From 0fb9ad732a2acee0983b895f2aae5344d7704a04 Mon Sep 17 00:00:00 2001
From: Alexander Kobjolke <me@failco.de>
Date: Wed, 18 Dec 2024 00:27:42 +0100
Subject: [PATCH] vsftpd: Set umask so that paperless may read

---
 hosts/igor/syncthing.nix   | 27 +++++++++++++++++++++++++++
 modules/vsftpd/default.nix |  1 +
 2 files changed, 28 insertions(+)
 create mode 100644 hosts/igor/syncthing.nix

diff --git a/hosts/igor/syncthing.nix b/hosts/igor/syncthing.nix
new file mode 100644
index 0000000..4e18d38
--- /dev/null
+++ b/hosts/igor/syncthing.nix
@@ -0,0 +1,27 @@
+{ config, lib, ... }:
+{
+  config.services.syncthing = {
+    enable = true;
+
+    user = "vsftpd";
+    group = "vsftpd";
+
+    devices = {
+      thrall = {
+        id = "P52YQU2-7LCEOVV-DSGTAZG-AJ2DSJD-JPHSUJE-HC2KAGO-YR4SXQD-V6OQ7QF";
+	addresses = [ "tcp://195.90.211.228:22000" ];
+      };
+    };
+
+    folders = {
+      "/var/lib/vsftpd/data/upload" = {
+        id = "paperless";
+	devices = [ "thrall" ];
+	versioning = {
+          type = "trashcan";
+          params.cleanoutDays = "90";
+        };
+      };
+    };
+  };
+}
diff --git a/modules/vsftpd/default.nix b/modules/vsftpd/default.nix
index cc801ef..02c1065 100644
--- a/modules/vsftpd/default.nix
+++ b/modules/vsftpd/default.nix
@@ -9,6 +9,7 @@
      enableVirtualUsers = true;
      virtualUseLocalPrivs = true;
      localRoot = "/var/lib/vsftpd/data";
+     extraConfig = "local_umask=002";
    };
 
    config.networking.firewall.allowedTCPPorts = [ 20 21 ];