From 473d14d92134e3beed718a5497899f5b7b87193c Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 12:29:19 +0200 Subject: [PATCH 1/8] added containers --- modules/containers/default.nix | 5 ++++ modules/containers/media.nix | 53 ++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 modules/containers/default.nix create mode 100644 modules/containers/media.nix diff --git a/modules/containers/default.nix b/modules/containers/default.nix new file mode 100644 index 0000000..57c3a41 --- /dev/null +++ b/modules/containers/default.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ ./media.nix ]; +} diff --git a/modules/containers/media.nix b/modules/containers/media.nix new file mode 100644 index 0000000..09b1718 --- /dev/null +++ b/modules/containers/media.nix @@ -0,0 +1,53 @@ +{ config, lib, pkgs, ... }: + +{ + containers.radarr = { + config = { config, pkgs, ... }: { services.radarr.enable = true; }; + bindMounts = { + "/dowloads" = { + hostPath = "/var/lib/Transmission/Downloads/completed/"; + isReadOnly = true; + }; + }; + }; + containers.sonarr = { + config = { config, pkgs, ... }: { services.sonarr.enable = true; }; + bindMounts = { + "/dowloads" = { + hostPath = "/var/lib/Transmission/Downloads/completed/"; + isReadOnly = true; + }; + }; + }; + containers.jackett = { + config = { config, pkgs, ... }: { services.jackett.enable = true; }; + }; + containers.transmission = { + config = { config, pkgs, ... }: { + # services.openvpn = { servers = { nordvpn = { }; }; }; + networking.firewall = { + enable = true; + # extraStopCommands = '' + # sudo iptables -N ALLOWVPN + # sudo iptables -N BLOCKALL + + # # allow access for the interfaces loopback, tun, and tap + # sudo iptables -A OUTPUT -o tun+ -j ACCEPT; + # sudo iptables -A OUTPUT -o tap+ -j ACCEPT; + # sudo iptables -A OUTPUT -o lo+ -j ACCEPT; + + # # route outgoing data via our created chains + # sudo iptables -A OUTPUT -j ALLOWVPN; + # sudo iptables -A OUTPUT -j BLOCKALL; + + # # block all disallowed connections + # sudo iptables -A BLOCKALL -j DROP + # ''; + }; + }; + bindMounts = { + "/var/lib/transmission" = { hostPath = "/home/moritz/Transmission/"; }; + }; + }; + +} From e8ec62c608a0cd8cd97117bf0b495bbdb4c30f31 Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 12:29:45 +0200 Subject: [PATCH 2/8] moved nvidia drivers to host configuration --- hosts/nixos-desktop/default.nix | 11 ++++++----- modules/desktop/bspwm/default.nix | 21 +++++---------------- 2 files changed, 11 insertions(+), 21 deletions(-) diff --git a/hosts/nixos-desktop/default.nix b/hosts/nixos-desktop/default.nix index d17925f..dcd0660 100644 --- a/hosts/nixos-desktop/default.nix +++ b/hosts/nixos-desktop/default.nix @@ -5,11 +5,10 @@ { config, pkgs, ... }: { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; # BOOT boot = { @@ -36,6 +35,8 @@ interfaces.enp42s0.useDHCP = true; }; + services.xserver.videoDrivers = [ "nvidia" ]; + # Powersaving services.tlp.enable = true; powerManagement.enable = true; diff --git a/modules/desktop/bspwm/default.nix b/modules/desktop/bspwm/default.nix index 917f244..0983104 100644 --- a/modules/desktop/bspwm/default.nix +++ b/modules/desktop/bspwm/default.nix @@ -6,8 +6,6 @@ enable = true; layout = "de"; - videoDrivers = [ "nvidia" ]; - displayManager = { defaultSession = "none+bspwm"; @@ -15,15 +13,13 @@ enable = true; user = "moritz"; }; - lightdm = { - enable = true; - }; + lightdm = { enable = true; }; }; windowManager.bspwm.enable = true; }; }; - - console.keyMap = "de"; + + console.keyMap = "de"; home-manager.users.moritz = { xsession.windowManager.bspwm.enable = true; @@ -39,16 +35,9 @@ source = ./sxhkdrc; onChange = "pkill -USR1 -x sxhkd"; }; - "wallpaper/dracula.png" = { - source = ./dracula.png; - }; + "wallpaper/dracula.png" = { source = ./dracula.png; }; }; }; - home.packages = with pkgs; [ - feh - playerctl - pamixer - brightnessctl - ]; + home.packages = with pkgs; [ feh playerctl pamixer brightnessctl ]; }; } From 586303413f4756930383fcd72cc0e720c6ff713e Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 12:30:29 +0200 Subject: [PATCH 3/8] updated system --- flake.lock | 44 ++++++++++++++++++++++---------------------- flake.nix | 12 ++++-------- 2 files changed, 26 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 8ff4b44..c2f4a6c 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1631325864, - "narHash": "sha256-bBvrjUS0qfgC4LPFthGJ5E8Fl0f5UvlrCB3o5Bnn9ys=", + "lastModified": 1631896269, + "narHash": "sha256-DAyCxJ8JacayOzGgGSfzrn7ghtsfL/EsCyk1NEUaAR8=", "owner": "ryantm", "repo": "agenix", - "rev": "5c5bc282565f03f9c5b3d6e72b7cb985706148a6", + "rev": "daf1d773989ac5d949aeef03fce0fe27e583dbca", "type": "github" }, "original": { @@ -20,11 +20,11 @@ }, "emacs-overlay": { "locked": { - "lastModified": 1631640088, - "narHash": "sha256-vO0HTtz939+MYIa+V/NhL9ukejnGnj9zV6/tcFHZaqk=", + "lastModified": 1632992735, + "narHash": "sha256-EuqMxgREM2lNk7JLyHfl5732gjW6pZJurgmKWWUo6ow=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "a12736ea74a0ff688704adc2b22ff4f70b39bd07", + "rev": "5fa26165cf34adbe693b159093ea15f24f7f7ea4", "type": "github" }, "original": { @@ -84,11 +84,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1631653811, - "narHash": "sha256-7Gp82o1g/kTUybopdktDMmZQ947Zm6vtoG4LJC9LTb0=", + "lastModified": 1633216075, + "narHash": "sha256-6Hmj0rOMH1/RYxtbpZcjZPjsXs5ghDlck+iFpQtesQw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a59d9b39f1dd0338cdaa0a5c5bdc3f4b69801881", + "rev": "966add9f99d13c1b106c25c0c5e656ed54f758b5", "type": "github" }, "original": { @@ -100,11 +100,11 @@ }, "nur": { "locked": { - "lastModified": 1631656225, - "narHash": "sha256-+x5QSzkmXgMURYlMTZXWotJ+hJvl1z4xU5kn8Dwu6a0=", + "lastModified": 1633248222, + "narHash": "sha256-+ZR+F0bwX5kZS1Q6oL2iMv/CLIXxRWGAzP65+rGcDDg=", "owner": "nix-community", "repo": "NUR", - "rev": "883cfd1d38023902359f4a7d0d19ad33b1af3d20", + "rev": "a328c48d6753aac69f3efdd4a9f4d61b9e9f48f2", "type": "github" }, "original": { @@ -145,11 +145,11 @@ }, "unstable": { "locked": { - "lastModified": 1631470189, - "narHash": "sha256-hkUPYlpNOY9nbG1ByRin9NzPAYnPtwq/nGxO/DoeZd0=", + "lastModified": 1633080050, + "narHash": "sha256-T9I2WnlUzAIL70dk9V1jqaYk3nypy/cMkWR19S47ZHc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "364b5555ee04bf61ee0075a3adab4c9351a8d38c", + "rev": "82155ff501c7622cb2336646bb62f7624261f6d7", "type": "github" }, "original": { @@ -164,16 +164,16 @@ "flake-utils": "flake-utils" }, "locked": { - "lastModified": 1631019843, - "narHash": "sha256-DUcnmOHK35JGfseRT/hhf5jSaN0+pSi9zoI9vLstlZk=", + "lastModified": 1630860118, + "narHash": "sha256-JwLcC/zRR6ypk4/Ks7plWBvThYoLhURaH2zvjuWVmyA=", "owner": "gytis-ivaskevicius", "repo": "flake-utils-plus", - "rev": "8cd9fd963f7ff2fa5c11177cd9d8f9199b60e54b", + "rev": "813281281363ec45af155c8d2ceb7c5132d4de45", "type": "github" }, "original": { "owner": "gytis-ivaskevicius", - "ref": "release-1.2.0-without-deprecated-code", + "ref": "1.3.0", "repo": "flake-utils-plus", "type": "github" } @@ -197,11 +197,11 @@ "zsh-syntax-highlighting": { "flake": false, "locked": { - "lastModified": 1629459010, - "narHash": "sha256-m+gKQXNRYTpraWDXVMTU6UPJFivcyhOw3dNofFR4cyU=", + "lastModified": 