-local-announce-enabled (default "true"))
+ (local-announce-port syncthing-config-local-announce-port (default "21027"))
+ (local-announce-mcaddr syncthing-config-local-announce-mcaddr (default "[ff12::8384]:21027"))
+ (max-send-kbps syncthing-config-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-config-max-recv-kbps (default "0"))
+ (reconnection-interval-s syncthing-config-reconnection-interval-s (default "60"))
+ (relays-enabled syncthing-config-relays-enabled (default "true"))
+ (relay-reconnect-interval-m syncthing-config-relay-reconnect-interval-m (default "10"))
+ (start-browser syncthing-config-start-browser (default "true"))
+ (nat-enabled syncthing-config-nat-enabled (default "true"))
+ (nat-lease-minutes syncthing-config-nat-lease-minutes (default "60"))
+ (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default "30"))
+ (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default "10"))
+ (ur-accepted syncthing-config-ur-accepted (default "0"))
+ (ur-seen syncthing-config-ur-seen (default "0"))
+ (ur-unique-id syncthing-config-ur-unique-id (default ""))
+ (ur-url syncthing-config-ur-url (default "https://data.syncthing.net/newdata"))
+ (ur-post-insecurely syncthing-config-ur-post-insecurely (default "false"))
+ (ur-initial-delay-s syncthing-config-ur-initial-delay-s (default "1800"))
+ (auto-upgrade-interval-h syncthing-config-auto-upgrade-interval-h (default "12"))
+ (upgrade-to-pre-releases syncthing-config-upgrade-to-pre-releases (default "false"))
+ (keep-temporaries-h syncthing-config-keep-temporaries-h (default "24"))
+ (cache-ignored-files syncthing-config-cache-ignored-files (default "false"))
+ (progress-update-interval-s syncthing-config-progress-update-interval-s (default "5"))
+ (limit-bandwidth-in-lan syncthing-config-limit-bandwidth-in-lan (default "false"))
+ (min-home-disk-free-unit syncthing-config-min-home-disk-free-unit (default "%"))
+ (min-home-disk-free syncthing-config-min-home-disk-free (default "1"))
+ (releases-url syncthing-config-releases-url (default "https://upgrades.syncthing.net/meta.json"))
+ (overwrite-remote-device-names-on-connect syncthing-config-overwrite-remote-device-names-on-connect (default "false"))
+ (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default "10"))
+ (unacked-notification-id syncthing-config-unacked-notification-id (default "authenticationUserAndPassword"))
+ (traffic-class syncthing-config-traffic-class (default "0"))
+ (set-low-priority syncthing-config-set-low-priority (default "true"))
+ (max-folder-concurrency syncthing-config-max-folder-concurrency (default "0"))
+ (crash-reporting-url syncthing-config-crash-reporting-url (default "https://crash.syncthing.net/newcrash"))
+ (crash-reporting-enabled syncthing-config-crash-reporting-enabled (default "true"))
+ (stun-keepalive-start-s syncthing-config-stun-keepalive-start-s (default "180"))
+ (stun-keepalive-min-s syncthing-config-stun-keepalive-min-s (default "20"))
+ (stun-server syncthing-config-stun-server (default "default"))
+ (database-tuning syncthing-config-database-tuning (default "auto"))
+ (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default "0"))
+ (announce-lan-addresses syncthing-config-announce-lan-addresses (default "true"))
+ (send-full-index-on-upgrade syncthing-config-send-full-index-on-upgrade (default "false"))
+ (connection-limit-enough syncthing-config-connection-limit-enough (default "0"))
+ (connection-limit-max syncthing-config-connection-limit-max (default "0"))
+ (insecure-allow-old-tlsVersions syncthing-config-insecure-allow-old-tlsVersions (default "false"))
+ (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default "10"))
+ (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default "20"))
+ (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default "30"))
+ (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default "40"))
+ (connection-priority-relay syncthing-config-connection-priority-relay (default "50"))
+ (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default "0"))
+ (default-folder syncthing-config-default-folder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-default-device
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-default-ignores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-send-basic-auth-prompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bind-dn ldap-transport ldap-insecure-skip-verify
+ ldap-search-base-dn ldap-search-filter listen-address global-announce-server
+ global-announce-enabled local-announce-enabled local-announce-port
+ local-announce-mcaddr max-send-kbps max-recv-kbps reconnection-interval-s
+ relays-enabled relay-reconnect-interval-m start-browser nat-enabled
+ nat-lease-minutes nat-renewal-minutes nat-timeout-seconds ur-accepted
+ ur-seen ur-unique-id ur-url ur-post-insecurely ur-initial-delay-s
+ auto-upgrade-interval-h upgrade-to-pre-releases keep-temporaries-h
+ cache-ignored-files progress-update-interval-s limit-bandwidth-in-lan
+ min-home-disk-free-unit min-home-disk-free releases-url
+ overwrite-remote-device-names-on-connect temp-index-min-blocks
+ unacked-notification-id traffic-class set-low-priority max-folder-concurrency
+ crash-reporting-url crash-reporting-enabled stun-keepalive-start-s
+ stun-keepalive-min-s stun-server database-tuning
+ max-concurrent-incoming-request-kib announce-lan-addresses
+ send-full-index-on-upgrade connection-limit-enough connection-limit-max
+ insecure-allow-old-tlsVersions connection-priority-tcp-lan
+ connection-priority-quic-lan connection-priority-tcp-wan
+ connection-priority-quic-wan connection-priority-relay
+ connection-priority-upgrade-threshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-send-basic-auth-prompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ ,@(if gui-apikey `((apikey ,gui-apikey)) '())
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bind-dn)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecure-skip-verify
+ `((insecureSkipVerify ,ldap-insecure-skip-verify))
+ '())
+ ,@(if ldap-search-base-dn
+ `((searchBaseDN ,ldap-search-base-dn))
+ '())
+ ,@(if ldap-search-filter
+ `((searchFilter ,ldap-search-filter))
+ '()))
+ ""))
+ (options (listenAddress ,listen-address)
+ (globalAnnounceServer ,global-announce-server)
+ (globalAnnounceEnabled ,global-announce-enabled)
+ (localAnnounceEnabled ,local-announce-enabled)
+ (localAnnouncePort ,local-announce-port)
+ (localAnnounceMCAddr ,local-announce-mcaddr)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (reconnectionIntervalS ,reconnection-interval-s)
+ (relaysEnabled ,relays-enabled)
+ (relayReconnectIntervalM ,relay-reconnect-interval-m)
+ (startBrowser ,start-browser)
+ (natEnabled ,nat-enabled)
+ (natLeaseMinutes ,nat-lease-minutes)
+ (natRenewalMinutes ,nat-renewal-minutes)
+ (natTimeoutSeconds ,nat-timeout-seconds)
+ (urAccepted ,ur-accepted)
+ (urSeen ,ur-seen)
+ (urUniqueID ,ur-unique-id)
+ (urURL ,ur-url)
+ (urPostInsecurely ,ur-post-insecurely)
+ (urInitialDelayS ,ur-initial-delay-s)
+ (autoUpgradeIntervalH ,auto-upgrade-interval-h)
+ (upgradeToPreReleases ,upgrade-to-pre-releases)
+ (keepTemporariesH ,keep-temporaries-h)
+ (cacheIgnoredFiles ,cache-ignored-files)
+ (progressUpdateIntervalS ,progress-update-interval-s)
+ (limitBandwidthInLan ,limit-bandwidth-in-lan)
+ (minHomeDiskFree (@ (unit ,min-home-disk-free-unit))
+ ,min-home-disk-free)
+ (releasesURL ,releases-url)
+ (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect)
+ (tempIndexMinBlocks ,temp-index-min-blocks)
+ (unackedNotificationID ,unacked-notification-id)
+ (trafficClass ,traffic-class)
+ (setLowPriority ,set-low-priority)
+ (maxFolderConcurrency ,max-folder-concurrency)
+ (crashReportingURL ,crash-reporting-url)
+ (crashReportingEnabled ,crash-reporting-enabled)
+ (stunKeepaliveStartS ,stun-keepalive-start-s)
+ (stunKeepaliveMinS ,stun-keepalive-min-s)
+ (stunServer ,stun-server)
+ (databaseTuning ,database-tuning)
+ (maxConcurrentIncomingRequestKiB ,max-concurrent-incoming-request-kib)
+ (announceLANAddresses ,announce-lan-addresses)
+ (sendFullIndexOnUpgrade ,send-full-index-on-upgrade)
+ (connectionLimitEnough ,connection-limit-enough)
+ (connectionLimitMax ,connection-limit-max)
+ (insecureAllowOldTLSVersions ,insecure-allow-old-tlsVersions)
+ (connectionPriorityTcpLan ,connection-priority-tcp-lan)
+ (connectionPriorityQuicLan ,connection-priority-quic-lan)
+ (connectionPriorityTcpWan ,connection-priority-tcp-wan)
+ (connectionPriorityQuicWan ,connection-priority-quic-wan)
+ (connectionPriorityRelay ,connection-priority-relay)
+ (connectionPriorityUpgradeThreshold ,connection-priority-upgrade-threshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (list (syncthing-config-file->sxml config)))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,12 +467,14 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
(define syncthing-shepherd-service
(match-record-lambda <syncthing-configuration>
- (syncthing arguments logflags user group home home-service?)
+ (syncthing arguments logflags user group home home-service? config-file)
(list
(shepherd-service
(provision (if home-service?
@@ -64,39 +483,68 @@ (define syncthing-shepherd-service
(string-append "syncthing-" user)))))
(documentation "Run syncthing.")
(requirement (if home-service? '() '(loopback user-processes)))
- (start #~(make-forkexec-constructor
- (append (list (string-append #$syncthing "/bin/syncthing")
- "--no-browser"
- "--no-restart"
- (string-append "--logflags=" (number->string #$logflags)))
- '#$arguments)
- #:user #$(and (not home-service?) user)
- #:group #$(and (not home-service?) group)
- #:environment-variables
- (append
- (list
- (string-append "HOME="
- (or #$home
- (passwd:dir
- (getpw (if (and #$home-service?
- (not #$user))
- (getuid)
- #$user)))))
- "SSL_CERT_DIR=/etc/ssl/certs"
- "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
- (filter (negate ;XXX: 'remove' is not in (guile)
- (lambda (str)
- (or (string-prefix? "HOME=" str)
- (string-prefix? "SSL_CERT_DIR=" str)
- (string-prefix? "SSL_CERT_FILE=" str))))
- (environ)))))
+ (start #~(lambda _
+ ;; if we are managing the config, and it's not a home
+ ;; service, then exepect the config file at
+ ;; /var/lib/syncthing-<user>. This makes sure the ownership
+ ;; is correct
+ (unless (or #$(not config-file) #$home-service?)
+ (system* "chown" #$user (string-append "/var/lib/syncthing-" #$user))
+ (system* "chmod" "700" (string-append "/var/lib/syncthing-" #$user)))
+ (make-forkexec-constructor
+ (append (list (string-append #$syncthing "/bin/syncthing")
+ "--no-browser"
+ "--no-restart"
+ (string-append "--logflags=" (number->string #$logflags)))
+ (if (or #$(not config-file) #$home-service?) '()
+ (list (string-append "--home=/var/lib/syncthing-" #$user)))
+ '#$arguments)
+ #:user #$(and (not home-service?) user)
+ #:group #$(and (not home-service?) group)
+ #:environment-variables
+ (append
+ (list
+ (string-append "HOME="
+ (or #$home
+ (passwd:dir
+ (getpw (if (and #$home-service?
+ (not #$user))
+ (getuid)
+ #$user)))))
+ "SSL_CERT_DIR=/etc/ssl/certs"
+ "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
+ (filter (negate ;XXX: 'remove' is not in (guile)
+ (lambda (str)
+ (or (string-prefix? "HOME=" str)
+ (string-prefix? "SSL_CERT_DIR=" str)
+ (string-prefix? "SSL_CERT_FILE=" str))))
+ (environ))))))
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ ;; when used as a system service, this service might be executed
+ ;; before a user's home even exists, causing it to be owned by root,
+ ;; and the skeletons to never be applied to that user's home. In such
+ ;; cases, put the config at /var/lib/syncthnig-<user>/config.xml
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append "/var/lib/syncthing-" user "/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.45.2
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 11 Feb 2025 04:04:02 GMT) Full text and rfc822 format available.Message #44 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Bruno Victal <mirai <at> makinata.eu> Cc: 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v5] services: syncthing: Added support for config file serialization. Date: Mon, 10 Feb 2025 23:03:07 -0500
Urgent: I only tested with pre-inst-env and didn't realize the updates to doc/guix.texi cause guix to not build, so don't push upstream until that's fixed. eikcaz-
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 11 Feb 2025 05:32:02 GMT) Full text and rfc822 format available.Message #47 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Leo Famulari <leo <at> famulari.name>, Bruno Victal <mirai <at> makinata.eu> Cc: 75959 <at> debbugs.gnu.org Subject: [PATCH v8] services: syncthing: Add support for config file generation. Date: Tue, 11 Feb 2025 00:31:23 -0500
From dff3153afdd31c754d7d3ddb640a2d33d43f1242 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH v8] services: syncthing: Add support for config file
generation.
* gnu/services/syncthing.scm: (syncthing-config-file,
syncthing-folder, syncthing-device, syncthing-folder-device): New
records; (syncthing-service-type): Add special-files-service-type
extension for the config file; (syncthing-files-service): Add service
to create config file.
* gnu/home/services/syncthing.scm: (home-syncthing-service-type):
Extend home-files-services-type and re-exported more things from
gnu/services/syncthing.scm.
* doc/guix.texi: (syncthing-service-type): Document changes.
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
All this testing and deploying with pre-inst-env, and I never even ran
make... This version builds successfully. Feel free to correct any
grammar errors. (I did try.)
eikcaz-
doc/guix.texi | 317 +++++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 506 ++++++++++++++++++++++++++++++--
3 files changed, 808 insertions(+), 32 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..4756db30c0 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22666,12 +22667,324 @@ The group as which the Syncthing service is to be run.
This assumes that the specified group exists.
@item @code{home} (default: @var{#f})
-Common configuration and data directory. The default configuration
-directory is @file{$HOME} of the specified Syncthing @code{user}.
+Sets the @code{HOME} variable for the syncthing daemon. The default is
+@file{$HOME} of the specified Syncthing @code{user}.
+
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a Syncthing configuration xml
+file, or a @code{syncthing-config-file} record (see below). If set to
+@code{#f}, Guix will not try to generate a config file, and Syncthing
+will generate a default one which will not be touched on reconfigure.
+Specifying this in a system service moves Syncthing's common
+configuration and data directory (@code{--home} in
+@uref{https://docs.syncthing.net/users/syncthing.html}) to
+@file{/var/lib/syncthnig-<user>}.
+
+@end table
+@end deftp
+
+In the below, only details specific to Guix, or related to how your
+device will connect to unrelated devices (relays, nameservers), are
+presented. Otherwise, you should consult
+@uref{https://docs.syncthing.net/users/config.html, Syncthing config
+documentation}; camelCase there is converted to kebab-case here. If you
+are migrating to a Guix-powered Syncthing config file from a
+GUI-configured one, you can see what changes were introduced by
+@code{diff}ing them. Note that you will need to add whitespace with
+4-space indentation to the one generated by Guix. This can be done
+(requires @code{libxml2}) like so:
+
+@example
+XMLLINT_INDENT=" " xmllint --format /path/to/new/config.xml | diff /path/to/old/config.xml -
+@end example
+
+When generating a config file through Guix, you can still modify
+Syncthing from the GUI or through @code{introducer} and
+@code{autoAcceptFolders} mechanisms, but such changes will be reset on
+reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the Syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (as determined by
+comparing device id) are discovered, the one in this list is
+prioritized. Otherwise, the first instance in the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+gui-user and gui-password (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+A bcrypt hash of the GUI password. Remember that this will be globally
+exposed in @file{/gnu/store}.
+@item @code{gui-apikey} (default: @var{#f})
+You must specify this to use the Syncthing REST interface. Also exposed
+in @file{/gnu/store}.
+
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bind-dn} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecure-skip-verify} (default: @var{""})
+@item @code{ldap-search-base-dn} (default: @var{""})
+@item @code{ldap-search-filter} (default: @var{""})
+@item @code{listen-address} (default: @var{"default"})
+@item @code{global-announce-server} (default: @var{"default"})
+@item @code{global-announce-enabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{local-announce-enabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{local-announce-port} (default: @var{"21027"})
+@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{reconnection-interval-s} (default: @var{"60"})
+@item @code{relays-enabled} (default: @var{"true"})
+This option allows your Syncthing instance to coordinate with a global
+network of relays to enable syncing between devices when all other
+methods fail.
+
+@item @code{relay-reconnect-interval-m} (default: @var{"10"})
+@item @code{start-browser} (default: @var{"true"})
+@item @code{nat-enabled} (default: @var{"true"})
+@item @code{nat-lease-minutes} (default: @var{"60"})
+@item @code{nat-renewal-minutes} (default: @var{"30"})
+@item @code{nat-timeout-seconds} (default: @var{"10"})
+@item @code{ur-accepted} (default: @var{"0"})
+ur* options control usage reporting. Set to -1 to disable, or positive
+to enable. The default (0) has reporting disabled, but you will be
+asked to decide in the GUI.
+
+@item @code{ur-seen} (default: @var{"0"})
+@item @code{ur-unique-id} (default: @var{""})
+@item @code{ur-url} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{ur-post-insecurely} (default: @var{"false"})
+@item @code{ur-initial-delay-s} (default: @var{"1800"})
+@item @code{auto-upgrade-interval-h} (default: @var{"12"})
+@item @code{upgrade-to-pre-releases} (default: @var{"false"})
+@item @code{keep-temporaries-h} (default: @var{"24"})
+@item @code{cache-ignored-files} (default: @var{"false"})
+@item @code{progress-update-interval-s} (default: @var{"5"})
+@item @code{limit-bandwidth-in-lan} (default: @var{"false"})
+@item @code{min-home-disk-free-unit} (default: @var{"%"})
+@item @code{min-home-disk-free} (default: @var{"1"})
+@item @code{releases-url} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwrite-remote-device-names-on-connect} (default: @var{"false"})
+@item @code{temp-index-min-blocks} (default: @var{"10"})
+@item @code{unacked-notification-id} (default: @var{"authenticationUserAndPassword"})
+@item @code{traffic-class} (default: @var{"0"})
+@item @code{set-low-priority} (default: @var{"true"})
+@item @code{max-folder-concurrency} (default: @var{"0"})
+@item @code{crash-reporting-url} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crash-reporting-enabled} (default: @var{"true"})
+@item @code{stun-keepalive-start-s} (default: @var{"180"})
+@item @code{stun-keepalive-min-s} (default: @var{"20"})
+@item @code{stun-server} (default: @var{"default"})
+@item @code{database-tuning} (default: @var{"auto"})
+@item @code{max-concurrent-incoming-request-kib} (default: @var{"0"})
+@item @code{announce-lan-addresses} (default: @var{"true"})
+@item @code{send-full-index-on-upgrade} (default: @var{"false"})
+@item @code{connection-limit-enough} (default: @var{"0"})
+@item @code{connection-limit-max} (default: @var{"0"})
+@item @code{insecure-allow-old-tls-versions} (default: @var{"false"})
+@item @code{connection-priority-tcp-lan} (default: @var{"10"})
+@item @code{connection-priority-quic-lan} (default: @var{"20"})
+@item @code{connection-priority-tcp-wan} (default: @var{"30"})
+@item @code{connection-priority-quic-wan} (default: @var{"40"})
+@item @code{connection-priority-relay} (default: @var{"50"})
+@item @code{connection-priority-upgrade-threshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+The default-* above do not affect folders and devices added by the Guix
+interface. They will, however, affect folders and devices that are
+added through the GUI, by an @code{introducer}, or a device with
+@code{auto-accept-folders}.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synced.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This id cannot match the id of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+Human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescan-interval-s} (default: @var{"3600"})
+@item @code{fs-watcher-enabled} (default: @var{"true"})
+@item @code{fs-watcher-delay-s} (default: @var{"10"})
+@item @code{ignore-perms} (default: @var{"false"})
+@item @code{auto-normalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+This should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk. See below.
