zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Automount samba shares

Browse Source
This commit is contained in:
Zuckerberg 2022-04-24 21:56:28 -04:00
parent 73bbd39c64
commit e37878c544
7 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
common/default.nix
View File

@ -57,6 +57,7 @@
shell = pkgs.fish; shell = pkgs.fish;
openssh.authorizedKeys.keys = (import ./ssh.nix).users; openssh.authorizedKeys.keys = (import ./ssh.nix).users;
hashedPassword = "$6$TuDO46rILr$gkPUuLKZe3psexhs8WFZMpzgEBGksE.c3Tjh1f8sD0KMC4oV89K2pqAABfl.Lpxu2jVdr5bgvR5cWnZRnji/r/"; hashedPassword = "$6$TuDO46rILr$gkPUuLKZe3psexhs8WFZMpzgEBGksE.c3Tjh1f8sD0KMC4oV89K2pqAABfl.Lpxu2jVdr5bgvR5cWnZRnji/r/";
uid = 1000;
}; };
nix.trustedUsers = [ "root" "googlebot" ]; nix.trustedUsers = [ "root" "googlebot" ];

5
common/hosts.nix
View File

@ -3,6 +3,11 @@
let let
system = (import ./ssh.nix).system; system = (import ./ssh.nix).system;
in { in {
networking.hosts = {
# some DNS providers filter local ip results from DNS request
"172.30.145.180" = [ "s0.zt.neet.dev" ];
};
programs.ssh.knownHosts = { programs.ssh.knownHosts = {
liza = { liza = {
hostNames = [ "liza" "liza.neet.dev" ]; hostNames = [ "liza" "liza.neet.dev" ];

1
common/pc/default.nix
View File

@ -17,6 +17,7 @@ in {
./discord.nix ./discord.nix
./steam.nix ./steam.nix
./touchpad.nix ./touchpad.nix
./mount-samba.nix
]; ];
options.de = { options.de = {

36
common/pc/mount-samba.nix Normal file
View File

@ -0,0 +1,36 @@
# mounts the samba share on s0 over zeroteir
{ config, lib, ... }:
let
cfg = config.services.mount-samba;
# prevents hanging on network split
network_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
user_opts = "uid=${toString config.users.users.googlebot.uid},file_mode=0660,dir_mode=0770,user";
auth_opts = "credentials=/run/agenix/smb-secrets";
version_opts = "vers=2.1";
opts = "${network_opts},${user_opts},${version_opts}";
in {
options.services.mount-samba = {
enable = lib.mkEnableOption "enable mounting samba shares";
};
config = lib.mkIf (cfg.enable && config.services.zerotierone.enable) {
fileSystems."/mnt/public" = {
device = "//s0.zt.neet.dev/public";
fsType = "cifs";
options = ["guest,${opts}"];
};
fileSystems."/mnt/private" = {
device = "//s0.zt.neet.dev/googlebot";
fsType = "cifs";
options = ["${auth_opts},${opts}"];
};
age.secrets.smb-secrets.file = ../../secrets/smb-secrets.age;
};
}

2
machines/ray/configuration.nix
View File

@ -49,6 +49,8 @@
services.zerotierone.enable = true; services.zerotierone.enable = true;
services.mount-samba.enable = true;
de.enable = true; de.enable = true;
de.touchpad.enable = true; de.touchpad.enable = true;
} }

1
secrets/secrets.nix
View File

@ -17,4 +17,5 @@ in
"spotifyd.age".publicKeys = all; "spotifyd.age".publicKeys = all;
"wolframalpha.age".publicKeys = all; "wolframalpha.age".publicKeys = all;
"cloudflared-navidrome.json.age".publicKeys = all; "cloudflared-navidrome.json.age".publicKeys = all;
"smb-secrets.age".publicKeys = all;
} }

BIN
secrets/smb-secrets.age Normal file
View File

Binary file not shown.