Add terranix config for syncthing container

Signed-off-by: Magic_RB <magic_rb@redalder.org>

terranix/containers/syncthing/default.nix

@@ -0,0 +1,46 @@
+{ pkgs, elib, ... }:
+let
+  inherit (elib)
+    nfsVolume
+    nomadJob;
+
+  sharePrefix = "/mnt/kyle/infrastructure/syncthing";
+
+  flake_host = "";
+  flake_rev = "";
+  flake_ref = "";
+  flake_sha = "";
+in
+{
+  resource."nomad_volume"."syncthing-data" = nfsVolume {
+    access_mode = "single-node-writer";
+    volume_name   = "syncthing-data";
+    server = "blowhole.hosts.in.redalder.org";
+    share = sharePrefix + "/data";
+    mount_flags = [ "hard" "vers=4.2" "rsize=131072" "wsize=131072" "async" ];
+  };
+
+  resource."nomad_volume"."syncthing-storage" = nfsVolume {
+    access_mode = "single-node-writer";
+    volume_name   = "syncthing-storage";
+    server = "blowhole.hosts.in.redalder.org";
+    share = sharePrefix + "/data";
+    mount_flags = [ "hard" "vers=4.2" "rsize=131072" "wsize=131072" "async" ];
+  };
+
+  resource."nomad_volume"."syncthing-config" = nfsVolume {
+    access_mode = "single-node-writer";
+    volume_name   = "syncthing-config";
+    server = "blowhole.hosts.in.redalder.org";
+    share = sharePrefix + "/data";
+    mount_flags = [ "hard" "vers=4.2" "rsize=131072" "wsize=131072" "async" ];
+  };
+
+  resource."nomad_job"."syncthing" = nomadJob {
+    jobspec = ./job.hcl;
+    vars = {
+      flake_ref = "${flake_host}?rev=${flake_rev}&ref=${flake_ref}";
+      flake_sha = flake_sha;
+    };
+  };
+}

terranix/containers/syncthing/job.hcl

@@ -0,0 +1,109 @@
+variable "flake_ref" {
+  type = string
+}
+
+variable "flake_sha" {
+  type = string
+}
+
+job "syncthing" {
+  datacenters = [ "homelab-1" ]
+  type = "service"
+
+  group "syncthing" {
+    count = 1
+
+    volume "syncthing-data" {
+      type = "csi"
+      source = "syncthing-data"
+      read_only = false
+
+      attachment_mode = "file-system"
+      access_mode = "single-node-writer"
+    }
+
+    volume "syncthing-config" {
+      type = "csi"
+      source = "syncthing-config"
+      read_only = false
+
+      attachment_mode = "file-system"
+      access_mode = "single-node-writer"
+    }
+
+    volume "syncthing-storage" {
+      type = "csi"
+      source = "syncthing-storage"
+      read_only = false
+
+      attachment_mode = "file-system"
+      access_mode = "single-node-writer"
+    }
+
+    network {
+      mode = "bridge"
+    }
+
+    service {
+      name = "syncthing"
+      port = "8384"
+
+      ## Syncthing with auth returns 402: Unauthorized and Nomad interprets it as
+      ## service failure.
+      # check {
+      #         type = "http"
+      #         address_mode = "alloc"
+      #         path = "/"
+      #         port = "8384"
+      #         interval = "10s"
+      #         timeout = "10s"
+      # }
+
+      connect {
+        sidecar_service {}
+
+        sidecar_task {
+          resources {
+            cpu = 75
+            memory = 48
+            memory_max = 96
+          }
+        }
+      }
+    }
+
+      task "syncthing" {
+        driver = "docker"
+
+        config {
+          nix_flake_ref =  "\\\\${var.flake_ref}#nixngSystems.syncthing.config.system.build.toplevel"
+          nix_flake_sha = var.flake_sha
+          entrypoint = [ "init" ]
+        }
+
+        resources {
+          cpu = 512
+          memory = 512
+          memory_max = 1024
+        }
+
+        volume_mount {
+          volume = "syncthing-data"
+          destination = "/var/syncthing/data"
+          read_only = false
+        }
+
+        volume_mount {
+          volume = "syncthing-config"
+          destination = "/var/syncthing/config"
+          read_only = false
+        }
+
+        volume_mount {
+          volume = "syncthing-storage"
+          destination = "/var/syncthing/storage"
+          read_only = false
+        }
+      }
+  }
+}