+
+@item @code{filesystem-type} (default: @var{"basic"})
+@item @code{min-disk-free-unit} (default: @var{"%"})
+@item @code{min-disk-free} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fs-path} (default: @var{""})
+@item @code{versioning-fs-type} (default: @var{"basic"})
+@item @code{versioning-cleanup-interval-s} (default: @var{"3600"})
+@item @code{versioning-cleanout-days} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-max-age} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{puller-max-pending-kib} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignore-delete} (default: @var{"false"})
+@item @code{scan-progress-interval-s} (default: @var{"0"})
+@item @code{puller-pause-s} (default: @var{"0"})
+@item @code{max-conflicts} (default: @var{"10"})
+@item @code{disable-sparse-files} (default: @var{"false"})
+@item @code{disable-temp-indexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weak-hash-threshold-pct} (default: @var{"25"})
+@item @code{marker-name} (default: @var{".stfolder"})
+@item @code{copy-ownership-from-parent} (default: @var{"false"})
+@item @code{mod-time-window-s} (default: @var{"0"})
+@item @code{max-concurrent-writes} (default: @var{"2"})
+@item @code{disable-fsync} (default: @var{"false"})
+@item @code{block-pull-order} (default: @var{"standard"})
+@item @code{copy-range-method} (default: @var{"standard"})
+@item @code{case-sensitive-fs} (default: @var{"false"})
+@item @code{junctions-as-dirs} (default: @var{"false"})
+@item @code{sync-ownership} (default: @var{"false"})
+@item @code{send-ownership} (default: @var{"false"})
+@item @code{sync-xattrs} (default: @var{"false"})
+@item @code{send-xattrs} (default: @var{"false"})
+@item @code{xattr-filter-max-single-entry-size} (default: @var{"1024"})
+@item @code{xattr-filter-max-total-size} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to sync with.
+
+@table @asis
+@item @code{id}
+A long hash tied to the keys generated by Syncthing on the first launch.
+You can obtain this from the Syncthing GUI or by inspecting an existing
+Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+Human readable device name for viewing in the GUI or in scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skip-introduction-removals} (default: @var{"false"})
+@item @code{introduced-by} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. The special value
+``dynamic'' will have syncthing use several means to find the device.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{auto-accept-folders} (default: @var{"false"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{max-request-kib} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remote-gui-port} (default: @var{"0"})
+@item @code{num-connections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+There are two pieces of configuration specific to the relationship
+between a specific folder and a specific device. First, syncthing needs
+to know if the remote device should be able to see the files given to
+it. Second, syncthing needs to know from where that device originates.
+See
+@uref{https://docs.syncthing.net/users/config.html#config-option-folder.device,
+the Syncthing Documentation on this}. If you leave these default, then
+you can just specify @code{syncthing-device}s instead of
+@code{syncthing-folder-device}s in a @code{syncthing-folder}'s
+@code{devices} field.
+
+@table @asis
+@item @code{device}
+device should be a @code{syncthing-device} for which this configuration
+applies.
+
+@item @code{introduced-by} (default: @var{""})
+@item @code{encryption-password} (default: @var{""})
+Beware: specifying this field will include this password as plain text
+(not encrypted) and globally visible in @file{/gnu/store/}. If
+encryption-password is non-empty, then it will be used as a password to
+encrypt file chunks as they are synced to that device. For more info on
+syncing to devices you don't totally trust, see
+@uref{https://docs.syncthing.net/users/untrusted.html, Syncthing
+Documentation on Untrusted Devices}. Note that file transfers are
+always end-to-end encrypted, regardless of this setting.
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("tcp://example.com"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryption-password "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..2707591d51 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,411 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skip-introduction-removals syncthing-device-skip-introduction-removals (default "false"))
+ (introduced-by syncthing-device-introduced-by (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (auto-accept-folders syncthing-device-auto-accept-folders (default "false"))
+ (max-send-kbps syncthing-device-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-device-max-recv-kbps (default "0"))
+ (max-request-kib syncthing-device-max-request-kib (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remote-gui-port syncthing-device-remote-gui-port (default "0"))
+ (num-connections syncthing-device-num-connections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id name compression introducer skip-introduction-removals introduced-by addresses paused auto-accept-folders max-send-kbps max-recv-kbps max-request-kib untrusted remote-gui-port num-connections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skip-introduction-removals)
+ (introducedBy ,introduced-by))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,auto-accept-folders)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (maxRequestKiB ,max-request-kib)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remote-gui-port)
+ (numConnections ,num-connections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introduced-by syncthing-folder-device-introduced-by (default (syncthing-device (id ""))))
+ (encryption-password syncthing-folder-device-encryption-password (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introduced-by encryption-password)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introduced-by)))
+ (encryptionPassword ,encryption-password))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescan-interval-s syncthing-folder-rescan-interval-s (default "3600"))
+ (fs-watcher-enabled syncthing-folder-fs-watcher-enabled (default "true"))
+ (fs-watcher-delay-s syncthing-folder-fs-watcher-delay-s (default "10"))
+ (fs-watcher-timeout-s syncthing-folder-fs-watcher-timeout-s (default "0"))
+ (ignore-perms syncthing-folder-ignore-perms (default "false"))
+ (auto-normalize syncthing-folder-auto-normalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystem-type syncthing-folder-filesystem-type (default "basic"))
+ (min-disk-free-unit syncthing-folder-min-disk-free-unit (default "%"))
+ (min-disk-free syncthing-folder-min-disk-free (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fs-path syncthing-folder-versioning-fs-path (default ""))
+ (versioning-fs-type syncthing-folder-versioning-fs-type (default "basic"))
+ (versioning-cleanup-interval-s syncthing-folder-versioning-cleanup-interval-s (default "3600"))
+ (versioning-cleanout-days syncthing-folder-versioning-cleanout-days (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-max-age syncthing-folder-versioning-max-age (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignore-delete syncthing-folder-ignore-delete (default "false"))
+ (scan-progress-interval-s syncthing-folder-scan-progress-interval-s (default "0"))
+ (puller-pause-s syncthing-folder-puller-pause-s (default "0"))
+ (max-conflicts syncthing-folder-max-conflicts (default "10"))
+ (disable-sparse-files syncthing-folder-disable-sparse-files (default "false"))
+ (disable-temp-indexes syncthing-folder-disable-temp-indexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weak-hash-threshold-pct syncthing-folder-weak-hash-threshold-pct (default "25"))
+ (marker-name syncthing-folder-marker-name (default ".stfolder"))
+ (copy-ownership-from-parent syncthing-folder-copy-ownership-from-parent (default "false"))
+ (mod-time-window-s syncthing-folder-mod-time-window-s (default "0"))
+ (max-concurrent-writes syncthing-folder-max-concurrent-writes (default "2"))
+ (disable-fsync syncthing-folder-disable-fsync (default "false"))
+ (block-pull-order syncthing-folder-block-pull-order (default "standard"))
+ (copy-range-method syncthing-folder-copy-range-method (default "standard"))
+ (case-sensitive-fs syncthing-folder-case-sensitive-fs (default "false"))
+ (junctions-as-dirs syncthing-folder-junctions-as-dirs (default "false"))
+ (sync-ownership syncthing-folder-sync-ownership (default "false"))
+ (send-ownership syncthing-folder-send-ownership (default "false"))
+ (sync-xattrs syncthing-folder-sync-xattrs (default "false"))
+ (send-xattrs syncthing-folder-send-xattrs (default "false"))
+ (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default "1024"))
+ (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescan-interval-s fs-watcher-enabled fs-watcher-delay-s
+ fs-watcher-timeout-s ignore-perms auto-normalize devices filesystem-type
+ min-disk-free-unit min-disk-free versioning-type versioning-fs-path
+ versioning-fs-type versioning-cleanup-interval-s versioning-cleanout-days
+ versioning-keep versioning-max-age versioning-command copiers
+ puller-max-pending-kib hashers order ignore-delete scan-progress-interval-s
+ puller-pause-s max-conflicts disable-sparse-files disable-temp-indexes paused
+ weak-hash-threshold-pct marker-name copy-ownership-from-parent mod-time-window-s
+ max-concurrent-writes disable-fsync block-pull-order copy-range-method
+ case-sensitive-fs junctions-as-dirs sync-ownership send-ownership sync-xattrs
+ send-xattrs xattr-filter-max-single-entry-size xattr-filter-max-total-size)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescan-interval-s)
+ (fsWatcherEnabled ,fs-watcher-enabled)
+ (fsWatcherDelayS ,fs-watcher-delay-s)
+ (fsWatcherTimeoutS ,fs-watcher-timeout-s)
+ (ignorePerms ,ignore-perms)
+ (autoNormalize ,auto-normalize))
+ (filesystemType ,filesystem-type)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,min-disk-free-unit))
+ ,min-disk-free)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanout-days)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-max-age)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanup-interval-s)
+ (fsPath ,versioning-fs-path)
+ (fsType ,versioning-fs-type))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,puller-max-pending-kib)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignore-delete)
+ (scanProgressIntervalS ,scan-progress-interval-s)
+ (pullerPauseS ,puller-pause-s)
+ (maxConflicts ,max-conflicts)
+ (disableSparseFiles ,disable-sparse-files)
+ (disableTempIndexes ,disable-temp-indexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weak-hash-threshold-pct)
+ (markerName ,marker-name)
+ (copyOwnershipFromParent ,copy-ownership-from-parent)
+ (modTimeWindowS ,mod-time-window-s)
+ (maxConcurrentWrites ,max-concurrent-writes)
+ (disableFsync ,disable-fsync)
+ (blockPullOrder ,block-pull-order)
+ (copyRangeMethod ,copy-range-method)
+ (caseSensitiveFS ,case-sensitive-fs)
+ (junctionsAsDirs ,junctions-as-dirs)
+ (syncOwnership ,sync-ownership)
+ (sendOwnership ,send-ownership)
+ (syncXattrs ,sync-xattrs)
+ (sendXattrs ,send-xattrs)
+ (xattrFilter (maxSingleEntrySize ,xattr-filter-max-single-entry-size)
+ (maxTotalSize ,xattr-filter-max-total-size)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-send-basic-auth-prompt syncthing-config-gui-send-basic-auth-prompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default #f))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bind-dn syncthing-config-ldap-bind-dn (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecure-skip-verify syncthing-config-ldap-insecure-skip-verify (default ""))
+ (ldap-search-base-dn syncthing-config-ldap-search-base-dn (default ""))
+ (ldap-search-filter syncthing-config-ldap-search-filter (default ""))
+ (listen-address syncthing-config-listen-address (default "default"))
+ (global-announce-server syncthing-config-global-announce-server (default "default"))
+ (global-announce-enabled syncthing-config-global-announce-enabled (default "true"))
+ (local-announce-enabled syncthing-config-local-announce-enabled (default "true"))
+ (local-announce-port syncthing-config-local-announce-port (default "21027"))
+ (local-announce-mcaddr syncthing-config-local-announce-mcaddr (default "[ff12::8384]:21027"))
+ (max-send-kbps syncthing-config-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-config-max-recv-kbps (default "0"))
+ (reconnection-interval-s syncthing-config-reconnection-interval-s (default "60"))
+ (relays-enabled syncthing-config-relays-enabled (default "true"))
+ (relay-reconnect-interval-m syncthing-config-relay-reconnect-interval-m (default "10"))
+ (start-browser syncthing-config-start-browser (default "true"))
+ (nat-enabled syncthing-config-nat-enabled (default "true"))
+ (nat-lease-minutes syncthing-config-nat-lease-minutes (default "60"))
+ (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default "30"))
+ (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default "10"))
+ (ur-accepted syncthing-config-ur-accepted (default "0"))
+ (ur-seen syncthing-config-ur-seen (default "0"))
+ (ur-unique-id syncthing-config-ur-unique-id (default ""))
+ (ur-url syncthing-config-ur-url (default "https://data.syncthing.net/newdata"))
+ (ur-post-insecurely syncthing-config-ur-post-insecurely (default "false"))
+ (ur-initial-delay-s syncthing-config-ur-initial-delay-s (default "1800"))
+ (auto-upgrade-interval-h syncthing-config-auto-upgrade-interval-h (default "12"))
+ (upgrade-to-pre-releases syncthing-config-upgrade-to-pre-releases (default "false"))
+ (keep-temporaries-h syncthing-config-keep-temporaries-h (default "24"))
+ (cache-ignored-files syncthing-config-cache-ignored-files (default "false"))
+ (progress-update-interval-s syncthing-config-progress-update-interval-s (default "5"))
+ (limit-bandwidth-in-lan syncthing-config-limit-bandwidth-in-lan (default "false"))
+ (min-home-disk-free-unit syncthing-config-min-home-disk-free-unit (default "%"))
+ (min-home-disk-free syncthing-config-min-home-disk-free (default "1"))
+ (releases-url syncthing-config-releases-url (default "https://upgrades.syncthing.net/meta.json"))
+ (overwrite-remote-device-names-on-connect syncthing-config-overwrite-remote-device-names-on-connect (default "false"))
+ (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default "10"))
+ (unacked-notification-id syncthing-config-unacked-notification-id (default "authenticationUserAndPassword"))
+ (traffic-class syncthing-config-traffic-class (default "0"))
+ (set-low-priority syncthing-config-set-low-priority (default "true"))
+ (max-folder-concurrency syncthing-config-max-folder-concurrency (default "0"))
+ (crash-reporting-url syncthing-config-crash-reporting-url (default "https://crash.syncthing.net/newcrash"))
+ (crash-reporting-enabled syncthing-config-crash-reporting-enabled (default "true"))
+ (stun-keepalive-start-s syncthing-config-stun-keepalive-start-s (default "180"))
+ (stun-keepalive-min-s syncthing-config-stun-keepalive-min-s (default "20"))
+ (stun-server syncthing-config-stun-server (default "default"))
+ (database-tuning syncthing-config-database-tuning (default "auto"))
+ (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default "0"))
+ (announce-lan-addresses syncthing-config-announce-lan-addresses (default "true"))
+ (send-full-index-on-upgrade syncthing-config-send-full-index-on-upgrade (default "false"))
+ (connection-limit-enough syncthing-config-connection-limit-enough (default "0"))
+ (connection-limit-max syncthing-config-connection-limit-max (default "0"))
+ (insecure-allow-old-tlsVersions syncthing-config-insecure-allow-old-tlsVersions (default "false"))
+ (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default "10"))
+ (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default "20"))
+ (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default "30"))
+ (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default "40"))
+ (connection-priority-relay syncthing-config-connection-priority-relay (default "50"))
+ (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default "0"))
+ (default-folder syncthing-config-default-folder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-default-device
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-default-ignores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-send-basic-auth-prompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bind-dn ldap-transport ldap-insecure-skip-verify
+ ldap-search-base-dn ldap-search-filter listen-address global-announce-server
+ global-announce-enabled local-announce-enabled local-announce-port
+ local-announce-mcaddr max-send-kbps max-recv-kbps reconnection-interval-s
+ relays-enabled relay-reconnect-interval-m start-browser nat-enabled
+ nat-lease-minutes nat-renewal-minutes nat-timeout-seconds ur-accepted
+ ur-seen ur-unique-id ur-url ur-post-insecurely ur-initial-delay-s
+ auto-upgrade-interval-h upgrade-to-pre-releases keep-temporaries-h
+ cache-ignored-files progress-update-interval-s limit-bandwidth-in-lan
+ min-home-disk-free-unit min-home-disk-free releases-url
+ overwrite-remote-device-names-on-connect temp-index-min-blocks
+ unacked-notification-id traffic-class set-low-priority max-folder-concurrency
+ crash-reporting-url crash-reporting-enabled stun-keepalive-start-s
+ stun-keepalive-min-s stun-server database-tuning
+ max-concurrent-incoming-request-kib announce-lan-addresses
+ send-full-index-on-upgrade connection-limit-enough connection-limit-max
+ insecure-allow-old-tlsVersions connection-priority-tcp-lan
+ connection-priority-quic-lan connection-priority-tcp-wan
+ connection-priority-quic-wan connection-priority-relay
+ connection-priority-upgrade-threshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-send-basic-auth-prompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ ,@(if gui-apikey `((apikey ,gui-apikey)) '())
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bind-dn)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecure-skip-verify
+ `((insecureSkipVerify ,ldap-insecure-skip-verify))
+ '())
+ ,@(if ldap-search-base-dn
+ `((searchBaseDN ,ldap-search-base-dn))
+ '())
+ ,@(if ldap-search-filter
+ `((searchFilter ,ldap-search-filter))
+ '()))
+ ""))
+ (options (listenAddress ,listen-address)
+ (globalAnnounceServer ,global-announce-server)
+ (globalAnnounceEnabled ,global-announce-enabled)
+ (localAnnounceEnabled ,local-announce-enabled)
+ (localAnnouncePort ,local-announce-port)
+ (localAnnounceMCAddr ,local-announce-mcaddr)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (reconnectionIntervalS ,reconnection-interval-s)
+ (relaysEnabled ,relays-enabled)
+ (relayReconnectIntervalM ,relay-reconnect-interval-m)
+ (startBrowser ,start-browser)
+ (natEnabled ,nat-enabled)
+ (natLeaseMinutes ,nat-lease-minutes)
+ (natRenewalMinutes ,nat-renewal-minutes)
+ (natTimeoutSeconds ,nat-timeout-seconds)
+ (urAccepted ,ur-accepted)
+ (urSeen ,ur-seen)
+ (urUniqueID ,ur-unique-id)
+ (urURL ,ur-url)
+ (urPostInsecurely ,ur-post-insecurely)
+ (urInitialDelayS ,ur-initial-delay-s)
+ (autoUpgradeIntervalH ,auto-upgrade-interval-h)
+ (upgradeToPreReleases ,upgrade-to-pre-releases)
+ (keepTemporariesH ,keep-temporaries-h)
+ (cacheIgnoredFiles ,cache-ignored-files)
+ (progressUpdateIntervalS ,progress-update-interval-s)
+ (limitBandwidthInLan ,limit-bandwidth-in-lan)
+ (minHomeDiskFree (@ (unit ,min-home-disk-free-unit))
+ ,min-home-disk-free)
+ (releasesURL ,releases-url)
+ (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect)
+ (tempIndexMinBlocks ,temp-index-min-blocks)
+ (unackedNotificationID ,unacked-notification-id)
+ (trafficClass ,traffic-class)
+ (setLowPriority ,set-low-priority)
+ (maxFolderConcurrency ,max-folder-concurrency)
+ (crashReportingURL ,crash-reporting-url)
+ (crashReportingEnabled ,crash-reporting-enabled)
+ (stunKeepaliveStartS ,stun-keepalive-start-s)
+ (stunKeepaliveMinS ,stun-keepalive-min-s)
+ (stunServer ,stun-server)
+ (databaseTuning ,database-tuning)
+ (maxConcurrentIncomingRequestKiB ,max-concurrent-incoming-request-kib)
+ (announceLANAddresses ,announce-lan-addresses)
+ (sendFullIndexOnUpgrade ,send-full-index-on-upgrade)
+ (connectionLimitEnough ,connection-limit-enough)
+ (connectionLimitMax ,connection-limit-max)
+ (insecureAllowOldTLSVersions ,insecure-allow-old-tlsVersions)
+ (connectionPriorityTcpLan ,connection-priority-tcp-lan)
+ (connectionPriorityQuicLan ,connection-priority-quic-lan)
+ (connectionPriorityTcpWan ,connection-priority-tcp-wan)
+ (connectionPriorityQuicWan ,connection-priority-quic-wan)
+ (connectionPriorityRelay ,connection-priority-relay)
+ (connectionPriorityUpgradeThreshold ,connection-priority-upgrade-threshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (list (syncthing-config-file->sxml config)))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,12 +467,14 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
(define syncthing-shepherd-service
(match-record-lambda <syncthing-configuration>
- (syncthing arguments logflags user group home home-service?)
