commit c4ff07ecde7abc777d4ec5c60b6f1bd861dfaded · nel.pet/cyclamen

modules/nixos/default.nix

···

       2
        
         _class = "nixos";

     

       3
        
       

     

       4
        
         imports = [

     

       0
        
       
     

       5
        
           ./nix.nix

     

       6
        
         ];

     

       7
        
       }

···

       2
        
         _class = "nixos";

     

       3
        
       

     

       4
        
         imports = [

     

       5
       +
           ./lannas.nix

     

       6
        
           ./nix.nix

     

       7
        
         ];

     

       8
        
       }

+56

modules/nixos/lannas.nix

···

       1
       +
       {

     

       2
       +
         lib,

     

       3
       +
         pkgs,

     

       4
       +
         config,

     

       5
       +
         ...

     

       6
       +
       }: let

     

       7
       +
         cfg = config.cyclamen.system.lannas;

     

       8
       +
         # TODO: secrets stuff

     

       9
       +
         credFile = "/etc/nixos/nas_secrets";

     

       10
       +
         rootBackupsPath = "main/backup/nel";

     

       11
       +
         normalUsers = lib.attrNames (lib.filterAttrs

     

       12
       +
           (username: user: if user.isNormalUser == true then true else false)

     

       13
       +
           config.users.users

     

       14
       +
         );

     

       15
       +
         usernameToMountUnit = name: {

     

       16
       +
           what = "//truenas.lan.nelind.dk/${rootBackupsPath}/users/${name}";

     

       17
       +
           where = "/mnt/nas/users/${name}";

     

       18
       +
           type = "cifs";

     

       19
       +
           options = "credentials=${credFile},uid=${name},gid=users,forcegid,forceuid,nounix,file_mode=0700,dir_mode=0700,_netdev";

     

       20
       +
           mountConfig.TimeoutSec = 5;

     

       21
       +
         };

     

       22
       +
         usernameToAutomountUnit = name: {

     

       23
       +
           requiredBy = [ "remote-fs.target" ];

     

       24
       +
           where = "/mnt/nas/users/${name}";

     

       25
       +
           automountConfig.TimeoutIdleSec = 60;

     

       26
       +
         };

     

       27
       +
         hostnameToMountUnit = name: {

     

       28
       +
           what = "//truenas.lan.nelind.dk/${rootBackupsPath}/hosts/${name}";

     

       29
       +
           where = "/mnt/nas/system";

     

       30
       +
           type = "cifs";

     

       31
       +
           options = "credentials=${credFile},file_mode=0700,dir_mode=0700,_netdev";

     

       32
       +
           mountConfig.TimeoutSec = 5;

     

       33
       +
         };

     

       34
       +
         hostnameToAutomountUnit = name: {

     

       35
       +
           requiredBy = [ "remote-fs.target" ];

     

       36
       +
           where = "/mnt/nas/system";

     

       37
       +
           automountConfig.TimeoutIdleSec = 60;

     

       38
       +
         };

     

       39
       +
       in {

     

       40
       +
         options.cyclamen.system.lannas.enable = lib.mkEnableOption ''

     

       41
       +
           mounting of directories from the LAN NAS. mainly intended for backups.

     

       42
       +
         '';

     

       43
       +
       

     

       44
       +
         config = lib.mkIf cfg.enable {

     

       45
       +
           boot.supportedFilesystems = [ "cifs" ];

     

       46
       +
           # For mount.cifs, required unless domain name resolution is not needed.

     

       47
       +
           environment.systemPackages = [ pkgs.cifs-utils ];

     

       48
       +
       

     

       49
       +
           # We use systemd mount units directly instead of fileSystems.* to avoid infinite recursion.

     

       50
       +
           # See https://github.com/NixOS/nixpkgs/issues/24570 for details

     

       51
       +
           systemd = {

     

       52
       +
             mounts = (lib.lists.map usernameToMountUnit normalUsers) ++ [ (hostnameToMountUnit config.networking.hostName) ];

     

       53
       +
             automounts = (lib.lists.map usernameToAutomountUnit normalUsers) ++ [ (hostnameToAutomountUnit config.networking.hostName) ];

     

       54
       +
           };

     

       55
       +
         };

     

       56
       +
       }

+6 -13

systems/nel-desktop/configuration.nix

···

       4
        
           ./hardware-configuration.nix

     

       5
        
         ];

     

       6
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       7
        
         # Bootloader.

     

       8
        
         boot.loader.systemd-boot.enable = true;

     

       9
        
         boot.loader.efi.canTouchEfiVariables = true;

     
···

       42
        
             [General]

     

       43
        
             background=${./transcoded-wallpaper.jpeg}

     

       44
        
           '')

     

       45
       -
       

     

       46
       -
           # For mount.cifs, required unless domain name resolution is not needed.

     

       47
       -
           cifs-utils

     

       48
        
         ];

     

       49
       -
       

     

       50
       -
         # TODO: secrets stuff

     

       51
       -
         fileSystems."/mnt/nas" = {

     

       52
       -
           device = "//truenas.lan.nelind.dk/main";

     

       53
       -
           fsType = "cifs";

     

       54
       -
           options = let

     

       55
       -
             # this prevents hanging on network split

     

       56
       -
             automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";

     

       57
       -
           in [ "${automount_opts},credentials=/etc/nixos/nas_secrets" ];

     

       58
       -
         };

     

       59
        
       

     

       60
        
         services.pulseaudio.enable = false;

     

       61
        
         security.rtkit.enable = true;

···

       4
        
           ./hardware-configuration.nix

     

       5
        
         ];

     

       6
        
       

     

       7
       +
         cyclamen = {

     

       8
       +
           system = {

     

       9
       +
             lannas.enable = true;

     

       10
       +
           };

     

       11
       +
         };

     

       12
       +
       

     

       13
        
         # Bootloader.

     

       14
        
         boot.loader.systemd-boot.enable = true;

     

       15
        
         boot.loader.efi.canTouchEfiVariables = true;

     
···

       48
        
             [General]

     

       49
        
             background=${./transcoded-wallpaper.jpeg}

     

       50
        
           '')

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       51
        
         ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       52
        
       

     

       53
        
         services.pulseaudio.enable = false;

     

       54
        
         security.rtkit.enable = true;