1632454857, + "narHash": "sha256-vwtgFWEs51ZfrUbWmRjcHZz+WPMFUrSHfIt4FjrMOoU=", "owner": "zsh-users", "repo": "zsh-syntax-highlighting", - "rev": "6e0e950154a4c6983d9e077ed052298ad9126144", + "rev": "1a9264bc661b3d52756916bf9ec3f41687d64db2", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index afd7e4d..b201010 100644 --- a/flake.nix +++ b/flake.nix @@ -4,8 +4,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/release-21.05"; unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - utils.url = - "github:gytis-ivaskevicius/flake-utils-plus/release-1.2.0-without-deprecated-code"; + utils.url = "github:gytis-ivaskevicius/flake-utils-plus/1.3.0"; nur.url = "github:nix-community/NUR"; agenix.url = "github:ryantm/agenix"; @@ -67,11 +66,8 @@ agenix.nixosModules.age ]; - hosts.nixos-laptop.modules = [ ./hosts/nixos-laptop ]; - hosts.nixos-desktop.modules = [ - ./hosts/nixos-desktop - ./modules/gaming - ./modules/darling-erasure - ]; + hosts.nixos-laptop.modules = + [ ./hosts/nixos-laptop ./modules/containers ]; + hosts.nixos-desktop.modules = [ ./hosts/nixos-desktop ./modules/gaming ]; }; } From 2f3e4c5c7d30640bbb60c8388536776702c85a33 Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 12:30:56 +0200 Subject: [PATCH 4/8] manage xdg dirs --- modules/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/default.nix b/modules/default.nix index a5f80b1..05f9b5a 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -32,6 +32,11 @@ home.username = "moritz"; home.homeDirectory = "/home/moritz"; + xdg.userDirs = { + enable = true; + createDirectories = true; + }; + home.stateVersion = "21.05"; }; } From 31b023759597c46cdf65a759b2833c705a5c4eb1 Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 12:31:05 +0200 Subject: [PATCH 5/8] removed security nix default --- modules/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/default.nix b/modules/default.nix index 05f9b5a..0682f0e 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, ... }: { - imports = [ ./apps ./cli ./desktop ./services ./security.nix ]; + imports = [ ./apps ./cli ./desktop ./services ]; # USERS users.users.moritz = { From ff8212fff3908ee31c3018e7417e4ecfb75bb933 Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 12:31:31 +0200 Subject: [PATCH 6/8] regenerated hardware configuration --- hosts/nixos-laptop/hardware-configuration.nix | 77 +++++++++---------- 1 file changed, 35 insertions(+), 42 deletions(-) diff --git a/hosts/nixos-laptop/hardware-configuration.nix b/hosts/nixos-laptop/hardware-configuration.nix index 2e1a17c..6a6dacb 100644 --- a/hosts/nixos-laptop/hardware-configuration.nix +++ b/hosts/nixos-laptop/hardware-configuration.nix @@ -4,59 +4,52 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = + [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; - fsType = "btrfs"; - options = [ "subvol=root" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; + fsType = "btrfs"; + options = [ "subvol=root" ]; + }; - boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8"; + boot.initrd.luks.devices."enc".device = + "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8"; - fileSystems."/home" = - { - device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; - fsType = "btrfs"; - options = [ "subvol=home" ]; - }; + fileSystems."/log" = { + device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; + fsType = "btrfs"; + options = [ "subvol=log" ]; + neededForBoot = true; + }; - fileSystems."/nix" = - { - device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; - fsType = "btrfs"; - options = [ "subvol=nix" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; + fsType = "btrfs"; + options = [ "subvol=nix" ]; + }; - fileSystems."