+ (syncthing arguments logflags user group home home-service? config-file)
(list
(shepherd-service
(provision (if home-service?
@@ -64,39 +483,68 @@ (define syncthing-shepherd-service
(string-append "syncthing-" user)))))
(documentation "Run syncthing.")
(requirement (if home-service? '() '(loopback user-processes)))
- (start #~(make-forkexec-constructor
- (append (list (string-append #$syncthing "/bin/syncthing")
- "--no-browser"
- "--no-restart"
- (string-append "--logflags=" (number->string #$logflags)))
- '#$arguments)
- #:user #$(and (not home-service?) user)
- #:group #$(and (not home-service?) group)
- #:environment-variables
- (append
- (list
- (string-append "HOME="
- (or #$home
- (passwd:dir
- (getpw (if (and #$home-service?
- (not #$user))
- (getuid)
- #$user)))))
- "SSL_CERT_DIR=/etc/ssl/certs"
- "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
- (filter (negate ;XXX: 'remove' is not in (guile)
- (lambda (str)
- (or (string-prefix? "HOME=" str)
- (string-prefix? "SSL_CERT_DIR=" str)
- (string-prefix? "SSL_CERT_FILE=" str))))
- (environ)))))
+ (start #~(lambda _
+ ;; if we are managing the config, and it's not a home
+ ;; service, then exepect the config file at
+ ;; /var/lib/syncthing-<user>. This makes sure the ownership
+ ;; is correct
+ (unless (or #$(not config-file) #$home-service?)
+ (system* "chown" #$user (string-append "/var/lib/syncthing-" #$user))
+ (system* "chmod" "700" (string-append "/var/lib/syncthing-" #$user)))
+ (make-forkexec-constructor
+ (append (list (string-append #$syncthing "/bin/syncthing")
+ "--no-browser"
+ "--no-restart"
+ (string-append "--logflags=" (number->string #$logflags)))
+ (if (or #$(not config-file) #$home-service?) '()
+ (list (string-append "--home=/var/lib/syncthing-" #$user)))
+ '#$arguments)
+ #:user #$(and (not home-service?) user)
+ #:group #$(and (not home-service?) group)
+ #:environment-variables
+ (append
+ (list
+ (string-append "HOME="
+ (or #$home
+ (passwd:dir
+ (getpw (if (and #$home-service?
+ (not #$user))
+ (getuid)
+ #$user)))))
+ "SSL_CERT_DIR=/etc/ssl/certs"
+ "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
+ (filter (negate ;XXX: 'remove' is not in (guile)
+ (lambda (str)
+ (or (string-prefix? "HOME=" str)
+ (string-prefix? "SSL_CERT_DIR=" str)
+ (string-prefix? "SSL_CERT_FILE=" str))))
+ (environ))))))
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ ;; when used as a system service, this service might be executed
+ ;; before a user's home even exists, causing it to be owned by root,
+ ;; and the skeletons to never be applied to that user's home. In such
+ ;; cases, put the config at /var/lib/syncthnig-<user>/config.xml
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append "/var/lib/syncthing-" user "/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.48.1
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 14 Feb 2025 08:10:02 GMT) Full text and rfc822 format available.Message #50 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Zacchaeus Scheffer <eikcaz <at> zacchae.us> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org Subject: Re: [PATCH v8] services: syncthing: Add support for config file generation. Date: Fri, 14 Feb 2025 03:09:46 -0500
[Message part 1 (text/plain, inline)]
On Tue, Feb 11, 2025 at 12:31:23AM -0500, Zacchaeus Scheffer wrote: > Subject: [PATCH v8] services: syncthing: Add support for config file > generation. > > * gnu/services/syncthing.scm: (syncthing-config-file, > syncthing-folder, syncthing-device, syncthing-folder-device): New > records; (syncthing-service-type): Add special-files-service-type > extension for the config file; (syncthing-files-service): Add service > to create config file. > * gnu/home/services/syncthing.scm: (home-syncthing-service-type): > Extend home-files-services-type and re-exported more things from > gnu/services/syncthing.scm. > * doc/guix.texi: (syncthing-service-type): Document changes. Great! I read through the documentation and made numerous stylistic edits, and also added some references, links, and markup. See the attached diff. I did not change the structure of the docs. Please let me know what you think. > + (start #~(lambda _ > + ;; if we are managing the config, and it's not a home > + ;; service, then exepect the config file at > + ;; /var/lib/syncthing-<user>. This makes sure the ownership > + ;; is correct > + (unless (or #$(not config-file) #$home-service?) > + (system* "chown" #$user (string-append "/var/lib/syncthing-" #$user)) > + (system* "chmod" "700" (string-append "/var/lib/syncthing-" #$user))) Please use the Guile procedures chown and chmod here, rather than shelling out. Also, I think the folder's group should be set as well using the chown procedure; right now it remains owned by root. There are examples in 'gnu/services'. https://www.gnu.org/software/guile/manual/html_node/File-System.html#index-chmod https://www.gnu.org/software/guile/manual/html_node/File-System.html#index-chown > + (make-forkexec-constructor > + (append (list (string-append #$syncthing "/bin/syncthing") > + "--no-browser" > + "--no-restart" It will be helpful to add brief Scheme code comments explaining what these options do.
[guix.texi.diff (text/plain, attachment)]
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sun, 16 Feb 2025 01:07:02 GMT) Full text and rfc822 format available.Message #53 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Leo Famulari <leo <at> famulari.name> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org Subject: Re: [PATCH v9] services: syncthing: Add support for config file generation. Date: Sat, 15 Feb 2025 20:06:42 -0500
From 1f38aeb8e2b1c5384ac915a09bad7df1f97b2543 Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH v9] services: syncthing: Add support for config file
generation.
* gnu/services/syncthing.scm: (syncthing-config-file,
syncthing-folder, syncthing-device, syncthing-folder-device): New
records; (syncthing-service-type): Add special-files-service-type
extension for the config file; (syncthing-files-service): Add service
to create config file.
* gnu/home/services/syncthing.scm: (home-syncthing-service-type):
Extend home-files-services-type and re-exported more things from
gnu/services/syncthing.scm.
* doc/guix.texi: (syncthing-service-type): Document changes.
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
I incorporated the changes suggested by lfam, except that I kept the
semi-colon. I double-checked that it was gramatically correct, and I
think it makes to where "there" refers clear. I converted chmod/chown
to guile procedures, and added documentation on some of the flags used
to launch Syncthing.
doc/guix.texi | 334 ++++++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 515 ++++++++++++++++++++++++++++++--
3 files changed, 833 insertions(+), 33 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..d1fbe5ffd3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22620,7 +22621,7 @@ client.
The @code{(gnu services syncthing)} module provides the following services:
@cindex syncthing
-You might want a syncthing daemon if you have files between two or more
+You might want a Syncthing daemon if you have files between two or more
computers and want to sync them in real time, safely protected from
prying eyes.
@@ -22666,12 +22667,339 @@ The group as which the Syncthing service is to be run.
This assumes that the specified group exists.
@item @code{home} (default: @var{#f})
-Common configuration and data directory. The default configuration
-directory is @file{$HOME} of the specified Syncthing @code{user}.
+Sets the @code{HOME} variable for the Syncthing daemon. The default is
+@file{$HOME} of the specified Syncthing @code{user}.
+
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a Syncthing configuration XML
+file, or a @code{syncthing-config-file} record (see below). If set to
+@code{#f}, Guix will not try to generate a config file, and Syncthing
+will generate a default configuration which will not be touched on
+reconfigure. Specifying this in a system service moves Syncthing's
+common configuration and data directory (@code{--home} in
+@uref{https://docs.syncthing.net/users/syncthing.html}) to
+@file{/var/lib/syncthing-<user>}.
+
+@end table
+@end deftp
+
+This section documents a subset of the Syncthing configuration
+options—specifically those related to Guix or those affecting how your
+computer will connect to other computers over the network (such as
+Syncthing relays or discovery servers). The configuration is fully
+documented in the upstream
+@uref{https://docs.syncthing.net/users/config.html, Syncthing config
+documentation}; camelCase there is converted to kebab-case here. If you
+are migrating from a Syncthing-managed configuration to one managed by
+Guix, you can check what changes were introduced by @code{diff}ing the
+respective @file{config.xml} files. Note that you will need to add
+whitespace with 4-space indentation to the file generated by Guix, using
+the @code{xmllint} program from the @code{libxml2} package like so:
+
+@example
+XMLLINT_INDENT=" " xmllint --format /path/to/new/config.xml | diff /path/to/old/config.xml -
+@end example
+
+When generating a configuration file through Guix, you can still
+temporarily modify Syncthing from the GUI or through @code{introducer}
+and @code{autoAcceptFolders} mechanisms, but such changes will be reset
+on reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the Syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (as determined by
+comparing device ID) are discovered, the one in this list is
+prioritized. Otherwise, the first instance in the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+@code{gui-user} and @code{gui-password} (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+A bcrypt hash of the GUI password. Remember that this will be globally
+exposed in @file{/gnu/store}.
+
+@item @code{gui-apikey} (default: @var{#f})
+You must specify this to use the Syncthing REST interface. This key is
+kept in @file{/gnu/store} and is accessible to all users of the system.
+
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bind-dn} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecure-skip-verify} (default: @var{""})
+@item @code{ldap-search-base-dn} (default: @var{""})
+@item @code{ldap-search-filter} (default: @var{""})
+@item @code{listen-address} (default: @var{"default"})
+@item @code{global-announce-server} (default: @var{"default"})
+@item @code{global-announce-enabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{local-announce-enabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{local-announce-port} (default: @var{"21027"})
+@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{reconnection-interval-s} (default: @var{"60"})
+@item @code{relays-enabled} (default: @var{"true"})
+This option allows your Syncthing instance to use a global network of
+@uref{https://docs.syncthing.net/users/relaying.html, relays} to enable
+syncing between devices when all other methods fail. As always,
+Syncthing traffic is encrypted in transport and the relays are unable to
+decrypt it.
+
+@item @code{relay-reconnect-interval-m} (default: @var{"10"})
+@item @code{start-browser} (default: @var{"true"})
+@item @code{nat-enabled} (default: @var{"true"})
+@item @code{nat-lease-minutes} (default: @var{"60"})
+@item @code{nat-renewal-minutes} (default: @var{"30"})
+@item @code{nat-timeout-seconds} (default: @var{"10"})
+@item @code{ur-accepted} (default: @var{"0"})
+Options whose names begin with `ur-' control usage reporting. Set to -1
+to disable, or to a positive value to enable. The default (0) disables
+reporting, but causes a usage reporting consent prompt to be displayed
+in the Syncthing GUI.
+
+@item @code{ur-seen} (default: @var{"0"})
+@item @code{ur-unique-id} (default: @var{""})
+@item @code{ur-url} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{ur-post-insecurely} (default: @var{"false"})
+@item @code{ur-initial-delay-s} (default: @var{"1800"})
+@item @code{auto-upgrade-interval-h} (default: @var{"12"})
+@item @code{upgrade-to-pre-releases} (default: @var{"false"})
+@item @code{keep-temporaries-h} (default: @var{"24"})
+@item @code{cache-ignored-files} (default: @var{"false"})
+@item @code{progress-update-interval-s} (default: @var{"5"})
+@item @code{limit-bandwidth-in-lan} (default: @var{"false"})
+@item @code{min-home-disk-free-unit} (default: @var{"%"})
+@item @code{min-home-disk-free} (default: @var{"1"})
+@item @code{releases-url} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwrite-remote-device-names-on-connect} (default: @var{"false"})
+@item @code{temp-index-min-blocks} (default: @var{"10"})
+@item @code{unacked-notification-id} (default: @var{"authenticationUserAndPassword"})
+@item @code{traffic-class} (default: @var{"0"})
+@item @code{set-low-priority} (default: @var{"true"})
+@item @code{max-folder-concurrency} (default: @var{"0"})
+@item @code{crash-reporting-url} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crash-reporting-enabled} (default: @var{"true"})
+@item @code{stun-keepalive-start-s} (default: @var{"180"})
+@item @code{stun-keepalive-min-s} (default: @var{"20"})
+@item @code{stun-server} (default: @var{"default"})
+@item @code{database-tuning} (default: @var{"auto"})
+@item @code{max-concurrent-incoming-request-kib} (default: @var{"0"})
+@item @code{announce-lan-addresses} (default: @var{"true"})
+@item @code{send-full-index-on-upgrade} (default: @var{"false"})
+@item @code{connection-limit-enough} (default: @var{"0"})
+@item @code{connection-limit-max} (default: @var{"0"})
+@item @code{insecure-allow-old-tls-versions} (default: @var{"false"})
+@item @code{connection-priority-tcp-lan} (default: @var{"10"})
+@item @code{connection-priority-quic-lan} (default: @var{"20"})
+@item @code{connection-priority-tcp-wan} (default: @var{"30"})
+@item @code{connection-priority-quic-wan} (default: @var{"40"})
+@item @code{connection-priority-relay} (default: @var{"50"})
+@item @code{connection-priority-upgrade-threshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+Options whose names begin with `default-' above do not affect folders
+and devices added through the Guix configuration interface. They will,
+however, affect folders and devices that are added through the Syncthing
+GUI, by an @code{introducer}, or a device with
+@code{auto-accept-folders}.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synchronized.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This ID cannot match the ID of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+A human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescan-interval-s} (default: @var{"3600"})
+@item @code{fs-watcher-enabled} (default: @var{"true"})
+@item @code{fs-watcher-delay-s} (default: @var{"10"})
+@item @code{ignore-perms} (default: @var{"false"})
+@item @code{auto-normalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+This should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk. See below.
+
+@item @code{filesystem-type} (default: @var{"basic"})
+@item @code{min-disk-free-unit} (default: @var{"%"})
+@item @code{min-disk-free} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fs-path} (default: @var{""})
+@item @code{versioning-fs-type} (default: @var{"basic"})
+@item @code{versioning-cleanup-interval-s} (default: @var{"3600"})
+@item @code{versioning-cleanout-days} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-max-age} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{puller-max-pending-kib} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignore-delete} (default: @var{"false"})
+@item @code{scan-progress-interval-s} (default: @var{"0"})
+@item @code{puller-pause-s} (default: @var{"0"})
+@item @code{max-conflicts} (default: @var{"10"})
+@item @code{disable-sparse-files} (default: @var{"false"})
+@item @code{disable-temp-indexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weak-hash-threshold-pct} (default: @var{"25"})
+@item @code{marker-name} (default: @var{".stfolder"})
+@item @code{copy-ownership-from-parent} (default: @var{"false"})
+@item @code{mod-time-window-s} (default: @var{"0"})
+@item @code{max-concurrent-writes} (default: @var{"2"})
+@item @code{disable-fsync} (default: @var{"false"})
+@item @code{block-pull-order} (default: @var{"standard"})
+@item @code{copy-range-method} (default: @var{"standard"})
+@item @code{case-sensitive-fs} (default: @var{"false"})
+@item @code{junctions-as-dirs} (default: @var{"false"})
+@item @code{sync-ownership} (default: @var{"false"})
+@item @code{send-ownership} (default: @var{"false"})
+@item @code{sync-xattrs} (default: @var{"false"})
+@item @code{send-xattrs} (default: @var{"false"})
+@item @code{xattr-filter-max-single-entry-size} (default: @var{"1024"})
+@item @code{xattr-filter-max-total-size} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to synchronize folders with.
+
+@table @asis
+@item @code{id}
+A long hash representing the keys generated by Syncthing on the first
+launch. You can obtain this from the Syncthing GUI or by inspecting an
+existing Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+A human readable device name for viewing in the GUI or in Scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skip-introduction-removals} (default: @var{"false"})
+@item @code{introduced-by} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. When the special
+value ``dynamic'' is included, Syncthing will search for the device
+locally as well as via the Syncthing project's
+@uref{https://docs.syncthing.net/users/security.html#global-discovery,
+global discovery} servers.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{auto-accept-folders} (default: @var{"false"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{max-request-kib} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remote-gui-port} (default: @var{"0"})
+@item @code{num-connections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+This data type offers two folder-specific device options. First, it
+offers @code{introduced-by}, which is a record of Syncthing
+@uref{https://docs.syncthing.net/users/introducer.html, introductions}.
+Second, it offers @code{encryption-password}, by which you can set the
+password used to encrypt data that is synced with
+@uref{https://docs.syncthing.net/users/untrusted.html, untrusted
+devices}.
+
+@code{syncthing-folder-device} corresponds to the
+@uref{https://docs.syncthing.net/users/config.html#config-option-folder.device,
+`device'} option in the upstream `folder' element.
+
+If you don't need to use these options, then you can just specify
+@code{syncthing-device}s instead of @code{syncthing-folder-device}s in a
+@code{syncthing-folder}'s @code{devices} field.
+
+@table @asis
+@item @code{device}
+The @code{syncthing-device} for which this configuration applies.
+
+@item @code{introduced-by} (default: @var{""})
+@item @code{encryption-password} (default: @var{""})
+Beware: specifying this field will include this password as plain text
+(not encrypted) and globally visible in @file{/gnu/store/}. If the
+encryption-password is non-empty, then it will be used as a password to
+encrypt file chunks as they are synchronized to untrusted devices. For
+more information on syncing to devices you don't totally trust, see
+Syncthing's documentation on
+@uref{https://docs.syncthing.net/users/untrusted.html, Untrusted
+(Encrypted) Devices}. Note that data transfer is always encrypted while
+in transport ("end-to-end encryption"), regardless of this setting.
