kirasok
1
I want to create system service for Syncthing, which would have data readable and writable for users in syncthing group, and readable for all others.
I see in /proc/<PID>/status that Umask 0002 yet new files are created with 0700 permissions
My syncthing configuration:
services.syncthing = {
enable = true;
dataDir = "/srv/syncthing";
configDir = "/var/lib/syncthing";
extraFlags = [
"--no-upgrade"
];
guiAddress = "0.0.0.0:8384";
openDefaultPorts = true;
overrideDevices = false;
overrideFolders = false;
settings.options = {
globalAnnounceEnabled = false;
relaysEnabled = false;
natEnabled = false;
urAccepted = -1;
};
};
systemd.services.syncthing.serviceConfig.UMask = "0002";
My nixpkgs revision is 1306659
According to Starting Syncthing Automatically — Syncthing documentation you also need to ignore permissions in syncthing’s settings, i.e. (settings icon) > Default Configuration > Edit Folder Defaults > Advanced and enable Ignore Permissions there.
Declarative config would involve some combination of https://docs.syncthing.net/users/config.html#defaults-element and https://docs.syncthing.net/users/config.html#config-option-folder.ignoreperms.
You’ll have to edit each of your existing folders and enable the toggle there as well.
kirasok
3
I enabled Ignore Permissions in my config, I checked that it is enabled in GUI, yet still folders and files were created as if umask was 0077.
settings = {
defaults = {
folder = {
path = "~";
ignorePerms = true;
};
};
};
I noticed it only happens for auto accepted folders. There is an open issue on Github. I think it is a bug on Syncthing side.
1 Like
Well, yeah, there’s no nix code controlling how files get created in syncthing. This is entirely syncthing’s problem if it doesn’t work.