{
  lib,
  config,
  pkgs,
  username,
  ...
}:
let
  cfg = config.syncthing;
in
{
  options = {
    syncthing = {
      enable = lib.mkEnableOption "Enable syncthing in NixOS and home-manager";
    };
  };
  config = lib.mkIf cfg.enable {
    services.syncthing = {
      enable = true;
      key = "${config.sops.secrets."syncthing/key".path}";
      cert = "${config.sops.secrets."syncthing/cert".path}";
      user = "${username}";
      group = "users";
      dataDir = "/home/${username}";
      configDir = "/home/${username}/.config/syncthing";
      overrideDevices = true; # overrides any devices added or deleted through the WebUI
      overrideFolders = true; # overrides any folders added or deleted through the WebUI
      settings = {
        urAccepted = -1;
        gui = {
          user = username;
          password = config.sops.secrets.password_insecure;
        };
        devices = {
          "luna" = {
            id = "TM4RJVL-W2CJ32S-ZF3VN2K-DYOUT5Z-DJPAK4R-DMB4B7X-L35KLEP-NAM7QQJ";
          };
          "thalia" = {
            id = "TPTJE5T-3EKRCLJ-LWH5RTK-QCBNQ4V-AXNOLOS-6GB2C3R-Z3SYAFQ-PBS6BAP";
          };
        };
        folders = {
          "Notes" = {
            id = "erz9x-lv3ww";
            label = "Notes";
            path = "~/Notes";
            devices = [
              "luna"
              "thalia"
            ]; # Which devices to share the folder with
          };
          "Documents" = {
            id = "ye1o9-0c6bd";
            label = "Documents";
            path = "~/Documents";
            devices = [
              "luna"
              "thalia"
            ];
          };
        };
      };
    };
    networking.firewall.allowedTCPPorts = [ 22000 ];
    networking.firewall.allowedUDPPorts = [
      22000
      21027
    ];
    systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
  };
}