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("tcp://example.com"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryption-password "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..cc88bf7925 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,414 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skip-introduction-removals syncthing-device-skip-introduction-removals (default "false"))
+ (introduced-by syncthing-device-introduced-by (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (auto-accept-folders syncthing-device-auto-accept-folders (default "false"))
+ (max-send-kbps syncthing-device-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-device-max-recv-kbps (default "0"))
+ (max-request-kib syncthing-device-max-request-kib (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remote-gui-port syncthing-device-remote-gui-port (default "0"))
+ (num-connections syncthing-device-num-connections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id
+ name compression introducer skip-introduction-removals introduced-by
+ addresses paused auto-accept-folders max-send-kbps max-recv-kbps
+ max-request-kib untrusted remote-gui-port num-connections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skip-introduction-removals)
+ (introducedBy ,introduced-by))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,auto-accept-folders)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (maxRequestKiB ,max-request-kib)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remote-gui-port)
+ (numConnections ,num-connections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introduced-by syncthing-folder-device-introduced-by (default (syncthing-device (id ""))))
+ (encryption-password syncthing-folder-device-encryption-password (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introduced-by encryption-password)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introduced-by)))
+ (encryptionPassword ,encryption-password))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescan-interval-s syncthing-folder-rescan-interval-s (default "3600"))
+ (fs-watcher-enabled syncthing-folder-fs-watcher-enabled (default "true"))
+ (fs-watcher-delay-s syncthing-folder-fs-watcher-delay-s (default "10"))
+ (fs-watcher-timeout-s syncthing-folder-fs-watcher-timeout-s (default "0"))
+ (ignore-perms syncthing-folder-ignore-perms (default "false"))
+ (auto-normalize syncthing-folder-auto-normalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystem-type syncthing-folder-filesystem-type (default "basic"))
+ (min-disk-free-unit syncthing-folder-min-disk-free-unit (default "%"))
+ (min-disk-free syncthing-folder-min-disk-free (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fs-path syncthing-folder-versioning-fs-path (default ""))
+ (versioning-fs-type syncthing-folder-versioning-fs-type (default "basic"))
+ (versioning-cleanup-interval-s syncthing-folder-versioning-cleanup-interval-s (default "3600"))
+ (versioning-cleanout-days syncthing-folder-versioning-cleanout-days (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-max-age syncthing-folder-versioning-max-age (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignore-delete syncthing-folder-ignore-delete (default "false"))
+ (scan-progress-interval-s syncthing-folder-scan-progress-interval-s (default "0"))
+ (puller-pause-s syncthing-folder-puller-pause-s (default "0"))
+ (max-conflicts syncthing-folder-max-conflicts (default "10"))
+ (disable-sparse-files syncthing-folder-disable-sparse-files (default "false"))
+ (disable-temp-indexes syncthing-folder-disable-temp-indexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weak-hash-threshold-pct syncthing-folder-weak-hash-threshold-pct (default "25"))
+ (marker-name syncthing-folder-marker-name (default ".stfolder"))
+ (copy-ownership-from-parent syncthing-folder-copy-ownership-from-parent (default "false"))
+ (mod-time-window-s syncthing-folder-mod-time-window-s (default "0"))
+ (max-concurrent-writes syncthing-folder-max-concurrent-writes (default "2"))
+ (disable-fsync syncthing-folder-disable-fsync (default "false"))
+ (block-pull-order syncthing-folder-block-pull-order (default "standard"))
+ (copy-range-method syncthing-folder-copy-range-method (default "standard"))
+ (case-sensitive-fs syncthing-folder-case-sensitive-fs (default "false"))
+ (junctions-as-dirs syncthing-folder-junctions-as-dirs (default "false"))
+ (sync-ownership syncthing-folder-sync-ownership (default "false"))
+ (send-ownership syncthing-folder-send-ownership (default "false"))
+ (sync-xattrs syncthing-folder-sync-xattrs (default "false"))
+ (send-xattrs syncthing-folder-send-xattrs (default "false"))
+ (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default "1024"))
+ (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescan-interval-s fs-watcher-enabled fs-watcher-delay-s
+ fs-watcher-timeout-s ignore-perms auto-normalize devices filesystem-type
+ min-disk-free-unit min-disk-free versioning-type versioning-fs-path
+ versioning-fs-type versioning-cleanup-interval-s versioning-cleanout-days
+ versioning-keep versioning-max-age versioning-command copiers
+ puller-max-pending-kib hashers order ignore-delete scan-progress-interval-s
+ puller-pause-s max-conflicts disable-sparse-files disable-temp-indexes paused
+ weak-hash-threshold-pct marker-name copy-ownership-from-parent mod-time-window-s
+ max-concurrent-writes disable-fsync block-pull-order copy-range-method
+ case-sensitive-fs junctions-as-dirs sync-ownership send-ownership sync-xattrs
+ send-xattrs xattr-filter-max-single-entry-size xattr-filter-max-total-size)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescan-interval-s)
+ (fsWatcherEnabled ,fs-watcher-enabled)
+ (fsWatcherDelayS ,fs-watcher-delay-s)
+ (fsWatcherTimeoutS ,fs-watcher-timeout-s)
+ (ignorePerms ,ignore-perms)
+ (autoNormalize ,auto-normalize))
+ (filesystemType ,filesystem-type)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,min-disk-free-unit))
+ ,min-disk-free)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanout-days)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-max-age)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanup-interval-s)
+ (fsPath ,versioning-fs-path)
+ (fsType ,versioning-fs-type))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,puller-max-pending-kib)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignore-delete)
+ (scanProgressIntervalS ,scan-progress-interval-s)
+ (pullerPauseS ,puller-pause-s)
+ (maxConflicts ,max-conflicts)
+ (disableSparseFiles ,disable-sparse-files)
+ (disableTempIndexes ,disable-temp-indexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weak-hash-threshold-pct)
+ (markerName ,marker-name)
+ (copyOwnershipFromParent ,copy-ownership-from-parent)
+ (modTimeWindowS ,mod-time-window-s)
+ (maxConcurrentWrites ,max-concurrent-writes)
+ (disableFsync ,disable-fsync)
+ (blockPullOrder ,block-pull-order)
+ (copyRangeMethod ,copy-range-method)
+ (caseSensitiveFS ,case-sensitive-fs)
+ (junctionsAsDirs ,junctions-as-dirs)
+ (syncOwnership ,sync-ownership)
+ (sendOwnership ,send-ownership)
+ (syncXattrs ,sync-xattrs)
+ (sendXattrs ,send-xattrs)
+ (xattrFilter (maxSingleEntrySize ,xattr-filter-max-single-entry-size)
+ (maxTotalSize ,xattr-filter-max-total-size)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-send-basic-auth-prompt syncthing-config-gui-send-basic-auth-prompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default #f))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bind-dn syncthing-config-ldap-bind-dn (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecure-skip-verify syncthing-config-ldap-insecure-skip-verify (default ""))
+ (ldap-search-base-dn syncthing-config-ldap-search-base-dn (default ""))
+ (ldap-search-filter syncthing-config-ldap-search-filter (default ""))
+ (listen-address syncthing-config-listen-address (default "default"))
+ (global-announce-server syncthing-config-global-announce-server (default "default"))
+ (global-announce-enabled syncthing-config-global-announce-enabled (default "true"))
+ (local-announce-enabled syncthing-config-local-announce-enabled (default "true"))
+ (local-announce-port syncthing-config-local-announce-port (default "21027"))
+ (local-announce-mcaddr syncthing-config-local-announce-mcaddr (default "[ff12::8384]:21027"))
+ (max-send-kbps syncthing-config-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-config-max-recv-kbps (default "0"))
+ (reconnection-interval-s syncthing-config-reconnection-interval-s (default "60"))
+ (relays-enabled syncthing-config-relays-enabled (default "true"))
+ (relay-reconnect-interval-m syncthing-config-relay-reconnect-interval-m (default "10"))
+ (start-browser syncthing-config-start-browser (default "true"))
+ (nat-enabled syncthing-config-nat-enabled (default "true"))
+ (nat-lease-minutes syncthing-config-nat-lease-minutes (default "60"))
+ (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default "30"))
+ (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default "10"))
+ (ur-accepted syncthing-config-ur-accepted (default "0"))
+ (ur-seen syncthing-config-ur-seen (default "0"))
+ (ur-unique-id syncthing-config-ur-unique-id (default ""))
+ (ur-url syncthing-config-ur-url (default "https://data.syncthing.net/newdata"))
+ (ur-post-insecurely syncthing-config-ur-post-insecurely (default "false"))
+ (ur-initial-delay-s syncthing-config-ur-initial-delay-s (default "1800"))
+ (auto-upgrade-interval-h syncthing-config-auto-upgrade-interval-h (default "12"))
+ (upgrade-to-pre-releases syncthing-config-upgrade-to-pre-releases (default "false"))
+ (keep-temporaries-h syncthing-config-keep-temporaries-h (default "24"))
+ (cache-ignored-files syncthing-config-cache-ignored-files (default "false"))
+ (progress-update-interval-s syncthing-config-progress-update-interval-s (default "5"))
+ (limit-bandwidth-in-lan syncthing-config-limit-bandwidth-in-lan (default "false"))
+ (min-home-disk-free-unit syncthing-config-min-home-disk-free-unit (default "%"))
+ (min-home-disk-free syncthing-config-min-home-disk-free (default "1"))
+ (releases-url syncthing-config-releases-url (default "https://upgrades.syncthing.net/meta.json"))
+ (overwrite-remote-device-names-on-connect syncthing-config-overwrite-remote-device-names-on-connect (default "false"))
+ (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default "10"))
+ (unacked-notification-id syncthing-config-unacked-notification-id (default "authenticationUserAndPassword"))
+ (traffic-class syncthing-config-traffic-class (default "0"))
+ (set-low-priority syncthing-config-set-low-priority (default "true"))
+ (max-folder-concurrency syncthing-config-max-folder-concurrency (default "0"))
+ (crash-reporting-url syncthing-config-crash-reporting-url (default "https://crash.syncthing.net/newcrash"))
+ (crash-reporting-enabled syncthing-config-crash-reporting-enabled (default "true"))
+ (stun-keepalive-start-s syncthing-config-stun-keepalive-start-s (default "180"))
+ (stun-keepalive-min-s syncthing-config-stun-keepalive-min-s (default "20"))
+ (stun-server syncthing-config-stun-server (default "default"))
+ (database-tuning syncthing-config-database-tuning (default "auto"))
+ (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default "0"))
+ (announce-lan-addresses syncthing-config-announce-lan-addresses (default "true"))
+ (send-full-index-on-upgrade syncthing-config-send-full-index-on-upgrade (default "false"))
+ (connection-limit-enough syncthing-config-connection-limit-enough (default "0"))
+ (connection-limit-max syncthing-config-connection-limit-max (default "0"))
+ (insecure-allow-old-tlsVersions syncthing-config-insecure-allow-old-tlsVersions (default "false"))
+ (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default "10"))
+ (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default "20"))
+ (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default "30"))
+ (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default "40"))
+ (connection-priority-relay syncthing-config-connection-priority-relay (default "50"))
+ (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default "0"))
+ (default-folder syncthing-config-default-folder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-default-device
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-default-ignores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-send-basic-auth-prompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bind-dn ldap-transport ldap-insecure-skip-verify
+ ldap-search-base-dn ldap-search-filter listen-address global-announce-server
+ global-announce-enabled local-announce-enabled local-announce-port
+ local-announce-mcaddr max-send-kbps max-recv-kbps reconnection-interval-s
+ relays-enabled relay-reconnect-interval-m start-browser nat-enabled
+ nat-lease-minutes nat-renewal-minutes nat-timeout-seconds ur-accepted
+ ur-seen ur-unique-id ur-url ur-post-insecurely ur-initial-delay-s
+ auto-upgrade-interval-h upgrade-to-pre-releases keep-temporaries-h
+ cache-ignored-files progress-update-interval-s limit-bandwidth-in-lan
+ min-home-disk-free-unit min-home-disk-free releases-url
+ overwrite-remote-device-names-on-connect temp-index-min-blocks
+ unacked-notification-id traffic-class set-low-priority max-folder-concurrency
+ crash-reporting-url crash-reporting-enabled stun-keepalive-start-s
+ stun-keepalive-min-s stun-server database-tuning
+ max-concurrent-incoming-request-kib announce-lan-addresses
+ send-full-index-on-upgrade connection-limit-enough connection-limit-max
+ insecure-allow-old-tlsVersions connection-priority-tcp-lan
+ connection-priority-quic-lan connection-priority-tcp-wan
+ connection-priority-quic-wan connection-priority-relay
+ connection-priority-upgrade-threshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-send-basic-auth-prompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ ,@(if gui-apikey `((apikey ,gui-apikey)) '())
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bind-dn)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecure-skip-verify
+ `((insecureSkipVerify ,ldap-insecure-skip-verify))
+ '())
+ ,@(if ldap-search-base-dn
+ `((searchBaseDN ,ldap-search-base-dn))
+ '())
+ ,@(if ldap-search-filter
+ `((searchFilter ,ldap-search-filter))
+ '()))
+ ""))
+ (options (listenAddress ,listen-address)
+ (globalAnnounceServer ,global-announce-server)
+ (globalAnnounceEnabled ,global-announce-enabled)
+ (localAnnounceEnabled ,local-announce-enabled)
+ (localAnnouncePort ,local-announce-port)
+ (localAnnounceMCAddr ,local-announce-mcaddr)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (reconnectionIntervalS ,reconnection-interval-s)
+ (relaysEnabled ,relays-enabled)
+ (relayReconnectIntervalM ,relay-reconnect-interval-m)
+ (startBrowser ,start-browser)
+ (natEnabled ,nat-enabled)
+ (natLeaseMinutes ,nat-lease-minutes)
+ (natRenewalMinutes ,nat-renewal-minutes)
+ (natTimeoutSeconds ,nat-timeout-seconds)
+ (urAccepted ,ur-accepted)
+ (urSeen ,ur-seen)
+ (urUniqueID ,ur-unique-id)
+ (urURL ,ur-url)
+ (urPostInsecurely ,ur-post-insecurely)
+ (urInitialDelayS ,ur-initial-delay-s)
+ (autoUpgradeIntervalH ,auto-upgrade-interval-h)
+ (upgradeToPreReleases ,upgrade-to-pre-releases)
+ (keepTemporariesH ,keep-temporaries-h)
+ (cacheIgnoredFiles ,cache-ignored-files)
+ (progressUpdateIntervalS ,progress-update-interval-s)
+ (limitBandwidthInLan ,limit-bandwidth-in-lan)
+ (minHomeDiskFree (@ (unit ,min-home-disk-free-unit))
+ ,min-home-disk-free)
+ (releasesURL ,releases-url)
+ (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect)
+ (tempIndexMinBlocks ,temp-index-min-blocks)
+ (unackedNotificationID ,unacked-notification-id)
+ (trafficClass ,traffic-class)
+ (setLowPriority ,set-low-priority)
+ (maxFolderConcurrency ,max-folder-concurrency)
+ (crashReportingURL ,crash-reporting-url)
+ (crashReportingEnabled ,crash-reporting-enabled)
+ (stunKeepaliveStartS ,stun-keepalive-start-s)
+ (stunKeepaliveMinS ,stun-keepalive-min-s)
+ (stunServer ,stun-server)
+ (databaseTuning ,database-tuning)
+ (maxConcurrentIncomingRequestKiB ,max-concurrent-incoming-request-kib)
+ (announceLANAddresses ,announce-lan-addresses)
+ (sendFullIndexOnUpgrade ,send-full-index-on-upgrade)
+ (connectionLimitEnough ,connection-limit-enough)
+ (connectionLimitMax ,connection-limit-max)
+ (insecureAllowOldTLSVersions ,insecure-allow-old-tlsVersions)
+ (connectionPriorityTcpLan ,connection-priority-tcp-lan)
+ (connectionPriorityQuicLan ,connection-priority-quic-lan)
+ (connectionPriorityTcpWan ,connection-priority-tcp-wan)
+ (connectionPriorityQuicWan ,connection-priority-quic-wan)
+ (connectionPriorityRelay ,connection-priority-relay)
+ (connectionPriorityUpgradeThreshold ,connection-priority-upgrade-threshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (list (syncthing-config-file->sxml config)))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,12 +470,14 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
(define syncthing-shepherd-service
(match-record-lambda <syncthing-configuration>
- (syncthing arguments logflags user group home home-service?)
+ (syncthing arguments logflags user group home home-service? config-file)
(list
(shepherd-service
(provision (if home-service?
@@ -64,39 +486,74 @@ (define syncthing-shepherd-service
(string-append "syncthing-" user)))))
(documentation "Run syncthing.")
(requirement (if home-service? '() '(loopback user-processes)))
- (start #~(make-forkexec-constructor
- (append (list (string-append #$syncthing "/bin/syncthing")
- "--no-browser"
- "--no-restart"
- (string-append "--logflags=" (number->string #$logflags)))
- '#$arguments)
- #:user #$(and (not home-service?) user)
- #:group #$(and (not home-service?) group)
- #:environment-variables
- (append
- (list
- (string-append "HOME="
- (or #$home
- (passwd:dir
- (getpw (if (and #$home-service?
- (not #$user))
- (getuid)
- #$user)))))
- "SSL_CERT_DIR=/etc/ssl/certs"
- "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
- (filter (negate ;XXX: 'remove' is not in (guile)
- (lambda (str)
- (or (string-prefix? "HOME=" str)
- (string-prefix? "SSL_CERT_DIR=" str)
- (string-prefix? "SSL_CERT_FILE=" str))))
- (environ)))))
+ (start #~(lambda _
+ ;; If we are managing the config, and it's not a home
+ ;; service, then exepect the config file at
+ ;; /var/lib/syncthing-<user>. This makes sure the ownership
+ ;; is correct
+ (unless (or #$(not config-file) #$home-service?)
+ (chown (string-append "/var/lib/syncthing-" #$user)
+ (passwd:uid #$user)
+ (passwd:gid #$user))
+ (chmod (string-append "/var/lib/syncthing-" #$user) #o700))
+ (make-forkexec-constructor
+ (append (list (string-append #$syncthing "/bin/syncthing")
+ ;; Do not try to try to lauch a browser on startup.
+ "--no-browser"
+ ;; If syncthing crashes, let the service fail.
+ "--no-restart"
+ (string-append "--logflags=" (number->string #$logflags)))
+ ;; Optionally move data and configuration home to
+ ;; /var/lib/syncthing-<user>.
+ (if (or #$(not config-file) #$home-service?) '()
+ (list (string-append "--home=/var/lib/syncthing-" #$user)))
+ '#$arguments)
+ #:user #$(and (not home-service?) user)
+ #:group #$(and (not home-service?) group)
+ #:environment-variables
+ (append
+ (list
+ (string-append "HOME="
+ (or #$home
+ (passwd:dir
+ (getpw (if (and #$home-service?
