dotfiles/nixos/syncthing-private-vault.nix

{
  config,
  lib,
  pkgs,
  ...
}: let
  cipherDir = "/var/lib/syncthing/sync/Private.encrypted";
  mountPoint = "/home/imalison/Private";
in
  lib.mkIf config.myModules.syncthing.enable {
    system.activationScripts.syncthingPrivateVault = {
      text = ''
        install -d -o syncthing -g syncthing -m 2770 ${lib.escapeShellArg cipherDir}
      '';
    };

    home-manager.users.imalison = {lib, ...}: {
      home.packages = [pkgs.gocryptfs];

      home.activation.ensureSyncthingPrivateVaultMountpoint = lib.hm.dag.entryAfter ["writeBoundary"] ''
        mkdir -p ${lib.escapeShellArg mountPoint}
      '';
    };
  }
Commit current dotfiles changes 2026-04-12 15:33:30 -07:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}: let`
			`cipherDir = "/var/lib/syncthing/sync/Private.encrypted";`
			`mountPoint = "/home/imalison/Private";`
			`in`
			`lib.mkIf config.myModules.syncthing.enable {`
			`system.activationScripts.syncthingPrivateVault = {`
			`text = ''`
			`install -d -o syncthing -g syncthing -m 2770 ${lib.escapeShellArg cipherDir}`
			`'';`
			`};`

			`home-manager.users.imalison = {lib, ...}: {`
			`home.packages = [pkgs.gocryptfs];`

			`home.activation.ensureSyncthingPrivateVaultMountpoint = lib.hm.dag.entryAfter ["writeBoundary"] ''`
			`mkdir -p ${lib.escapeShellArg mountPoint}`
			`'';`
			`};`
			`}`