{ globals, config, lib, ... }: { options.syncthing.enable = lib.mkEnableOption "syncthing"; config = lib.mkIf config.syncthing.enable { kubernetes.resources = { deployments.syncthing.spec = { selector.matchLabels.app = "syncthing"; strategy = { type = "RollingUpdate"; rollingUpdate = { maxSurge = 0; maxUnavailable = 1; }; }; template = { metadata.labels.app = "syncthing"; spec = { nodeName = "jefke"; containers.syncthing = { image = globals.images.syncthing; ports.web.containerPort = 8384; imagePullPolicy = "IfNotPresent"; env = { PUID.value = "33"; PGID.value = "33"; TZ.value = "Europe/Amsterdam"; }; volumeMounts = [ { name = "config"; mountPath = "/config"; } { name = "keepassxc"; mountPath = "/keepassxc"; } ]; }; volumes = { keepassxc.hostPath = { path = "/mnt/longhorn/persistent/volumes/keepassxc"; type = "Directory"; }; config.hostPath = { path = "/mnt/longhorn/persistent/volumes/syncthing"; type = "Directory"; }; }; securityContext = { fsGroup = 33; fsGroupChangePolicy = "OnRootMismatch"; }; }; }; }; services.syncthing.spec = { type = "LoadBalancer"; loadBalancerIP = globals.syncthingIPv4; selector.app = "syncthing"; ports.web = { port = 80; targetPort = "web"; }; }; }; lab = { tailscaleIngresses.tailscale = { host = "syncthing"; service.name = "syncthing"; }; }; }; }