added samba mounts

2021-10-03 18:39:08 +02:00 · 2021-10-03 18:39:08 +02:00 · fea3311b39
parent 58c8fe7b75
commit fea3311b39
5 changed files with 42 additions and 12 deletions
--- a/modules/services/agenix.nix
+++ b/modules/services/agenix.nix
@ -9,4 +9,6 @@
    mode = "600";
    path = "/etc/davfs2/secrets";
  };
+  age.secrets.smbMoritz.file = ../../secrets/smbMoritz.age;
+  age.secrets.smbMedia.file = ../../secrets/smbMedia.age;
 }
--- a/modules/services/diskstation/default.nix
+++ b/modules/services/diskstation/default.nix
@ -4,13 +4,6 @@
  services.davfs2 = {
    enable = true;
    extraConfig = ''
-      buf_size 32
-      use_compression 1
-      table_size 4096
-      [/auto/diskstation]
-      trust_server_cert diskstation.pem
-      [/auto/media]
-      trust_server_cert diskstation.pem
      [/auto/keepass]
      trust_server_cert home-boehmies-de.pem
    '';
@ -20,8 +13,6 @@
    autoMaster = let
      mapConf = pkgs.writeText "auto" ''
        keepass -fstype=davfs,uid=1000 :https\://davs.home.boehmies.de/home/Drive/
-        diskstation -fstype=davfs,uid=1000 :https\://192.168.0.2\:5006/home/Drive/
-        media -fstype=davfs,uid=1000 :https\://192.168.0.2\:5006/media
      '';
    in ''
      /auto file:${mapConf}
@ -31,8 +22,31 @@
  environment.etc."davfs2/certs/diskstation.pem" = {
    text = builtins.readFile ./diskstation.pem;
  };
-  environment.etc."davfs2/certs/home-boehmies-de.pem" = {
-    text = builtins.readFile ./home-boehmies-de.pem;
+
+  fileSystems."/media/media" = {
+    device = "//192.168.0.2/media";
+    fsType = "cifs";
+    options = let
+      # this line prevents hanging on network split
+      automount_opts =
+        "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
+
+    in [
+      "${automount_opts},credentials=/run/secrets/smbMedia,uid=1000,gid=100"
+    ];
+  };
+
+  fileSystems."/media/diskstation" = {
+    device = "//192.168.0.2/home/Drive";
+    fsType = "cifs";
+    options = let
+      # this line prevents hanging on network split
+      automount_opts =
+        "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
+
+    in [
+      "${automount_opts},credentials=/run/secrets/smbMoritz,uid=1000,gid=100"
+    ];
  };

  home-manager.users.moritz = {
@ -41,7 +55,7 @@
      pairs = {
        keepass.roots = [ "/home/moritz/Keepass" "/auto/keepass" ];
        diskstation = {
-          roots = [ "/home/moritz/Documents" "/auto/diskstation" ];
+          roots = [ "/home/moritz/Documents" "/media/diskstation" ];
          commandOptions = {
            auto = "true";
            batch = "true";
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -11,4 +11,6 @@ let
 in {
  "nordvpn.age".publicKeys = users ++ hosts;
  "davfs.age".publicKeys = users ++ hosts;
+  "smbMoritz.age".publicKeys = users ++ hosts;
+  "smbMedia.age".publicKeys = users ++ hosts;
 }
--- a/secrets/smbMedia.age
+++ b/secrets/smbMedia.age
@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> ssh-ed25519 ZYd7Zg ZSzrad3yohMhlM8+Tdr+LjTUqzxd7uXr6udffNjsYS4
+0WVNLdXmw0BX1L2Oa1f5h0/16KLZ9Tlw3XOj/50Jvrc
+-> ssh-ed25519 wG6LYg T5TU592Q/oERkYzgj80V3DxU9E8LUIDVxJts09sBXwk
+ospPAH+10LCuhDDVk0d9m6ONwDRaQusv54P0DtRbzz8
+-> ssh-ed25519 CjuqfA lOZt3LmXW0PKYELNl7WbUd3AoQte4YPnUvw6WEU9wW0
+X6q1zv9m9zCJWM6cYjagOOzA/ESVQRSEHvlnwRHJx7U
+-> :>-grease
+ykOwD1jnYtkqqBx/YxyrUbr6AiQjzU7bug
+--- FJNBXl9G9I7m9B1gBd56H6hGYTVmcxEnrNGRreU07OA
+ñÙ§-¤3»ý™c=žP©÷UnSûE™
+ô–+<2B>Âó´Ž„¹Å®w=#ŸÃ
£åL?tÅ–7ÞS<>d‰©0<>Rªüä<C3BC>s¥<‘¤ãÓTéØÖÍ˜èÒi<C392>¢Q»¸
--- a/secrets/smbMoritz.age
+++ b/secrets/smbMoritz.age