+ (not #$user))
+ (getuid)
+ #$user)))))
+ "SSL_CERT_DIR=/etc/ssl/certs"
+ "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
+ (filter (negate ;XXX: 'remove' is not in (guile)
+ (lambda (str)
+ (or (string-prefix? "HOME=" str)
+ (string-prefix? "SSL_CERT_DIR=" str)
+ (string-prefix? "SSL_CERT_FILE=" str))))
+ (environ))))))
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ ;; When used as a system service, this service might be executed
+ ;; before a user's home even exists, causing it to be owned by root,
+ ;; and the skeletons to never be applied to that user's home. In such
+ ;; cases, put the config at /var/lib/syncthnig-<user>/config.xml
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append "/var/lib/syncthing-" user "/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.48.1
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sun, 16 Feb 2025 07:14:02 GMT) Full text and rfc822 format available.Message #56 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Zacchaeus Scheffer <eikcaz <at> zacchae.us> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org Subject: Re: [PATCH v9] services: syncthing: Add support for config file generation. Date: Sun, 16 Feb 2025 02:13:41 -0500
[Message part 1 (text/plain, inline)]
On Sat, Feb 15, 2025 at 08:06:42PM -0500, Zacchaeus Scheffer wrote: > Subject: [PATCH v9] services: syncthing: Add support for config file > generation. Thanks! > + (start #~(lambda _ > + ;; If we are managing the config, and it's not a home > + ;; service, then exepect the config file at > + ;; /var/lib/syncthing-<user>. This makes sure the ownership > + ;; is correct > + (unless (or #$(not config-file) #$home-service?) > + (chown (string-append "/var/lib/syncthing-" #$user) > + (passwd:uid #$user) > + (passwd:gid #$user)) > + (chmod (string-append "/var/lib/syncthing-" #$user) #o700)) This is making the service crash, not sure why: ------ # herd start syncthing-leo Service user-homes has been started. herd: error: exception caught while executing 'start' on service 'syncthing-leo': In procedure vector-ref: Wrong argument in position 1 (expecting vector): "leo" ------ Of course my user's name is leo in the test VM. I added some print-style tracing (attached diff) and it crashes in chown.
[trace.diff (text/plain, attachment)]
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sun, 16 Feb 2025 09:36:02 GMT) Full text and rfc822 format available.Message #59 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Leo Famulari <leo <at> famulari.name> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org Subject: Re: [PATCH v10] services: syncthing: Add support for config file generation. Date: Sun, 16 Feb 2025 04:35:20 -0500
From a573fd78e6b8d10b32eb10a753423073c7bbaeef Mon Sep 17 00:00:00 2001
From: Zacchaeus <eikcaz <at> zacchae.us>
Date: Sun, 21 Jul 2024 00:54:25 -0700
Subject: [PATCH v10] services: syncthing: Add support for config file
generation.
* gnu/services/syncthing.scm: (syncthing-config-file,
syncthing-folder, syncthing-device, syncthing-folder-device): New
records; (syncthing-service-type): Add special-files-service-type
extension for the config file; (syncthing-files-service): Add service
to create config file.
* gnu/home/services/syncthing.scm: (home-syncthing-service-type):
Extend home-files-services-type and re-exported more things from
gnu/services/syncthing.scm.
* doc/guix.texi: (syncthing-service-type): Document changes.
Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
---
Last time I forgot to test the system service. Chowning/chmodding now
works. (Needed to add a getpw instead of passing string of user name.)
doc/guix.texi | 334 ++++++++++++++++++++-
gnu/home/services/syncthing.scm | 17 +-
gnu/services/syncthing.scm | 516 ++++++++++++++++++++++++++++++--
3 files changed, 834 insertions(+), 33 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index b1b6d98e74..d1fbe5ffd3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -136,6 +136,7 @@ Copyright @copyright{} 2024 Troy Figiel@*
Copyright @copyright{} 2024 Sharlatan Hellseher@*
Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@*
+Copyright @copyright{} 2025 Zacchaeus@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -22620,7 +22621,7 @@ client.
The @code{(gnu services syncthing)} module provides the following services:
@cindex syncthing
-You might want a syncthing daemon if you have files between two or more
+You might want a Syncthing daemon if you have files between two or more
computers and want to sync them in real time, safely protected from
prying eyes.
@@ -22666,12 +22667,339 @@ The group as which the Syncthing service is to be run.
This assumes that the specified group exists.
@item @code{home} (default: @var{#f})
-Common configuration and data directory. The default configuration
-directory is @file{$HOME} of the specified Syncthing @code{user}.
+Sets the @code{HOME} variable for the Syncthing daemon. The default is
+@file{$HOME} of the specified Syncthing @code{user}.
+
+@item @code{config-file} (default: @var{#f})
+Either a file-like object that resolves to a Syncthing configuration XML
+file, or a @code{syncthing-config-file} record (see below). If set to
+@code{#f}, Guix will not try to generate a config file, and Syncthing
+will generate a default configuration which will not be touched on
+reconfigure. Specifying this in a system service moves Syncthing's
+common configuration and data directory (@code{--home} in
+@uref{https://docs.syncthing.net/users/syncthing.html}) to
+@file{/var/lib/syncthing-<user>}.
+
+@end table
+@end deftp
+
+This section documents a subset of the Syncthing configuration
+options—specifically those related to Guix or those affecting how your
+computer will connect to other computers over the network (such as
+Syncthing relays or discovery servers). The configuration is fully
+documented in the upstream
+@uref{https://docs.syncthing.net/users/config.html, Syncthing config
+documentation}; camelCase there is converted to kebab-case here. If you
+are migrating from a Syncthing-managed configuration to one managed by
+Guix, you can check what changes were introduced by @code{diff}ing the
+respective @file{config.xml} files. Note that you will need to add
+whitespace with 4-space indentation to the file generated by Guix, using
+the @code{xmllint} program from the @code{libxml2} package like so:
+
+@example
+XMLLINT_INDENT=" " xmllint --format /path/to/new/config.xml | diff /path/to/old/config.xml -
+@end example
+
+When generating a configuration file through Guix, you can still
+temporarily modify Syncthing from the GUI or through @code{introducer}
+and @code{autoAcceptFolders} mechanisms, but such changes will be reset
+on reconfigure.
+
+@deftp {Data Type} syncthing-config-file
+Data type representing the configuration file read by the Syncthing
+daemon.
+
+@table @asis
+@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
+The default here is the same as Syncthing's default. The value should
+be a list of @code{syncthing-folder}s.
+
+@item @code{devices} (default: @var{'()}
+This should be a list of @code{syncthing-device}s. Guix will
+automatically add any devices specified in any `folders' to this list.
+There are instances when you want to connect to a device despite not
+(initially) sharing any folders (such as a device with
+autoAcceptFolders). In such instances, you should specify those devices
+here. If multiple versions of the same device (as determined by
+comparing device ID) are discovered, the one in this list is
+prioritized. Otherwise, the first instance in the first folder is used.
+
+@item @code{gui-enabled} (default: @var{"true"})
+By default, any user on the computer can access the GUI and make changes
+to Syncthing. If you leave this enabled, you should probably set
+@code{gui-user} and @code{gui-password} (see below).
+
+@item @code{gui-tls} (default: @var{"false"})
+@item @code{gui-debugging} (default: @var{"false"})
+@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
+@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
+@item @code{gui-user} (default: @var{#f})
+@item @code{gui-password} (default: @var{#f})
+A bcrypt hash of the GUI password. Remember that this will be globally
+exposed in @file{/gnu/store}.
+
+@item @code{gui-apikey} (default: @var{#f})
+You must specify this to use the Syncthing REST interface. This key is
+kept in @file{/gnu/store} and is accessible to all users of the system.
+
+@item @code{gui-theme} (default: @var{"default"})
+@item @code{ldap-enabled} (default: @var{#f})
+@item @code{ldap-address} (default: @var{""})
+@item @code{ldap-bind-dn} (default: @var{""})
+@item @code{ldap-transport} (default: @var{""})
+@item @code{ldap-insecure-skip-verify} (default: @var{""})
+@item @code{ldap-search-base-dn} (default: @var{""})
+@item @code{ldap-search-filter} (default: @var{""})
+@item @code{listen-address} (default: @var{"default"})
+@item @code{global-announce-server} (default: @var{"default"})
+@item @code{global-announce-enabled} (default: @var{"true"})
+Global discovery servers can be used to help connect devices at unknown
+IP addresses by storing the last known IP address.
+
+@item @code{local-announce-enabled} (default: @var{"true"})
+This makes devices find each other very easily on the same LAN. Often,
+this will allow you to just plug an Ethernet between two devices, or
+connect one device to the other's hotspot and start syncing.
+
+@item @code{local-announce-port} (default: @var{"21027"})
+@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{reconnection-interval-s} (default: @var{"60"})
+@item @code{relays-enabled} (default: @var{"true"})
+This option allows your Syncthing instance to use a global network of
+@uref{https://docs.syncthing.net/users/relaying.html, relays} to enable
+syncing between devices when all other methods fail. As always,
+Syncthing traffic is encrypted in transport and the relays are unable to
+decrypt it.
+
+@item @code{relay-reconnect-interval-m} (default: @var{"10"})
+@item @code{start-browser} (default: @var{"true"})
+@item @code{nat-enabled} (default: @var{"true"})
+@item @code{nat-lease-minutes} (default: @var{"60"})
+@item @code{nat-renewal-minutes} (default: @var{"30"})
+@item @code{nat-timeout-seconds} (default: @var{"10"})
+@item @code{ur-accepted} (default: @var{"0"})
+Options whose names begin with `ur-' control usage reporting. Set to -1
+to disable, or to a positive value to enable. The default (0) disables
+reporting, but causes a usage reporting consent prompt to be displayed
+in the Syncthing GUI.
+
+@item @code{ur-seen} (default: @var{"0"})
+@item @code{ur-unique-id} (default: @var{""})
+@item @code{ur-url} (default: @var{"https://data.syncthing.net/newdata"})
+@item @code{ur-post-insecurely} (default: @var{"false"})
+@item @code{ur-initial-delay-s} (default: @var{"1800"})
+@item @code{auto-upgrade-interval-h} (default: @var{"12"})
+@item @code{upgrade-to-pre-releases} (default: @var{"false"})
+@item @code{keep-temporaries-h} (default: @var{"24"})
+@item @code{cache-ignored-files} (default: @var{"false"})
+@item @code{progress-update-interval-s} (default: @var{"5"})
+@item @code{limit-bandwidth-in-lan} (default: @var{"false"})
+@item @code{min-home-disk-free-unit} (default: @var{"%"})
+@item @code{min-home-disk-free} (default: @var{"1"})
+@item @code{releases-url} (default: @var{"https://upgrades.syncthing.net/meta.json"})
+@item @code{overwrite-remote-device-names-on-connect} (default: @var{"false"})
+@item @code{temp-index-min-blocks} (default: @var{"10"})
+@item @code{unacked-notification-id} (default: @var{"authenticationUserAndPassword"})
+@item @code{traffic-class} (default: @var{"0"})
+@item @code{set-low-priority} (default: @var{"true"})
+@item @code{max-folder-concurrency} (default: @var{"0"})
+@item @code{crash-reporting-url} (default: @var{"https://crash.syncthing.net/newcrash"})
+@item @code{crash-reporting-enabled} (default: @var{"true"})
+@item @code{stun-keepalive-start-s} (default: @var{"180"})
+@item @code{stun-keepalive-min-s} (default: @var{"20"})
+@item @code{stun-server} (default: @var{"default"})
+@item @code{database-tuning} (default: @var{"auto"})
+@item @code{max-concurrent-incoming-request-kib} (default: @var{"0"})
+@item @code{announce-lan-addresses} (default: @var{"true"})
+@item @code{send-full-index-on-upgrade} (default: @var{"false"})
+@item @code{connection-limit-enough} (default: @var{"0"})
+@item @code{connection-limit-max} (default: @var{"0"})
+@item @code{insecure-allow-old-tls-versions} (default: @var{"false"})
+@item @code{connection-priority-tcp-lan} (default: @var{"10"})
+@item @code{connection-priority-quic-lan} (default: @var{"20"})
+@item @code{connection-priority-tcp-wan} (default: @var{"30"})
+@item @code{connection-priority-quic-wan} (default: @var{"40"})
+@item @code{connection-priority-relay} (default: @var{"50"})
+@item @code{connection-priority-upgrade-threshold} (default: @var{"0"})
+@item @code{default-folder} (default: @var{(syncthing-folder (label ""))})
+@item @code{default-device} (default: @var{(syncthing-device (id ""))})
+@item @code{default-ignores} (default: @var{"")})
+Options whose names begin with `default-' above do not affect folders
+and devices added through the Guix configuration interface. They will,
+however, affect folders and devices that are added through the Syncthing
+GUI, by an @code{introducer}, or a device with
+@code{auto-accept-folders}.
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder
+Data type representing a folder to be synchronized.
+
+@table @asis
+@item @code{id} (default: @var{#f})
+This ID cannot match the ID of any other folder on this device. If left
+unspecified, it will default to the label (see below).
+
+@item @code{label}
+A human readable label for the folder.
+
+@item @code{path}
+The path at which to store this folder.
+
+@item @code{type} (default: @var{"sendreceive"})
+@item @code{rescan-interval-s} (default: @var{"3600"})
+@item @code{fs-watcher-enabled} (default: @var{"true"})
+@item @code{fs-watcher-delay-s} (default: @var{"10"})
+@item @code{ignore-perms} (default: @var{"false"})
+@item @code{auto-normalize} (default: @var{"true"})
+@item @code{devices} (default: @var{'()})
+This should be a list of other Syncthing devices. You do not need to
+specify the current device. Each device can be listed as a a
+@code{syncthing-device} record or a @code{syncthing-folder-device}
+record if you want files to be encrypted on disk. See below.
+
+@item @code{filesystem-type} (default: @var{"basic"})
+@item @code{min-disk-free-unit} (default: @var{"%"})
+@item @code{min-disk-free} (default: @var{"1"})
+@item @code{versioning-type} (default: @var{#f})
+@item @code{versioning-fs-path} (default: @var{""})
+@item @code{versioning-fs-type} (default: @var{"basic"})
+@item @code{versioning-cleanup-interval-s} (default: @var{"3600"})
+@item @code{versioning-cleanout-days} (default: @var{#f})
+@item @code{versioning-keep} (default: @var{#f})
+@item @code{versioning-max-age} (default: @var{#f})
+@item @code{versioning-command} (default: @var{#f})
+@item @code{copiers} (default: @var{"0"})
+@item @code{puller-max-pending-kib} (default: @var{"0"})
+@item @code{hashers} (default: @var{"0"})
+@item @code{order} (default: @var{"random"})
+@item @code{ignore-delete} (default: @var{"false"})
+@item @code{scan-progress-interval-s} (default: @var{"0"})
+@item @code{puller-pause-s} (default: @var{"0"})
+@item @code{max-conflicts} (default: @var{"10"})
+@item @code{disable-sparse-files} (default: @var{"false"})
+@item @code{disable-temp-indexes} (default: @var{"false"})
+@item @code{paused} (default: @var{"false"})
+@item @code{weak-hash-threshold-pct} (default: @var{"25"})
+@item @code{marker-name} (default: @var{".stfolder"})
+@item @code{copy-ownership-from-parent} (default: @var{"false"})
+@item @code{mod-time-window-s} (default: @var{"0"})
+@item @code{max-concurrent-writes} (default: @var{"2"})
+@item @code{disable-fsync} (default: @var{"false"})
+@item @code{block-pull-order} (default: @var{"standard"})
+@item @code{copy-range-method} (default: @var{"standard"})
+@item @code{case-sensitive-fs} (default: @var{"false"})
+@item @code{junctions-as-dirs} (default: @var{"false"})
+@item @code{sync-ownership} (default: @var{"false"})
+@item @code{send-ownership} (default: @var{"false"})
+@item @code{sync-xattrs} (default: @var{"false"})
+@item @code{send-xattrs} (default: @var{"false"})
+@item @code{xattr-filter-max-single-entry-size} (default: @var{"1024"})
+@item @code{xattr-filter-max-total-size} (default: @var{"4096")})
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-device
+Data type representing a device to synchronize folders with.
+
+@table @asis
+@item @code{id}
+A long hash representing the keys generated by Syncthing on the first
+launch. You can obtain this from the Syncthing GUI or by inspecting an
+existing Syncthing configuration file.
+
+@item @code{name} (default: @var{""})
+A human readable device name for viewing in the GUI or in Scheme.
+
+@item @code{compression} (default: @var{"metadata"})
+@item @code{introducer} (default: @var{"false"})
+@item @code{skip-introduction-removals} (default: @var{"false"})
+@item @code{introduced-by} (default: @var{""})
+@item @code{addresses} (default: @var{'("dynamic")})
+List of addresses at which to search for this device. When the special
+value ``dynamic'' is included, Syncthing will search for the device
+locally as well as via the Syncthing project's
+@uref{https://docs.syncthing.net/users/security.html#global-discovery,
+global discovery} servers.
+
+@item @code{paused} (default: @var{"false"})
+@item @code{auto-accept-folders} (default: @var{"false"})
+@item @code{max-send-kbps} (default: @var{"0"})
+@item @code{max-recv-kbps} (default: @var{"0"})
+@item @code{max-request-kib} (default: @var{"0"})
+@item @code{untrusted} (default: @var{"false"})
+@item @code{remote-gui-port} (default: @var{"0"})
+@item @code{num-connections} (default: @var{"0")})
+
+@end table
+@end deftp
+
+@deftp {Data Type} syncthing-folder-device
+This data type offers two folder-specific device options. First, it
+offers @code{introduced-by}, which is a record of Syncthing
+@uref{https://docs.syncthing.net/users/introducer.html, introductions}.
+Second, it offers @code{encryption-password}, by which you can set the
+password used to encrypt data that is synced with
+@uref{https://docs.syncthing.net/users/untrusted.html, untrusted
+devices}.
+
+@code{syncthing-folder-device} corresponds to the
+@uref{https://docs.syncthing.net/users/config.html#config-option-folder.device,
+`device'} option in the upstream `folder' element.
+
+If you don't need to use these options, then you can just specify
+@code{syncthing-device}s instead of @code{syncthing-folder-device}s in a
+@code{syncthing-folder}'s @code{devices} field.
+
+@table @asis
+@item @code{device}
+The @code{syncthing-device} for which this configuration applies.
+
+@item @code{introduced-by} (default: @var{""})
+@item @code{encryption-password} (default: @var{""})
+Beware: specifying this field will include this password as plain text
+(not encrypted) and globally visible in @file{/gnu/store/}. If the
+encryption-password is non-empty, then it will be used as a password to
+encrypt file chunks as they are synchronized to untrusted devices. For
+more information on syncing to devices you don't totally trust, see
+Syncthing's documentation on
+@uref{https://docs.syncthing.net/users/untrusted.html, Untrusted
+(Encrypted) Devices}. Note that data transfer is always encrypted while
+in transport ("end-to-end encryption"), regardless of this setting.
@end table
@end deftp
+Here is a more complex example configuration for illustrative purposes:
+
+@lisp
+(service syncthing-service-type
+ (let ((laptop (syncthing-device (id "VHOD2D6-...-7XRMDEN")))
+ (desktop (syncthing-device (id "64SAZ37-...-FZJ5GUA")
+ (addresses '("tcp://example.com"))))
+ (bob-desktop (syncthing-device (id "KYIMEGO-...-FT77EAO"))))
+ (syncthing-configuration
+ (user "alice")
+ (config-file
+ (syncthing-config-file
+ (folders (list (syncthing-folder
+ (label "some-files")
+ (path "~/data")
+ (devices (list desktop laptop)))
+ (syncthing-folder
+ (label "critical-files")
+ (path "~/secrets")
+ (devices
+ (list desktop
+ laptop
+ (syncthing-folder-device
+ (device bob-desktop)
+ (encryption-password "mypassword"))))))))))))
+@end lisp
+
+
Furthermore, @code{(gnu services ssh)} provides the following services.
