simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity

media-mount: Add storage box

Browse source
This commit is contained in:
Simon Bruder 2022-08-09 15:13:50 +02:00
parent 685d3fa9f2
commit 0b4bfc931c
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
2 changed files with 47 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
modules/media-mount.nix
View file

@ -1,22 +1,39 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
mkMount = remote: { mkMount = remote: { port ? 22, ro ? true, idmap ? null }:
device = remote; assert !(isNull idmap) -> lib.elem idmap.type [ "simple" ];
fsType = "sshfs"; {
options = [ device = remote;
"ro" fsType = "sshfs";
"allow_other" options = [
"allow_other"
"_netdev" "_netdev"
"x-systemd.idle-timeout=5min" "x-systemd.idle-timeout=5min"
"x-systemd.automount" "x-systemd.automount"
"reconnect" "port=${toString port}"
"ServerAliveInterval=15"
"ServerAliveCountMax=1" "reconnect"
"IdentityFile=${config.sops.secrets.media-ssh-key.path}" "ServerAliveInterval=15"
]; "ServerAliveCountMax=1"
}; "IdentityFile=${config.sops.secrets.media-ssh-key.path}"
] ++ lib.optionals ro [
"ro"
] ++ lib.optionals (!ro) [
"default_permissions" # if it is writable, permissions should be checked
] ++ lib.optionals (!(isNull idmap)) ([
"idmap=${if lib.elem idmap.type [ "file" "user" ] then idmap.type else "file"}"
"nomap=ignore"
] ++ lib.optionals (idmap.type == "simple") [
"uidfile=${pkgs.writeText "uidfile" ''
${idmap.username}:${toString idmap.uid}
''}"
"gidfile=${pkgs.writeText "gidfile" ''
${idmap.groupname}:${toString idmap.gid}
''}"
]);
};
in in
lib.mkIf config.sbruder.gui.enable { lib.mkIf config.sbruder.gui.enable {
sops.secrets.media-ssh-key = { }; sops.secrets.media-ssh-key = { };
@ -24,7 +41,18 @@ lib.mkIf config.sbruder.gui.enable {
system.fsPackages = with pkgs; [ sshfs ]; system.fsPackages = with pkgs; [ sshfs ];
fileSystems = { fileSystems = {
"/home/simon/mounts/media" = mkMount "media@fuuko.home.sbruder.de:/data/media"; "/home/simon/mounts/media" = mkMount "media@fuuko.home.sbruder.de:/data/media" { };
"/home/simon/mounts/torrent" = mkMount "media@fuuko.home.sbruder.de:/data/torrent"; "/home/simon/mounts/torrent" = mkMount "media@fuuko.home.sbruder.de:/data/torrent" { };
"/home/simon/mounts/storagebox" = mkMount "u313368@personal.storagebox.sbruder.de:" {
port = 23;
ro = false;
idmap = {
type = "simple";
username = "simon";
groupname = "users";
uid = 313368;
gid = 313368;
};
};
}; };
} }

2
modules/ssh.nix
View file

@ -11,6 +11,8 @@
programs.ssh.knownHosts = { programs.ssh.knownHosts = {
"[git.sbruder.de]:2022".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINV/2NbmkWuOs/RyULTex1MkLaKrrDJFj8piX2CR+ms/"; "[git.sbruder.de]:2022".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINV/2NbmkWuOs/RyULTex1MkLaKrrDJFj8piX2CR+ms/";
"[personal.storagebox.sbruder.de]:23".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs";
sayuri = { sayuri = {
hostNames = [ "sayuri" "sayuri.home.sbruder.de" "sayuri.vpn.sbruder.de" ]; hostNames = [ "sayuri" "sayuri.home.sbruder.de" "sayuri.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIg/622wS8SFlzS29TPW9li3pNdbdHNjlGb4XTyXR0QR"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIg/622wS8SFlzS29TPW9li3pNdbdHNjlGb4XTyXR0QR";