yemou.pink / nix-configs
Nix configurations for my homelab
fork atom
nix-configs / modules / cloud-storage.nix
at main 2.0 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7{ 8 sops = { 9 secrets = { 10 "rclone-nextcloud/url" = { }; 11 "rclone-nextcloud/user" = { }; 12 "rclone-nextcloud/password" = { }; 13 }; 14 templates.rclone-nextcloud-config.content = lib.generators.toINI { } { 15 nextcloud = { 16 type = "webdav"; 17 url = config.sops.placeholder."rclone-nextcloud/url"; 18 vendor = "nextcloud"; 19 user = config.sops.placeholder."rclone-nextcloud/user"; 20 pass = config.sops.placeholder."rclone-nextcloud/password"; 21 }; 22 }; 23 }; 24 25 environment.persistence."/data/persistent".directories = [ 26 { 27 directory = "/var/cache/rclone"; 28 mode = "0700"; 29 } 30 ]; 31 32 systemd.services.rclone-nextcloud = { 33 enable = true; 34 description = "NextCloud VFS (rclone)"; 35 after = [ "network-online.target" ]; 36 wants = [ "network-online.target" ]; 37 wantedBy = [ "multi-user.target" ]; 38 serviceConfig = { 39 Type = "notify"; 40 ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /media/nextcloud"; 41 ExecStart = 42 let 43 args = [ 44 "--config ${config.sops.templates.rclone-nextcloud-config.path}" 45 "--cache-dir /var/cache/rclone/nextcloud" 46 # "--dir-cache-time 5m" # This is the default 47 # "--poll-interval 1m" # This is the default 48 "--vfs-cache-mode writes" 49 "--webdav-nextcloud-chunk-size 2Gi" 50 "--checksum" 51 "--track-renames" 52 "--allow-other" 53 "--uid 1000" 54 "--gid 1000" 55 "--dir-perms 0770" 56 "--file-perms 0660" 57 "--umask 007" 58 ]; 59 in 60 "${pkgs.rclone}/bin/rclone mount nextcloud:/ /media/nextcloud ${lib.strings.join " " args}"; 61 ExecStop = "${pkgs.fuse3}/bin/fusermount3 -z /media/nextcloud"; 62 Restart = "on-failure"; 63 }; 64 restartTriggers = [ config.sops.secrets."rclone-nextcloud/password".sopsFileHash ]; 65 }; 66}