@cindex SSH
@cindex SSH server
diff --git a/gnu/home/services/syncthing.scm b/gnu/home/services/syncthing.scm
index 8d66a167ce..dd6c752ee4 100644
--- a/gnu/home/services/syncthing.scm
+++ b/gnu/home/services/syncthing.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,23 @@ (define-module (gnu home services syncthing)
#:use-module (gnu home services shepherd)
#:export (home-syncthing-service-type)
#:re-export (syncthing-configuration
- syncthing-configuration?))
+ syncthing-configuration?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-device
+ syncthing-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-folder-device
+ syncthing-folder-device?))
(define home-syncthing-service-type
(service-type
(inherit (system->home-service-type syncthing-service-type))
+ ;; system->home-service-type does not convert special-files-service-type to
+ ;; home-files-service-type, so redefine extensios
+ (extensions (list (service-extension home-files-service-type
+ syncthing-files-service)
+ (service-extension home-shepherd-service-type
+ syncthing-shepherd-service)))
(default-value (for-home (syncthing-configuration)))))
diff --git a/gnu/services/syncthing.scm b/gnu/services/syncthing.scm
index a7a9c6aadd..5cc7eadd57 100644
--- a/gnu/services/syncthing.scm
+++ b/gnu/services/syncthing.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Oleg Pykhalov <go.wigust <at> gmail.com>
;;; Copyright © 2023 Justin Veilleux <terramorpha <at> cock.li>
+;;; Copyright © 2025 Zacchaeus <eikcaz <at> zacchae.us>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,20 @@ (define-module (gnu services syncthing)
#:use-module (guix records)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
+ #:use-module (sxml simple)
#:export (syncthing-configuration
syncthing-configuration?
- syncthing-service-type))
+ syncthing-device
+ syncthing-device?
+ syncthing-config-file
+ syncthing-config-file?
+ syncthing-folder-device
+ syncthing-folder-device?
+ syncthing-folder
+ syncthing-folder?
+ syncthing-service-type
+ syncthing-shepherd-service
+ syncthing-files-service))
;;; Commentary:
;;;
@@ -35,6 +47,414 @@ (define-module (gnu services syncthing)
;;;
;;; Code:
+(define-record-type* <syncthing-device>
+ syncthing-device make-syncthing-device
+ syncthing-device?
+ (id syncthing-device-id)
+ (name syncthing-device-name (default ""))
+ (compression syncthing-device-compression (default "metadata"))
+ (introducer syncthing-device-introducer (default "false"))
+ (skip-introduction-removals syncthing-device-skip-introduction-removals (default "false"))
+ (introduced-by syncthing-device-introduced-by (default ""))
+ (addresses syncthing-device-addresses (default '("dynamic")))
+ (paused syncthing-device-paused (default "false"))
+ (auto-accept-folders syncthing-device-auto-accept-folders (default "false"))
+ (max-send-kbps syncthing-device-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-device-max-recv-kbps (default "0"))
+ (max-request-kib syncthing-device-max-request-kib (default "0"))
+ (untrusted syncthing-device-untrusted (default "false"))
+ (remote-gui-port syncthing-device-remote-gui-port (default "0"))
+ (num-connections syncthing-device-num-connections (default "0")))
+
+(define syncthing-device->sxml
+ (match-record-lambda <syncthing-device>
+ (id
+ name compression introducer skip-introduction-removals introduced-by
+ addresses paused auto-accept-folders max-send-kbps max-recv-kbps
+ max-request-kib untrusted remote-gui-port num-connections)
+ `(device (@ (id ,id)
+ (name ,name)
+ (compression ,compression)
+ (introducer ,introducer)
+ (skipIntroductionRemovals ,skip-introduction-removals)
+ (introducedBy ,introduced-by))
+ ,@(map (lambda (address) `(address ,address)) addresses)
+ (paused ,paused)
+ (autoAcceptFolders ,auto-accept-folders)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (maxRequestKiB ,max-request-kib)
+ (untrusted ,untrusted)
+ (remoteGUIPort ,remote-gui-port)
+ (numConnections ,num-connections))))
+
+(define-record-type* <syncthing-folder-device>
+ syncthing-folder-device make-syncthing-folder-device
+ syncthing-folder-device?
+ (device syncthing-folder-device-device)
+ (introduced-by syncthing-folder-device-introduced-by (default (syncthing-device (id ""))))
+ (encryption-password syncthing-folder-device-encryption-password (default "")))
+
+(define syncthing-folder-device->sxml
+ (match-record-lambda <syncthing-folder-device>
+ (device introduced-by encryption-password)
+ `(device (@ (id ,(syncthing-device-id device))
+ (introducedBy ,(syncthing-device-id introduced-by)))
+ (encryptionPassword ,encryption-password))))
+
+(define-record-type* <syncthing-folder>
+ syncthing-folder make-syncthing-folder
+ syncthing-folder?
+ (id syncthing-folder-id (default #f))
+ (label syncthing-folder-label)
+ (path syncthing-folder-path)
+ (type syncthing-folder-type (default "sendreceive"))
+ (rescan-interval-s syncthing-folder-rescan-interval-s (default "3600"))
+ (fs-watcher-enabled syncthing-folder-fs-watcher-enabled (default "true"))
+ (fs-watcher-delay-s syncthing-folder-fs-watcher-delay-s (default "10"))
+ (fs-watcher-timeout-s syncthing-folder-fs-watcher-timeout-s (default "0"))
+ (ignore-perms syncthing-folder-ignore-perms (default "false"))
+ (auto-normalize syncthing-folder-auto-normalize (default "true"))
+ (devices syncthing-folder-devices (default '())
+ (sanitize (lambda (folder-device-list)
+ (map (lambda (device)
+ (if (syncthing-folder-device? device)
+ device
+ (syncthing-folder-device (device device))))
+ folder-device-list))))
+ (filesystem-type syncthing-folder-filesystem-type (default "basic"))
+ (min-disk-free-unit syncthing-folder-min-disk-free-unit (default "%"))
+ (min-disk-free syncthing-folder-min-disk-free (default "1"))
+ (versioning-type syncthing-folder-versioning-type (default #f))
+ (versioning-fs-path syncthing-folder-versioning-fs-path (default ""))
+ (versioning-fs-type syncthing-folder-versioning-fs-type (default "basic"))
+ (versioning-cleanup-interval-s syncthing-folder-versioning-cleanup-interval-s (default "3600"))
+ (versioning-cleanout-days syncthing-folder-versioning-cleanout-days (default #f))
+ (versioning-keep syncthing-folder-versioning-keep (default #f))
+ (versioning-max-age syncthing-folder-versioning-max-age (default #f))
+ (versioning-command syncthing-folder-versioning-command (default #f))
+ (copiers syncthing-folder-copiers (default "0"))
+ (puller-max-pending-kib syncthing-folder-puller-max-pending-kib (default "0"))
+ (hashers syncthing-folder-hashers (default "0"))
+ (order syncthing-folder-order (default "random"))
+ (ignore-delete syncthing-folder-ignore-delete (default "false"))
+ (scan-progress-interval-s syncthing-folder-scan-progress-interval-s (default "0"))
+ (puller-pause-s syncthing-folder-puller-pause-s (default "0"))
+ (max-conflicts syncthing-folder-max-conflicts (default "10"))
+ (disable-sparse-files syncthing-folder-disable-sparse-files (default "false"))
+ (disable-temp-indexes syncthing-folder-disable-temp-indexes (default "false"))
+ (paused syncthing-folder-paused (default "false"))
+ (weak-hash-threshold-pct syncthing-folder-weak-hash-threshold-pct (default "25"))
+ (marker-name syncthing-folder-marker-name (default ".stfolder"))
+ (copy-ownership-from-parent syncthing-folder-copy-ownership-from-parent (default "false"))
+ (mod-time-window-s syncthing-folder-mod-time-window-s (default "0"))
+ (max-concurrent-writes syncthing-folder-max-concurrent-writes (default "2"))
+ (disable-fsync syncthing-folder-disable-fsync (default "false"))
+ (block-pull-order syncthing-folder-block-pull-order (default "standard"))
+ (copy-range-method syncthing-folder-copy-range-method (default "standard"))
+ (case-sensitive-fs syncthing-folder-case-sensitive-fs (default "false"))
+ (junctions-as-dirs syncthing-folder-junctions-as-dirs (default "false"))
+ (sync-ownership syncthing-folder-sync-ownership (default "false"))
+ (send-ownership syncthing-folder-send-ownership (default "false"))
+ (sync-xattrs syncthing-folder-sync-xattrs (default "false"))
+ (send-xattrs syncthing-folder-send-xattrs (default "false"))
+ (xattr-filter-max-single-entry-size syncthing-folder-xattr-filter-max-single-entry-size (default "1024"))
+ (xattr-filter-max-total-size syncthing-folder-xattr-filter-max-total-size (default "4096")))
+
+;; Some parameters, when empty, are fully omitted from the config file. It is
+;; unknown if this causes a functional difference, but stick to the normal
+;; program's behavior to be safe.
+(define (maybe-param symbol value)
+ (if value `((param (@ (key ,(symbol->string symbol)) (val ,value)) "")) '()))
+
+(define syncthing-folder->sxml
+ (match-record-lambda <syncthing-folder>
+ (id
+ label path type rescan-interval-s fs-watcher-enabled fs-watcher-delay-s
+ fs-watcher-timeout-s ignore-perms auto-normalize devices filesystem-type
+ min-disk-free-unit min-disk-free versioning-type versioning-fs-path
+ versioning-fs-type versioning-cleanup-interval-s versioning-cleanout-days
+ versioning-keep versioning-max-age versioning-command copiers
+ puller-max-pending-kib hashers order ignore-delete scan-progress-interval-s
+ puller-pause-s max-conflicts disable-sparse-files disable-temp-indexes paused
+ weak-hash-threshold-pct marker-name copy-ownership-from-parent mod-time-window-s
+ max-concurrent-writes disable-fsync block-pull-order copy-range-method
+ case-sensitive-fs junctions-as-dirs sync-ownership send-ownership sync-xattrs
+ send-xattrs xattr-filter-max-single-entry-size xattr-filter-max-total-size)
+ `(folder (@ (id ,(if id id label))
+ (label ,label)
+ (path ,path)
+ (type ,type)
+ (rescanIntervalS ,rescan-interval-s)
+ (fsWatcherEnabled ,fs-watcher-enabled)
+ (fsWatcherDelayS ,fs-watcher-delay-s)
+ (fsWatcherTimeoutS ,fs-watcher-timeout-s)
+ (ignorePerms ,ignore-perms)
+ (autoNormalize ,auto-normalize))
+ (filesystemType ,filesystem-type)
+ ,@(map syncthing-folder-device->sxml
+ devices)
+ (minDiskFree (@ (unit ,min-disk-free-unit))
+ ,min-disk-free)
+ (versioning ,@(if versioning-type
+ `((@ (type ,versioning-type)))
+ '())
+ ,@(maybe-param 'cleanoutDays versioning-cleanout-days)
+ ,@(maybe-param 'keep versioning-keep)
+ ,@(maybe-param 'maxAge versioning-max-age)
+ ,@(maybe-param 'command versioning-command)
+ (cleanupIntervalS ,versioning-cleanup-interval-s)
+ (fsPath ,versioning-fs-path)
+ (fsType ,versioning-fs-type))
+ (copiers ,copiers)
+ (pullerMaxPendingKiB ,puller-max-pending-kib)
+ (hashers ,hashers)
+ (order ,order)
+ (ignoreDelete ,ignore-delete)
+ (scanProgressIntervalS ,scan-progress-interval-s)
+ (pullerPauseS ,puller-pause-s)
+ (maxConflicts ,max-conflicts)
+ (disableSparseFiles ,disable-sparse-files)
+ (disableTempIndexes ,disable-temp-indexes)
+ (paused ,paused)
+ (weakHashThresholdPct ,weak-hash-threshold-pct)
+ (markerName ,marker-name)
+ (copyOwnershipFromParent ,copy-ownership-from-parent)
+ (modTimeWindowS ,mod-time-window-s)
+ (maxConcurrentWrites ,max-concurrent-writes)
+ (disableFsync ,disable-fsync)
+ (blockPullOrder ,block-pull-order)
+ (copyRangeMethod ,copy-range-method)
+ (caseSensitiveFS ,case-sensitive-fs)
+ (junctionsAsDirs ,junctions-as-dirs)
+ (syncOwnership ,sync-ownership)
+ (sendOwnership ,send-ownership)
+ (syncXattrs ,sync-xattrs)
+ (sendXattrs ,send-xattrs)
+ (xattrFilter (maxSingleEntrySize ,xattr-filter-max-single-entry-size)
+ (maxTotalSize ,xattr-filter-max-total-size)))))
+
+(define-record-type* <syncthing-config-file>
+ syncthing-config-file make-syncthing-config-file
+ syncthing-config-file?
+ (folders syncthing-config-folders
+ ; this matches syncthing's default
+ (default (list (syncthing-folder (id "default")
+ (label "Default Folder")
+ (path "~/Sync")))))
+ (devices syncthing-config-devices
+ (default '()))
+ (gui-enabled syncthing-config-gui-enabled (default "true"))
+ (gui-tls syncthing-config-gui-tls (default "false"))
+ (gui-debugging syncthing-config-gui-debugging (default "false"))
+ (gui-send-basic-auth-prompt syncthing-config-gui-send-basic-auth-prompt (default "false"))
+ (gui-address syncthing-config-gui-address (default "127.0.0.1:8384"))
+ (gui-user syncthing-config-gui-user (default #f))
+ (gui-password syncthing-config-gui-password (default #f))
+ (gui-apikey syncthing-config-gui-apikey (default #f))
+ (gui-theme syncthing-config-gui-theme (default "default"))
+ (ldap-enabled syncthing-config-ldap-enabled (default #f))
+ (ldap-address syncthing-config-ldap-address (default ""))
+ (ldap-bind-dn syncthing-config-ldap-bind-dn (default ""))
+ (ldap-transport syncthing-config-ldap-transport (default ""))
+ (ldap-insecure-skip-verify syncthing-config-ldap-insecure-skip-verify (default ""))
+ (ldap-search-base-dn syncthing-config-ldap-search-base-dn (default ""))
+ (ldap-search-filter syncthing-config-ldap-search-filter (default ""))
+ (listen-address syncthing-config-listen-address (default "default"))
+ (global-announce-server syncthing-config-global-announce-server (default "default"))
+ (global-announce-enabled syncthing-config-global-announce-enabled (default "true"))
+ (local-announce-enabled syncthing-config-local-announce-enabled (default "true"))
+ (local-announce-port syncthing-config-local-announce-port (default "21027"))
+ (local-announce-mcaddr syncthing-config-local-announce-mcaddr (default "[ff12::8384]:21027"))
+ (max-send-kbps syncthing-config-max-send-kbps (default "0"))
+ (max-recv-kbps syncthing-config-max-recv-kbps (default "0"))
+ (reconnection-interval-s syncthing-config-reconnection-interval-s (default "60"))
+ (relays-enabled syncthing-config-relays-enabled (default "true"))
+ (relay-reconnect-interval-m syncthing-config-relay-reconnect-interval-m (default "10"))
+ (start-browser syncthing-config-start-browser (default "true"))
+ (nat-enabled syncthing-config-nat-enabled (default "true"))
+ (nat-lease-minutes syncthing-config-nat-lease-minutes (default "60"))
+ (nat-renewal-minutes syncthing-config-nat-renewal-minutes (default "30"))
+ (nat-timeout-seconds syncthing-config-nat-timeout-seconds (default "10"))
+ (ur-accepted syncthing-config-ur-accepted (default "0"))
+ (ur-seen syncthing-config-ur-seen (default "0"))
+ (ur-unique-id syncthing-config-ur-unique-id (default ""))
+ (ur-url syncthing-config-ur-url (default "https://data.syncthing.net/newdata"))
+ (ur-post-insecurely syncthing-config-ur-post-insecurely (default "false"))
+ (ur-initial-delay-s syncthing-config-ur-initial-delay-s (default "1800"))
+ (auto-upgrade-interval-h syncthing-config-auto-upgrade-interval-h (default "12"))
+ (upgrade-to-pre-releases syncthing-config-upgrade-to-pre-releases (default "false"))
+ (keep-temporaries-h syncthing-config-keep-temporaries-h (default "24"))
+ (cache-ignored-files syncthing-config-cache-ignored-files (default "false"))
+ (progress-update-interval-s syncthing-config-progress-update-interval-s (default "5"))
+ (limit-bandwidth-in-lan syncthing-config-limit-bandwidth-in-lan (default "false"))
+ (min-home-disk-free-unit syncthing-config-min-home-disk-free-unit (default "%"))
+ (min-home-disk-free syncthing-config-min-home-disk-free (default "1"))
+ (releases-url syncthing-config-releases-url (default "https://upgrades.syncthing.net/meta.json"))
+ (overwrite-remote-device-names-on-connect syncthing-config-overwrite-remote-device-names-on-connect (default "false"))
+ (temp-index-min-blocks syncthing-config-temp-index-min-blocks (default "10"))
+ (unacked-notification-id syncthing-config-unacked-notification-id (default "authenticationUserAndPassword"))
+ (traffic-class syncthing-config-traffic-class (default "0"))
+ (set-low-priority syncthing-config-set-low-priority (default "true"))
+ (max-folder-concurrency syncthing-config-max-folder-concurrency (default "0"))
+ (crash-reporting-url syncthing-config-crash-reporting-url (default "https://crash.syncthing.net/newcrash"))
+ (crash-reporting-enabled syncthing-config-crash-reporting-enabled (default "true"))
+ (stun-keepalive-start-s syncthing-config-stun-keepalive-start-s (default "180"))
+ (stun-keepalive-min-s syncthing-config-stun-keepalive-min-s (default "20"))
+ (stun-server syncthing-config-stun-server (default "default"))
+ (database-tuning syncthing-config-database-tuning (default "auto"))
+ (max-concurrent-incoming-request-kib syncthing-config-max-concurrent-incoming-request-kib (default "0"))
+ (announce-lan-addresses syncthing-config-announce-lan-addresses (default "true"))
+ (send-full-index-on-upgrade syncthing-config-send-full-index-on-upgrade (default "false"))
+ (connection-limit-enough syncthing-config-connection-limit-enough (default "0"))
+ (connection-limit-max syncthing-config-connection-limit-max (default "0"))
+ (insecure-allow-old-tlsVersions syncthing-config-insecure-allow-old-tlsVersions (default "false"))
+ (connection-priority-tcp-lan syncthing-config-connection-priority-tcp-lan (default "10"))
+ (connection-priority-quic-lan syncthing-config-connection-priority-quic-lan (default "20"))
+ (connection-priority-tcp-wan syncthing-config-connection-priority-tcp-wan (default "30"))
+ (connection-priority-quic-wan syncthing-config-connection-priority-quic-wan (default "40"))
+ (connection-priority-relay syncthing-config-connection-priority-relay (default "50"))
+ (connection-priority-upgrade-threshold syncthing-config-connection-priority-upgrade-threshold (default "0"))
+ (default-folder syncthing-config-default-folder
+ (default (syncthing-folder (label "") (path "~"))))
+ (default-device syncthing-config-default-device
+ (default (syncthing-device (id ""))))
+ (default-ignores syncthing-config-default-ignores (default "")))
+
+(define syncthing-config-file->sxml
+ (match-record-lambda <syncthing-config-file>
+ (folders
+ devices gui-enabled gui-tls gui-debugging gui-send-basic-auth-prompt
+ gui-address gui-user gui-password gui-apikey gui-theme ldap-enabled
+ ldap-address ldap-bind-dn ldap-transport ldap-insecure-skip-verify
+ ldap-search-base-dn ldap-search-filter listen-address global-announce-server
+ global-announce-enabled local-announce-enabled local-announce-port
+ local-announce-mcaddr max-send-kbps max-recv-kbps reconnection-interval-s
+ relays-enabled relay-reconnect-interval-m start-browser nat-enabled
+ nat-lease-minutes nat-renewal-minutes nat-timeout-seconds ur-accepted
+ ur-seen ur-unique-id ur-url ur-post-insecurely ur-initial-delay-s
+ auto-upgrade-interval-h upgrade-to-pre-releases keep-temporaries-h
+ cache-ignored-files progress-update-interval-s limit-bandwidth-in-lan
+ min-home-disk-free-unit min-home-disk-free releases-url
+ overwrite-remote-device-names-on-connect temp-index-min-blocks
+ unacked-notification-id traffic-class set-low-priority max-folder-concurrency
+ crash-reporting-url crash-reporting-enabled stun-keepalive-start-s
+ stun-keepalive-min-s stun-server database-tuning
+ max-concurrent-incoming-request-kib announce-lan-addresses
+ send-full-index-on-upgrade connection-limit-enough connection-limit-max
+ insecure-allow-old-tlsVersions connection-priority-tcp-lan
+ connection-priority-quic-lan connection-priority-tcp-wan
+ connection-priority-quic-wan connection-priority-relay
+ connection-priority-upgrade-threshold default-folder default-device
+ default-ignores)
+ `(configuration (@ (version "37"))
+ ,@(map syncthing-folder->sxml
+ folders)
+ ;; collect any devices in any folders, as well as any
+ ;; devices explicitly added.
