nel.pet / cyclamen
NixOS and Home Manager config
fork atom

feat: mount nas folders for each user and the system

nel.pet c4ff07ec 62c298f0

verified
options
unified split
Changed files
+63 -13
modules
nixos
default.nix
lannas.nix
systems
nel-desktop
configuration.nix
+1
modules/nixos/default.nix
··· 2 2 _class = "nixos"; 3 3 4 4 imports = [ 5 + ./lannas.nix 5 6 ./nix.nix 6 7 ]; 7 8 }
+56
modules/nixos/lannas.nix
··· 1 + { 2 + lib, 3 + pkgs, 4 + config, 5 + ... 6 + }: let 7 + cfg = config.cyclamen.system.lannas; 8 + # TODO: secrets stuff 9 + credFile = "/etc/nixos/nas_secrets"; 10 + rootBackupsPath = "main/backup/nel"; 11 + normalUsers = lib.attrNames (lib.filterAttrs 12 + (username: user: if user.isNormalUser == true then true else false) 13 + config.users.users 14 + ); 15 + usernameToMountUnit = name: { 16 + what = "//truenas.lan.nelind.dk/${rootBackupsPath}/users/${name}"; 17 + where = "/mnt/nas/users/${name}"; 18 + type = "cifs"; 19 + options = "credentials=${credFile},uid=${name},gid=users,forcegid,forceuid,nounix,file_mode=0700,dir_mode=0700,_netdev"; 20 + mountConfig.TimeoutSec = 5; 21 + }; 22 + usernameToAutomountUnit = name: { 23 + requiredBy = [ "remote-fs.target" ]; 24 + where = "/mnt/nas/users/${name}"; 25 + automountConfig.TimeoutIdleSec = 60; 26 + }; 27 + hostnameToMountUnit = name: { 28 + what = "//truenas.lan.nelind.dk/${rootBackupsPath}/hosts/${name}"; 29 + where = "/mnt/nas/system"; 30 + type = "cifs"; 31 + options = "credentials=${credFile},file_mode=0700,dir_mode=0700,_netdev"; 32 + mountConfig.TimeoutSec = 5; 33 + }; 34 + hostnameToAutomountUnit = name: { 35 + requiredBy = [ "remote-fs.target" ]; 36 + where = "/mnt/nas/system"; 37 + automountConfig.TimeoutIdleSec = 60; 38 + }; 39 + in { 40 + options.cyclamen.system.lannas.enable = lib.mkEnableOption '' 41 + mounting of directories from the LAN NAS. mainly intended for backups. 42 + ''; 43 + 44 + config = lib.mkIf cfg.enable { 45 + boot.supportedFilesystems = [ "cifs" ]; 46 + # For mount.cifs, required unless domain name resolution is not needed. 47 + environment.systemPackages = [ pkgs.cifs-utils ]; 48 + 49 + # We use systemd mount units directly instead of fileSystems.* to avoid infinite recursion. 50 + # See https://github.com/NixOS/nixpkgs/issues/24570 for details 51 + systemd = { 52 + mounts = (lib.lists.map usernameToMountUnit normalUsers) ++ [ (hostnameToMountUnit config.networking.hostName) ]; 53 + automounts = (lib.lists.map usernameToAutomountUnit normalUsers) ++ [ (hostnameToAutomountUnit config.networking.hostName) ]; 54 + }; 55 + }; 56 + }
+6 -13
systems/nel-desktop/configuration.nix
··· 4 4 ./hardware-configuration.nix 5 5 ]; 6 6 7 + cyclamen = { 8 + system = { 9 + lannas.enable = true; 10 + }; 11 + }; 12 + 7 13 # Bootloader. 8 14 boot.loader.systemd-boot.enable = true; 9 15 boot.loader.efi.canTouchEfiVariables = true; ··· 42 48 [General] 43 49 background=${./transcoded-wallpaper.jpeg} 44 50 '') 45 - 46 - # For mount.cifs, required unless domain name resolution is not needed. 47 - cifs-utils 48 51 ]; 49 - 50 - # TODO: secrets stuff 51 - fileSystems."/mnt/nas" = { 52 - device = "//truenas.lan.nelind.dk/main"; 53 - fsType = "cifs"; 54 - options = let 55 - # this prevents hanging on network split 56 - automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; 57 - in [ "${automount_opts},credentials=/etc/nixos/nas_secrets" ]; 58 - }; 59 52 60 53 services.pulseaudio.enable = false; 61 54 security.rtkit.enable = true;