+ ,@(map syncthing-device->sxml
+ (delete-duplicates
+ (append devices
+ (apply append
+ (map (lambda (folder)
+ (map syncthing-folder-device-device
+ (syncthing-folder-devices folder)))
+ folders)))
+ ;; devices are the same if their id's are equal
+ (lambda (device1 device2)
+ (string= (syncthing-device-id device1)
+ (syncthing-device-id device2)))))
+ (gui (@ (enabled ,gui-enabled)
+ (tls ,gui-tls)
+ (debugging ,gui-debugging)
+ (sendBasicAuthPrompt ,gui-send-basic-auth-prompt))
+ (address ,gui-address)
+ ,@(if gui-user `((user ,gui-user)) '())
+ ,@(if gui-password `((password ,gui-password)) '())
+ ,@(if gui-apikey `((apikey ,gui-apikey)) '())
+ (theme ,gui-theme))
+ (ldap ,(if ldap-enabled
+ `((address ,ldap-address)
+ (bindDN ,ldap-bind-dn)
+ ,@(if ldap-transport
+ `((transport ,ldap-transport))
+ '())
+ ,@(if ldap-insecure-skip-verify
+ `((insecureSkipVerify ,ldap-insecure-skip-verify))
+ '())
+ ,@(if ldap-search-base-dn
+ `((searchBaseDN ,ldap-search-base-dn))
+ '())
+ ,@(if ldap-search-filter
+ `((searchFilter ,ldap-search-filter))
+ '()))
+ ""))
+ (options (listenAddress ,listen-address)
+ (globalAnnounceServer ,global-announce-server)
+ (globalAnnounceEnabled ,global-announce-enabled)
+ (localAnnounceEnabled ,local-announce-enabled)
+ (localAnnouncePort ,local-announce-port)
+ (localAnnounceMCAddr ,local-announce-mcaddr)
+ (maxSendKbps ,max-send-kbps)
+ (maxRecvKbps ,max-recv-kbps)
+ (reconnectionIntervalS ,reconnection-interval-s)
+ (relaysEnabled ,relays-enabled)
+ (relayReconnectIntervalM ,relay-reconnect-interval-m)
+ (startBrowser ,start-browser)
+ (natEnabled ,nat-enabled)
+ (natLeaseMinutes ,nat-lease-minutes)
+ (natRenewalMinutes ,nat-renewal-minutes)
+ (natTimeoutSeconds ,nat-timeout-seconds)
+ (urAccepted ,ur-accepted)
+ (urSeen ,ur-seen)
+ (urUniqueID ,ur-unique-id)
+ (urURL ,ur-url)
+ (urPostInsecurely ,ur-post-insecurely)
+ (urInitialDelayS ,ur-initial-delay-s)
+ (autoUpgradeIntervalH ,auto-upgrade-interval-h)
+ (upgradeToPreReleases ,upgrade-to-pre-releases)
+ (keepTemporariesH ,keep-temporaries-h)
+ (cacheIgnoredFiles ,cache-ignored-files)
+ (progressUpdateIntervalS ,progress-update-interval-s)
+ (limitBandwidthInLan ,limit-bandwidth-in-lan)
+ (minHomeDiskFree (@ (unit ,min-home-disk-free-unit))
+ ,min-home-disk-free)
+ (releasesURL ,releases-url)
+ (overwriteRemoteDeviceNamesOnConnect ,overwrite-remote-device-names-on-connect)
+ (tempIndexMinBlocks ,temp-index-min-blocks)
+ (unackedNotificationID ,unacked-notification-id)
+ (trafficClass ,traffic-class)
+ (setLowPriority ,set-low-priority)
+ (maxFolderConcurrency ,max-folder-concurrency)
+ (crashReportingURL ,crash-reporting-url)
+ (crashReportingEnabled ,crash-reporting-enabled)
+ (stunKeepaliveStartS ,stun-keepalive-start-s)
+ (stunKeepaliveMinS ,stun-keepalive-min-s)
+ (stunServer ,stun-server)
+ (databaseTuning ,database-tuning)
+ (maxConcurrentIncomingRequestKiB ,max-concurrent-incoming-request-kib)
+ (announceLANAddresses ,announce-lan-addresses)
+ (sendFullIndexOnUpgrade ,send-full-index-on-upgrade)
+ (connectionLimitEnough ,connection-limit-enough)
+ (connectionLimitMax ,connection-limit-max)
+ (insecureAllowOldTLSVersions ,insecure-allow-old-tlsVersions)
+ (connectionPriorityTcpLan ,connection-priority-tcp-lan)
+ (connectionPriorityQuicLan ,connection-priority-quic-lan)
+ (connectionPriorityTcpWan ,connection-priority-tcp-wan)
+ (connectionPriorityQuicWan ,connection-priority-quic-wan)
+ (connectionPriorityRelay ,connection-priority-relay)
+ (connectionPriorityUpgradeThreshold ,connection-priority-upgrade-threshold))
+ (defaults
+ ,(syncthing-folder->sxml default-folder)
+ ,(syncthing-device->sxml default-device)
+ (ignores ,default-ignores)))))
+
+
+(define (serialize-syncthing-config-file config)
+ (with-output-to-string
+ (lambda ()
+ (sxml->xml (cons '*TOP* (list (syncthing-config-file->sxml config)))))))
+
(define-record-type* <syncthing-configuration>
syncthing-configuration make-syncthing-configuration
syncthing-configuration?
@@ -50,12 +470,14 @@ (define-record-type* <syncthing-configuration>
(default "users"))
(home syncthing-configuration-home ;string
(default #f))
+ (config-file syncthing-configuration-config-file
+ (default #f)) ; syncthing-config-file or file-like
(home-service? syncthing-configuration-home-service?
(default for-home?) (innate)))
(define syncthing-shepherd-service
(match-record-lambda <syncthing-configuration>
- (syncthing arguments logflags user group home home-service?)
+ (syncthing arguments logflags user group home home-service? config-file)
(list
(shepherd-service
(provision (if home-service?
@@ -64,39 +486,75 @@ (define syncthing-shepherd-service
(string-append "syncthing-" user)))))
(documentation "Run syncthing.")
(requirement (if home-service? '() '(loopback user-processes)))
- (start #~(make-forkexec-constructor
- (append (list (string-append #$syncthing "/bin/syncthing")
- "--no-browser"
- "--no-restart"
- (string-append "--logflags=" (number->string #$logflags)))
- '#$arguments)
- #:user #$(and (not home-service?) user)
- #:group #$(and (not home-service?) group)
- #:environment-variables
- (append
- (list
- (string-append "HOME="
- (or #$home
- (passwd:dir
- (getpw (if (and #$home-service?
- (not #$user))
- (getuid)
- #$user)))))
- "SSL_CERT_DIR=/etc/ssl/certs"
- "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
- (filter (negate ;XXX: 'remove' is not in (guile)
- (lambda (str)
- (or (string-prefix? "HOME=" str)
- (string-prefix? "SSL_CERT_DIR=" str)
- (string-prefix? "SSL_CERT_FILE=" str))))
- (environ)))))
+ (start #~(lambda _
+ ;; If we are managing the config, and it's not a home
+ ;; service, then exepect the config file at
+ ;; /var/lib/syncthing-<user>. This makes sure the ownership
+ ;; is correct
+ (unless (or #$(not config-file) #$home-service?)
+ (let ((user-pw (getpw #$user)))
+ (chown (string-append "/var/lib/syncthing-" #$user)
+ (passwd:uid user-pw)
+ (passwd:gid user-pw)))
+ (chmod (string-append "/var/lib/syncthing-" #$user) #o700))
+ (make-forkexec-constructor
+ (append (list (string-append #$syncthing "/bin/syncthing")
+ ;; Do not try to try to lauch a browser on startup.
+ "--no-browser"
+ ;; If syncthing crashes, let the service fail.
+ "--no-restart"
+ (string-append "--logflags=" (number->string #$logflags)))
+ ;; Optionally move data and configuration home to
+ ;; /var/lib/syncthing-<user>.
+ (if (or #$(not config-file) #$home-service?) '()
+ (list (string-append "--home=/var/lib/syncthing-" #$user)))
+ '#$arguments)
+ #:user #$(and (not home-service?) user)
+ #:group #$(and (not home-service?) group)
+ #:environment-variables
+ (append
+ (list
+ (string-append "HOME="
+ (or #$home
+ (passwd:dir
+ (getpw (if (and #$home-service?
+ (not #$user))
+ (getuid)
+ #$user)))))
+ "SSL_CERT_DIR=/etc/ssl/certs"
+ "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")
+ (filter (negate ;XXX: 'remove' is not in (guile)
+ (lambda (str)
+ (or (string-prefix? "HOME=" str)
+ (string-prefix? "SSL_CERT_DIR=" str)
+ (string-prefix? "SSL_CERT_FILE=" str))))
+ (environ))))))
(respawn? #f)
(stop #~(make-kill-destructor))))))
+
+(define syncthing-files-service
+ (match-record-lambda <syncthing-configuration> (config-file user home home-service?)
+ (if config-file
+ ;; When used as a system service, this service might be executed
+ ;; before a user's home even exists, causing it to be owned by root,
+ ;; and the skeletons to never be applied to that user's home. In such
+ ;; cases, put the config at /var/lib/syncthnig-<user>/config.xml
+ `((,(if home-service?
+ ".config/syncthing/config.xml"
+ (string-append "/var/lib/syncthing-" user "/config.xml"))
+ ,(if (file-like? config-file)
+ config-file
+ (plain-file "syncthin-config.xml" (serialize-syncthing-config-file
+ config-file)))))
+ '())))
+
(define syncthing-service-type
(service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
- syncthing-shepherd-service)))
+ syncthing-shepherd-service)
+ (service-extension special-files-service-type
+ syncthing-files-service)))
(description
"Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
--
2.48.1
Leo Famulari <leo <at> famulari.name>:Zacchaeus <eikcaz <at> zacchae.us>:Message #64 received at 75959-done <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Zacchaeus Scheffer <eikcaz <at> zacchae.us> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959-done <at> debbugs.gnu.org Subject: Re: [PATCH v10] services: syncthing: Add support for config file generation. Date: Mon, 17 Feb 2025 01:14:51 -0500
On Sun, Feb 16, 2025 at 04:35:20AM -0500, Zacchaeus Scheffer wrote: > From a573fd78e6b8d10b32eb10a753423073c7bbaeef Mon Sep 17 00:00:00 2001 > From: Zacchaeus <eikcaz <at> zacchae.us> > Date: Sun, 21 Jul 2024 00:54:25 -0700 > Subject: [PATCH v10] services: syncthing: Add support for config file > generation. > > * gnu/services/syncthing.scm: (syncthing-config-file, > syncthing-folder, syncthing-device, syncthing-folder-device): New > records; (syncthing-service-type): Add special-files-service-type > extension for the config file; (syncthing-files-service): Add service > to create config file. > * gnu/home/services/syncthing.scm: (home-syncthing-service-type): > Extend home-files-services-type and re-exported more things from > gnu/services/syncthing.scm. > * doc/guix.texi: (syncthing-service-type): Document changes. Pushed as 651f8765b657e35baf85ac74a1f6b09ff71691cb Thank you for your contribution to Guix!
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Mon, 17 Feb 2025 10:27:02 GMT) Full text and rfc822 format available.Message #67 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Zacchaeus Scheffer <eikcaz <at> zacchae.us> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Mon, 17 Feb 2025 11:26:00 +0100
Hi,
Zacchaeus Scheffer <eikcaz <at> zacchae.us> skribis:
>>From a573fd78e6b8d10b32eb10a753423073c7bbaeef Mon Sep 17 00:00:00 2001
> From: Zacchaeus <eikcaz <at> zacchae.us>
> Date: Sun, 21 Jul 2024 00:54:25 -0700
> Subject: [PATCH v10] services: syncthing: Add support for config file
> generation.
>
> * gnu/services/syncthing.scm: (syncthing-config-file,
> syncthing-folder, syncthing-device, syncthing-folder-device): New
> records; (syncthing-service-type): Add special-files-service-type
> extension for the config file; (syncthing-files-service): Add service
> to create config file.
> * gnu/home/services/syncthing.scm: (home-syncthing-service-type):
> Extend home-files-services-type and re-exported more things from
> gnu/services/syncthing.scm.
> * doc/guix.texi: (syncthing-service-type): Document changes.
>
> Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
This is a nice improvement! Much better than fiddling with the GUI.
:-)
Sorry for not chiming in earlier; I just noticed a couple of stylistic
issues:
> +This section documents a subset of the Syncthing configuration
> +options—specifically those related to Guix or those affecting how your
> +computer will connect to other computers over the network (such as
> +Syncthing relays or discovery servers). The configuration is fully
> +documented in the upstream
> +@uref{https://docs.syncthing.net/users/config.html, Syncthing config
> +documentation}; camelCase there is converted to kebab-case here. If you
“Kebab-case”, really? :-)
> +@table @asis
> +@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
Should be @code, not @var (throughout this table).
Could you send a patch fixing this?
BTW, ‘define-configuration’ would make it easier to generate this doc.
> +@item @code{gui-enabled} (default: @var{"true"})
The naming convention used in all of Guix is to add a final question
mark for Boolean values; this would be ‘gui-enabled?’.
As for the value itself, it would help a lot to use #t and #f instead of
the strings "true" and "false" (both of which have truth value in
Scheme). It leads to a bit of extra work in the serializer, but I think
it’s worth it. Because then we can also have type-checking of fields.
> +@item @code{gui-tls} (default: @var{"false"})
> +@item @code{gui-debugging} (default: @var{"false"})
> +@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
> +@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
> +@item @code{gui-user} (default: @var{#f})
> +@item @code{gui-password} (default: @var{#f})
> +A bcrypt hash of the GUI password. Remember that this will be globally
> +exposed in @file{/gnu/store}.
I believe you want @itemx for all but the first item.
> +@item @code{local-announce-port} (default: @var{"21027"})
> +@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
> +@item @code{max-send-kbps} (default: @var{"0"})
> +@item @code{max-recv-kbps} (default: @var{"0"})
> +@item @code{reconnection-interval-s} (default: @var{"60"})
Similar to what I wrote above: numbers should be numbers, not strings.
Last note: the convention throughout Guix it to avoid abbreviations.
I’m not sure about the way forward; maybe we can make those typing
changes (and perhaps some naming changes) and afford some
incompatibility because the service is young? WDYT?
Ludo’.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Mon, 17 Feb 2025 20:33:01 GMT) Full text and rfc822 format available.Message #70 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Ludovic Courtès <ludo <at> gnu.org> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Mon, 17 Feb 2025 15:32:01 -0500
Ludovic Courtès <ludo <at> gnu.org> writes:
> Hi,
>
> Zacchaeus Scheffer <eikcaz <at> zacchae.us> skribis:
>
>>>From a573fd78e6b8d10b32eb10a753423073c7bbaeef Mon Sep 17 00:00:00 2001
>> From: Zacchaeus <eikcaz <at> zacchae.us>
>> Date: Sun, 21 Jul 2024 00:54:25 -0700
>> Subject: [PATCH v10] services: syncthing: Add support for config file
>> generation.
>>
>> * gnu/services/syncthing.scm: (syncthing-config-file,
>> syncthing-folder, syncthing-device, syncthing-folder-device): New
>> records; (syncthing-service-type): Add special-files-service-type
>> extension for the config file; (syncthing-files-service): Add service
>> to create config file.
>> * gnu/home/services/syncthing.scm: (home-syncthing-service-type):
>> Extend home-files-services-type and re-exported more things from
>> gnu/services/syncthing.scm.
>> * doc/guix.texi: (syncthing-service-type): Document changes.
>>
>> Change-Id: I87eeba1ee1fdada8f29c2ee881fbc6bc4113dde9
>
> This is a nice improvement! Much better than fiddling with the GUI.
> :-)
Thanks. I'm glad you agree. Great for managing swarms of devices
> Sorry for not chiming in earlier; I just noticed a couple of stylistic
> issues:
>
>> +This section documents a subset of the Syncthing configuration
>> +options—specifically those related to Guix or those affecting how your
>> +computer will connect to other computers over the network (such as
>> +Syncthing relays or discovery servers). The configuration is fully
>> +documented in the upstream
>> +@uref{https://docs.syncthing.net/users/config.html, Syncthing config
>> +documentation}; camelCase there is converted to kebab-case here. If you
>
> “Kebab-case”, really? :-)
I believe that is an accurate term:
https://en.wikipedia.org/wiki/Naming_convention_(programming)#Delimiter-separated_words
>> +@table @asis
>> +@item @code{folders} (default: @var{(list (syncthing-folder (id "default") (label "Default Folder") (path "~/Sync")))}
>
> Should be @code, not @var (throughout this table).
>
> Could you send a patch fixing this?
Sure thing. I assume I can send it to the same issue even though it is
closed?
> BTW, ‘define-configuration’ would make it easier to generate this doc.
I originally used define-record because that is what the original
syncthing service implementation used. If there are reasons to change
this I could update this as well, but it seems fine.
>> +@item @code{gui-enabled} (default: @var{"true"})
>
> The naming convention used in all of Guix is to add a final question
> mark for Boolean values; this would be ‘gui-enabled?’.
>
> As for the value itself, it would help a lot to use #t and #f instead of
> the strings "true" and "false" (both of which have truth value in
> Scheme). It leads to a bit of extra work in the serializer, but I think
> it’s worth it. Because then we can also have type-checking of fields.
This would be easiest to implement as a sanitizer as in:
(define (bool-string bool)
(if bool "true" "false"))
(define-record-type* <syncthing-config-file>
...
(gui-enabled <accessor> (default "true")
(sanitizer bool-string))
...
But then the guix docs would technically be wrong reporting a default
value of #t instead of the actual default value of "true". I think this
would yield a more helpful type-checking error though, so I'll go this
direction unless you think otherwise.
>> +@item @code{gui-tls} (default: @var{"false"})
>> +@item @code{gui-debugging} (default: @var{"false"})
>> +@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
>> +@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
>> +@item @code{gui-user} (default: @var{#f})
>> +@item @code{gui-password} (default: @var{#f})
>> +A bcrypt hash of the GUI password. Remember that this will be globally
>> +exposed in @file{/gnu/store}.
>
> I believe you want @itemx for all but the first item.
Does it matter that the describing text only applies to gui-password,
not to the whole block? For now, I'll assume not and change all the
consecutive items with no specific documentation throughout to itemx.
>> +@item @code{local-announce-port} (default: @var{"21027"})
>> +@item @code{local-announce-mcaddr} (default: @var{"[ff12::8384]:21027"})
>> +@item @code{max-send-kbps} (default: @var{"0"})
>> +@item @code{max-recv-kbps} (default: @var{"0"})
>> +@item @code{reconnection-interval-s} (default: @var{"60"})
>
> Similar to what I wrote above: numbers should be numbers, not strings.
I'll figure this out as well, using sanitizers (or leaving it as
numbers. It seems sxml allows the body of a tag to be a number, but not
values of parameters of tags, so most the time it just works.)
> Last note: the convention throughout Guix it to avoid abbreviations.
My goal was to, as much as possible, avoid needing to maintain Syncthing
documentation in Guix. My original patch even had camelcase for record
names so the user could easily search the Syncthing documentation
knowing what keyword to search. Since you can't directly search anymore
anyway, maybe it does make sense to expand out some names. I'll do that
for these:
auth - authorization
s - seconds
m - minutes
h - hours
fs - file-system
pct - percentage
mcaddr - mac-address
recv - recieve
ur - usage-reporting
> I’m not sure about the way forward; maybe we can make those typing
> changes (and perhaps some naming changes) and afford some
> incompatibility because the service is young? WDYT?
>
> Ludo’.
I think it's unlikely that the service update will have major adoption
in the couple days between patches, so I think a bit of incompatibility
is fine.
eikcaz-
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 21 Feb 2025 11:07:04 GMT) Full text and rfc822 format available.Message #73 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Zacchaeus Scheffer <eikcaz <at> zacchae.us> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Fri, 21 Feb 2025 12:05:58 +0100
Hi,
Zacchaeus Scheffer <eikcaz <at> zacchae.us> skribis:
> I believe that is an accurate term:
> https://en.wikipedia.org/wiki/Naming_convention_(programming)#Delimiter-separated_words
Woow, TIL. :-)
> Sure thing. I assume I can send it to the same issue even though it is
> closed?
Yes, but maybe open a new issue, for clarity.
>> As for the value itself, it would help a lot to use #t and #f instead of
>> the strings "true" and "false" (both of which have truth value in
>> Scheme). It leads to a bit of extra work in the serializer, but I think
>> it’s worth it. Because then we can also have type-checking of fields.
>
> This would be easiest to implement as a sanitizer as in:
>
> (define (bool-string bool)
> (if bool "true" "false"))
> (define-record-type* <syncthing-config-file>
> ...
> (gui-enabled <accessor> (default "true")
> (sanitizer bool-string))
> ...
>
> But then the guix docs would technically be wrong reporting a default
> value of #t instead of the actual default value of "true". I think this
> would yield a more helpful type-checking error though, so I'll go this
> direction unless you think otherwise.
I would advise against using sanitizer in this way because it would lead
to inconsistencies: users would provide a boolean, but they’d get a
string when calling the accessor.
Instead the record should contain records of the “right” type;
converting to the relevant string should be left to whatever serializes
the record to the config file.
(This is something ‘define-configuration’ really helps with; I think
it’s worth looking into it!)
>>> +@item @code{gui-tls} (default: @var{"false"})
>>> +@item @code{gui-debugging} (default: @var{"false"})
>>> +@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
>>> +@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
>>> +@item @code{gui-user} (default: @var{#f})
>>> +@item @code{gui-password} (default: @var{#f})
>>> +A bcrypt hash of the GUI password. Remember that this will be globally
>>> +exposed in @file{/gnu/store}.
>>
>> I believe you want @itemx for all but the first item.
>
> Does it matter that the describing text only applies to gui-password,
> not to the whole block?
It does yes, so my suggestion is actually bogus, sorry!
Normally each field would be documented, not just ‘gui-password’.
> My goal was to, as much as possible, avoid needing to maintain Syncthing
> documentation in Guix. My original patch even had camelcase for record
> names so the user could easily search the Syncthing documentation
> knowing what keyword to search. Since you can't directly search anymore
> anyway, maybe it does make sense to expand out some names. I'll do that
> for these:
>
> auth - authorization
> s - seconds
> m - minutes
> h - hours
> fs - file-system
> pct - percentage
> mcaddr - mac-address
> recv - recieve
> ur - usage-reporting
Sounds good to me.
Thanks!
Ludo’.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Fri, 21 Feb 2025 20:27:02 GMT) Full text and rfc822 format available.Message #76 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Ludovic Courtès <ludo <at> gnu.org> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Fri, 21 Feb 2025 15:26:40 -0500
Hi all,
Ludovic Courtès <ludo <at> gnu.org> writes:
> Hi,
>
> Zacchaeus Scheffer <eikcaz <at> zacchae.us> skribis:
>> Sure thing. I assume I can send it to the same issue even though it is
>> closed?
>
> Yes, but maybe open a new issue, for clarity.
I have opened a new issue at #76379
>>> As for the value itself, it would help a lot to use #t and #f instead of
>>> the strings "true" and "false" (both of which have truth value in
>>> Scheme). It leads to a bit of extra work in the serializer, but I think
>>> it’s worth it. Because then we can also have type-checking of fields.
>>
>> This would be easiest to implement as a sanitizer as in:
>>
>> (define (bool-string bool)
>> (if bool "true" "false"))
>> (define-record-type* <syncthing-config-file>
>> ...
>> (gui-enabled <accessor> (default "true")
>> (sanitizer bool-string))
>> ...
>>
>> But then the guix docs would technically be wrong reporting a default
>> value of #t instead of the actual default value of "true". I think this
>> would yield a more helpful type-checking error though, so I'll go this
>> direction unless you think otherwise.
>
> I would advise against using sanitizer in this way because it would lead
> to inconsistencies: users would provide a boolean, but they’d get a
> string when calling the accessor.
>
> Instead the record should contain records of the “right” type;
> converting to the relevant string should be left to whatever serializes
> the record to the config file.
>
> (This is something ‘define-configuration’ really helps with; I think
> it’s worth looking into it!)
Alright, a suggestion from the Ludo made twice should not be so easily
dismissed. I should mention my original assertion here is slightly
wrong; to work, I should set (default #t), but, as you mention, the
accessor will still retrieve a string instead of a bool. I originally
tried to do my serialization through 'define-configuration', but most of
that work evaporated when I discovered sxml (which is the right way to
do it). Still, there may be some room for improvment translating to
'define-configuration'.
I will investigate how to best translate 'define-record-type*' to
'define-configuration', but in the meantime I think we should prioritize
getting my new patch (#76379) through. I renamed fields and changed
data types per your suggestions, so my new patch is backwards
incompatible with the first.
>>>> +@item @code{gui-tls} (default: @var{"false"})
>>>> +@item @code{gui-debugging} (default: @var{"false"})
>>>> +@item @code{gui-send-basic-auth-prompt} (default: @var{"false"})
>>>> +@item @code{gui-address} (default: @var{"127.0.0.1:8384"})
>>>> +@item @code{gui-user} (default: @var{#f})
>>>> +@item @code{gui-password} (default: @var{#f})
>>>> +A bcrypt hash of the GUI password. Remember that this will be globally
>>>> +exposed in @file{/gnu/store}.
>>>
>>> I believe you want @itemx for all but the first item.
>>
>> Does it matter that the describing text only applies to gui-password,
>> not to the whole block?
>
> It does yes, so my suggestion is actually bogus, sorry!
Alright, I reverted (most of) my itemx changes in the v2 patch submitted
at #76379.
> Normally each field would be documented, not just ‘gui-password’.
So here's the problem: Syncthing has a LOT of documentation for a LOT of
fields. Do we really want to maintain all that documentation in Guix?
I omitted documenting the majority of fields, pointing to Syncthing
documentation instead, out of caution for future Guix maintainers, not
laziness. I opted for just documenting (1) any feature that is specific
to Guix configuration and (2) anything that controls to which other
devices your device connects. For anything else, the user should
consult Syncthing documentation. Is my premise flawed, and I should
document everything? Maybe a one-liner for each is unlikely to be
invalidated by future Syncthing updates. WDYT?
eikcaz-
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 22 Feb 2025 11:17:02 GMT) Full text and rfc822 format available.Message #79 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Gabriel Santos <gabrielsantosdesouza <at> disroot.org> To: guix-patches <at> gnu.org, Zacchaeus Scheffer <eikcaz <at> zacchae.us>, Ludovic Courtès <ludo <at> gnu.org> Cc: Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Sat, 22 Feb 2025 08:16:36 -0300
Greetings, I appreciate your efforts on this, but this completly broke home-syncthing-service-type for me, as it's resetting my configuration, giving my device another ID. -- Gabriel Santos
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 22 Feb 2025 11:18:02 GMT) Full text and rfc822 format available.guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 22 Feb 2025 20:50:01 GMT) Full text and rfc822 format available.Message #85 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Gabriel Santos <gabrielsantosdesouza <at> disroot.org> Cc: Ludovic Courtès <ludo <at> gnu.org>, Bruno Victal <mirai <at> makinata.eu>, 75959 <at> debbugs.gnu.org, guix-patches <at> gnu.org, Leo Famulari <leo <at> famulari.name> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Sat, 22 Feb 2025 15:49:04 -0500
Hi, Gabriel Santos <gabrielsantosdesouza <at> disroot.org> writes: > Greetings, > > I appreciate your efforts on this, but this completly broke > home-syncthing-service-type for me, as it's resetting my configuration, > giving my device another ID. > > -- > Gabriel Santos I think I know why this is. At some point Syncthing changed the default config directory from ~/.config/syncthing to ~/.local/state/syncthing. If you move your syncthing .pem files from ~/.local/state/syncthing to ~/.config/syncthing, it will work. Since it seems Syncthing has changed the default, this service should really do so as well. I'll update it on the other patch that I'm submitting. -Zacchae
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 22 Feb 2025 20:50:02 GMT) Full text and rfc822 format available.guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 22 Feb 2025 23:30:02 GMT) Full text and rfc822 format available.Message #91 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Rodion Goritskov <rodion <at> goritskov.com> To: Zacchaeus Scheffer <eikcaz <at> zacchae.us> Cc: ludo <at> gnu.org, mirai <at> makinata.eu, 75959 <at> debbugs.gnu.org, Gabriel Santos <gabrielsantosdesouza <at> disroot.org>, leo <at> famulari.name Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Sun, 23 Feb 2025 00:29:25 +0100
Zacchaeus Scheffer <eikcaz <at> zacchae.us> writes: > Hi, > > Gabriel Santos <gabrielsantosdesouza <at> disroot.org> writes: > >> Greetings, >> >> I appreciate your efforts on this, but this completly broke >> home-syncthing-service-type for me, as it's resetting my configuration, >> giving my device another ID. >> >> -- >> Gabriel Santos > > I think I know why this is. At some point Syncthing changed the default > config directory from ~/.config/syncthing to ~/.local/state/syncthing. > If you move your syncthing .pem files from ~/.local/state/syncthing to > ~/.config/syncthing, it will work. Since it seems Syncthing has changed > the default, this service should really do so as well. I'll update it > on the other patch that I'm submitting. > > -Zacchae Hi! I also have a problem (cannot say if it the same as Gabriel's) - after upgrade my Syncthing instances stopped working with the odd error "remote device missing in cluster config". Moving config didn't work - and, as far as I understand, Syncthing still read the config in .config if it is present. However, it looks like it is not because the service itself, but because of the syncthing upgrade to 1.29.2 in commit 06d37f38606fabbace21e55ec7f2546b3ae5214f. I checked it by inheriting the Syncthing with the older version: > (define-public syncthing-old > (package > (inherit syncthing) > (name "syncthing-old") > (version "1.28.1") > (source (origin > (method url-fetch) > (uri (string-append "https://github.com/syncthing/syncthing" > "/releases/download/v" version > "/syncthing-source-v" version ".tar.gz")) > (sha256 > (base32 > "16j5w6hdr1x2231hw0zsxm53sw34wxcs4ijjjcnzcg1vz9drjrg9")))))) And passing it to the server: > (service syncthing-with-vpn-service-type > (syncthing-configuration > (syncthing syncthing-old) > (user "rodion"))) After that everything started working as before. Will try to investigate the issue further - couldn't find anything related neither in Syncthing form nor in the Github issues.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Sat, 22 Feb 2025 23:57:02 GMT) Full text and rfc822 format available.Message #94 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Zacchaeus Scheffer <eikcaz <at> zacchae.us> To: Rodion Goritskov <rodion <at> goritskov.com> Cc: ludo <at> gnu.org, mirai <at> makinata.eu, 75959 <at> debbugs.gnu.org, Gabriel Santos <gabrielsantosdesouza <at> disroot.org>, leo <at> famulari.name Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Sat, 22 Feb 2025 18:56:16 -0500
Rodion Goritskov <rodion <at> goritskov.com> writes: >> (service syncthing-with-vpn-service-type >> (syncthing-configuration >> (syncthing syncthing-old) >> (user "rodion"))) > > After that everything started working as before. > Will try to investigate the issue further - couldn't find anything > related neither in Syncthing form nor in the Github issues. If you aren't passing a non-#f value for config-file in syncthing-configuration, then my update should have no affect on your system, so the issue should be somewhere else, probably in the syncthing version update you mentioned. Still, the other issue of syncthing configuration directory location is one I will address. -Zacchae
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 25 Feb 2025 02:21:02 GMT) Full text and rfc822 format available.Message #97 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Rodion Goritskov <rodion <at> goritskov.com> Cc: ludo <at> gnu.org, Zacchaeus Scheffer <eikcaz <at> zacchae.us>, 75959 <at> debbugs.gnu.org, Gabriel Santos <gabrielsantosdesouza <at> disroot.org>, mirai <at> makinata.eu Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Mon, 24 Feb 2025 21:20:15 -0500
On Sun, Feb 23, 2025 at 12:29:25AM +0100, Rodion Goritskov wrote: > I also have a problem (cannot say if it the same as Gabriel's) - after upgrade my Syncthing > instances stopped working with the odd error "remote device missing in > cluster config". I see this too. I don't use the Guix service for Syncthing so it has nothing to do with that. > However, it looks like it is not because the service itself, but because > of the syncthing upgrade to 1.29.2 in commit > 06d37f38606fabbace21e55ec7f2546b3ae5214f. Yes, seems that way. > After that everything started working as before. > Will try to investigate the issue further - couldn't find anything > related neither in Syncthing form nor in the Github issues. Let's try to debug a bit before reporting this upstream.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 25 Feb 2025 03:10:02 GMT) Full text and rfc822 format available.Message #100 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Rodion Goritskov <rodion <at> goritskov.com> Cc: ludo <at> gnu.org, Zacchaeus Scheffer <eikcaz <at> zacchae.us>, 75959 <at> debbugs.gnu.org, Gabriel Santos <gabrielsantosdesouza <at> disroot.org>, mirai <at> makinata.eu Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Mon, 24 Feb 2025 22:08:47 -0500
On Sun, Feb 23, 2025 at 12:29:25AM +0100, Rodion Goritskov wrote: > However, it looks like it is not because the service itself, but because > of the syncthing upgrade to 1.29.2 in commit > 06d37f38606fabbace21e55ec7f2546b3ae5214f. We can see here that Syncthing v1.29 requires Go 1.22 or newer: https://github.com/syncthing/syncthing/blob/v1.29.2/go.mod#L3 However, the default Go version in Guix is 1.21: https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/golang.scm?id=68cd38756b51d4abd8c796a5bcbbb9ea053eafde#n1045 I fixed the bug on our end by building Syncthing with Go 1.23: https://git.savannah.gnu.org/cgit/guix.git/commit/?id=68cd38756b51d4abd8c796a5bcbbb9ea053eafde Please let me know if you still experience this problem.
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 25 Feb 2025 09:27:02 GMT) Full text and rfc822 format available.Message #103 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Gabriel Santos <gabrielsantosdesouza <at> disroot.org> To: Leo Famulari <leo <at> famulari.name>, Rodion Goritskov <rodion <at> goritskov.com> Cc: ludo <at> gnu.org, Zacchaeus Scheffer <eikcaz <at> zacchae.us>, 75959 <at> debbugs.gnu.org, mirai <at> makinata.eu Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Tue, 25 Feb 2025 00:14:12 -0300
>I see this too. I don't use the Guix service for Syncthing so it has >nothing to do with that. > >> However, it looks like it is not because the service itself, but because >> of the syncthing upgrade to 1.29.2 in commit >> 06d37f38606fabbace21e55ec7f2546b3ae5214f. > >Yes, seems that way. Since this isn't related to the service, but rather the version, I think it would be best to look at the diff between the tags: <https://github.com/syncthing/syncthing/compare/v1.28.1...v1.29.2> -- Gabriel Santos
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 25 Feb 2025 12:37:02 GMT) Full text and rfc822 format available.Message #106 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Gabriel Santos <gabrielsantosdesouza <at> disroot.org> To: Leo Famulari <leo <at> famulari.name>, Rodion Goritskov <rodion <at> goritskov.com> Cc: ludo <at> gnu.org, Zacchaeus Scheffer <eikcaz <at> zacchae.us>, 75959 <at> debbugs.gnu.org, mirai <at> makinata.eu Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Tue, 25 Feb 2025 08:37:43 -0300
>I fixed the bug on our end by building Syncthing with Go 1.23: > >https://git.savannah.gnu.org/cgit/guix.git/commit/?id=68cd38756b51d4abd8c796a5bcbbb9ea053eafde > >Please let me know if you still experience this problem. Thank you, that was it. Updating solved the issue for me. -- Gabriel Santos
guix-patches <at> gnu.org:bug#75959; Package guix-patches.
(Tue, 25 Feb 2025 23:15:01 GMT) Full text and rfc822 format available.Message #109 received at 75959 <at> debbugs.gnu.org (full text, mbox):
From: Rodion Goritskov <rodion <at> goritskov.com> To: Leo Famulari <leo <at> famulari.name> Cc: 75959 <at> debbugs.gnu.org, Rodion Goritskov <rodion <at> goritskov.com> Subject: Re: [bug#75959] [PATCH v10] services: syncthing: Add support for config file generation. Date: Wed, 26 Feb 2025 00:14:20 +0100
Hi! Syncthing 1.29.2 works great now! Thank you for the fix, Leo.
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Wed, 26 Mar 2025 11:24:11 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.