/persist" = - { - device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; - fsType = "btrfs"; - options = [ "subvol=persist" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/938D-F813"; + fsType = "vfat"; + }; - fileSystems."/log" = - { - device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; - fsType = "btrfs"; - options = [ "subvol=log" ]; - neededForBoot = true; - }; + fileSystems."/persist" = { + device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; + fsType = "btrfs"; + options = [ "subvol=persist" ]; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/938D-F813"; - fsType = "vfat"; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154"; + fsType = "btrfs"; + options = [ "subvol=home" ]; + }; swapDevices = [{ device = "/dev/disk/by-uuid/29ebf65f-e6ca-4625-9f72-a9321152be1b"; }]; From 9fe9cbed9ed22bfac23685801bd21d4651099461 Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 16:30:35 +0200 Subject: [PATCH 7/8] switched to docker containers --- modules/containers/default.nix | 1 + modules/containers/media.nix | 99 ++++++++++++++++++++------------- secrets/nordvpn.age | Bin 551 -> 647 bytes 3 files changed, 60 insertions(+), 40 deletions(-) diff --git a/modules/containers/default.nix b/modules/containers/default.nix index 57c3a41..b64cb61 100644 --- a/modules/containers/default.nix +++ b/modules/containers/default.nix @@ -2,4 +2,5 @@ { imports = [ ./media.nix ]; + virtualisation.docker.enable = true; } diff --git a/modules/containers/media.nix b/modules/containers/media.nix index 09b1718..4ee3756 100644 --- a/modules/containers/media.nix +++ b/modules/containers/media.nix @@ -1,53 +1,72 @@ { config, lib, pkgs, ... }: { - containers.radarr = { - config = { config, pkgs, ... }: { services.radarr.enable = true; }; - bindMounts = { - "/dowloads" = { - hostPath = "/var/lib/Transmission/Downloads/completed/"; - isReadOnly = true; + virtualisation.oci-containers.containers = { + "transmission" = { + image = "haugene/transmission-openvpn"; + environmentFiles = [ /run/secrets/nordvpn ]; + environment = { + "LOCAL_NETWORK" = "192.168.0.0/24"; + "OPENVPN_PROVIDER" = "NORDVPN"; + "TRANSMISSION_ALT_SPEED_DOWN" = "20000"; + "TRANSMISSION_ALT_SPEED_TIME_ENABLED" = "true"; + "TRANSMISSION_ALT_SPEED_UP" = "2000"; + "TRANSMISSION_MAX_PEERS_GLOBAL" = "1000"; + "TRANSMISSION_PEER_LIMIT_GLOBAL" = "1000"; + "TRANSMISSION_PEER_LIMIT_PER_TORRENT" = "100"; + "TRANSMISSION_RATIO_LIMIT" = "10"; + "TRANSMISSION_RATIO_LIMIT_ENABLED" = "true"; + "TZ" = "DE"; + "ENABLE_UFW" = "true"; + "PUID" = "1000"; + "PGID" = "100"; }; + ports = [ "9091:9091" ]; + volumes = [ "/home/moritz/Docker/Transmission:/data/" ]; + extraOptions = [ "--cap-add=NET_ADMIN" ]; }; - }; - containers.sonarr = { - config = { config, pkgs, ... }: { services.sonarr.enable = true; }; - bindMounts = { - "/dowloads" = { - hostPath = "/var/lib/Transmission/Downloads/completed/"; - isReadOnly = true; + + "jackett" = { + image = "linuxserver/jackett"; + environment = { + "PUID" = "1000"; + "PGID" = "100"; + "TZ" = "DE"; }; + volumes = [ + "/home/moritz/Docker/jackett/config:/config" + "/home/moritz/Docker/jackett/blackhole:/downloads" + ]; + ports = [ "9117:9117" ]; }; - }; - containers.jackett = { - config = { config, pkgs, ... }: { services.jackett.enable = true; }; - }; - containers.transmission = { - config = { config, pkgs, ... }: { - # services.openvpn = { servers = { nordvpn = { }; }; }; - networking.firewall = { - enable = true; - # extraStopCommands = '' - # sudo iptables -N ALLOWVPN - # sudo iptables -N BLOCKALL - # # allow access for the interfaces loopback, tun, and tap - # sudo iptables -A OUTPUT -o tun+ -j ACCEPT; - # sudo iptables -A OUTPUT -o tap+ -j ACCEPT; - # sudo iptables -A OUTPUT -o lo+ -j ACCEPT; - - # # route outgoing data via our created chains - # sudo iptables -A OUTPUT -j ALLOWVPN; - # sudo iptables -A OUTPUT -j BLOCKALL; - - # # block all disallowed connections - # sudo iptables -A BLOCKALL -j DROP - # ''; + "radarr" = { + image = "linuxserver/radarr"; + environment = { + "PUID" = "1000"; + "PGID" = "100"; + "TZ" = "DE"; }; + volumes = [ + "/auto/media/movies:/movies" + "/home/moritz/Docker/transmission/completed/movies:/downloads" + "/home/moritz/Docker/radarr" + ]; + ports = [ "7878:7878" ]; }; - bindMounts = { - "/var/lib/transmission" = { hostPath = "/home/moritz/Transmission/"; }; + "sonarr" = { + image = "linuxserver/sonarr"; + environment = { + "PUID" = "1000"; + "PGID" = "100"; + "TZ" = "DE"; + }; + volumes = [ + "/auto/media/tv:/tv" + "/home/moritz/Docker/transmission/completed/movies:/downloads" + "/home/moritz/Docker/sonarr" + ]; + ports = [ "8989:8989" ]; }; }; - } diff --git a/secrets/nordvpn.age b/secrets/nordvpn.age index c5842c515279ef0e599de40195543414542fbd7c..1c4d5772f2233cb5fec9d590a2967aa5058167cb 100644 GIT binary patch delta 595 zcmWm9O>5I&003Y&)Ik)6APk(tdQ)O)ljf@+Leuq4zmqg+n^pvq=54aXu36KjO%Mtm z<~#^`5)>z*uuV|rMZ`nhE)y>bGQ43XZq_|MVfNAMW6t^PzSirTV znqG)eQK8Bfknp9D>zZMx<0Og2Lw%0Q*Njls06awo1+66{a3P-_00|0l2_&eLr5L2< zQ1JlE7MitQzlP8vWV=OD@yjfmYbSawhVC;|%K&p3ix%UU8pSBF5pk|*#NEBAp~YuK z)HQo;fWpAwQBELew{L59s^4v9OBJRV(6$136%!HHZj{ZW=LjasIVoUNNwOmgRXf&p zdTCHkdDuXwK-{Li#{bDe*yupjg-Fen3@*dV*)(Mnl;U{RTp6~cWRmlS3rUrcXEnKv z5{6%uY$Z-L2$AckFei1Hn1goWl{BJ@1qt-#ioD2sEf1F(6|KwrsB9#Va5x-dRH50o z%OxBal1h(dZHVVe5ry|@Ib#vs0JlgH4pOX|w-NjK#-phJ_u#|nTbCcM4e|YK{>OO# zwQ)AlJ9&TQ>iYEiVz7H`cjwUWd}Fk9W_h%lwxn;TzMR{6OY5(in-3;_GGkA+wTmcw z^!x^PWwrEaGFtgMyLKG#S@!Y%8+ZeZZEc-+wrxHgy%^qW=cX2xKN2&ywbu8E#p%U& VpXb+q?OdPS8!hQC55{Ny`~x~<*pmPN delta 498 zcmVDIWNJLIld3853S4KH&NoY`0aBx>;M@~Xx zNI6n+Qfo^^XL?m*3VLm7M`&kPD`-n?ZEZ4ZWMM-#M@mF-YI0?9P-S{>WMfclLRBkr zPcuwOk?|LQQ!r9-c2!|Tab`|NGfYx7a#}PiOL#PJMlyD6NMm6}Z$~*cMn*4haYaE2 zWpOrQVnZ@*RCOzPWqB`hO*l7kV@p+YZa7awbWKNgPE~U+MQ>|qS8F&5Ej}PlYe{w` zR9h`)a%Ew2WgvM*HXv1TbSnyNcr;l}PE$--HF9=;GiM4dEiE8xIZ!WZc1ulEPi{vu zb2oJ}bxTM=WL7sbSz>KtRA+2MZZ$7fML~EqWLXN1)ieGi+MJV$yY&iG8aX;(dRaQt z^2VPp)ytX2qRMo)!%Ltas?R6=P?AXeFhY<=BMixvjm$P;|mbCI=IZlgYz`SlRD!vFvP From eeabaa6954506883fcc7a25cac1c7a31beb642d1 Mon Sep 17 00:00:00 2001 From: MoritzBoehme Date: Sun, 3 Oct 2021 16:31:01 +0200 Subject: [PATCH 8/8] added media mount --- modules/services/diskstation/default.nix | 19 ++++++++++++++++++- secrets/davfs.age | Bin 672 -> 754 bytes 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/modules/services/diskstation/default.nix b/modules/services/diskstation/default.nix index 7b22b86..2be1486 100644 --- a/modules/services/diskstation/default.nix +++ b/modules/services/diskstation/default.nix @@ -4,8 +4,13 @@ services.davfs2 = { enable = true; extraConfig = '' + buf_size 32 + use_compression 1 + table_size 4096 [/auto/diskstation] trust_server_cert diskstation.pem + [/auto/media] + trust_server_cert diskstation.pem [/auto/keepass] trust_server_cert home-boehmies-de.pem ''; @@ -16,6 +21,7 @@ mapConf = pkgs.writeText "auto" '' keepass -fstype=davfs,uid=1000 :https\://davs.home.boehmies.de/home/Drive/ diskstation -fstype=davfs,uid=1000 :https\://192.168.0.2\:5006/home/Drive/ + media -fstype=davfs,uid=1000 :https\://192.168.0.2\:5006/media ''; in '' /auto file:${mapConf} @@ -34,7 +40,18 @@ enable = true; pairs = { keepass.roots = [ "/home/moritz/Keepass" "/auto/keepass" ]; - diskstation.roots = [ "/home/moritz/Documents" "/auto/diskstation" ]; + diskstation = { + roots = [ "/home/moritz/Documents" "/auto/diskstation" ]; + commandOptions = { + auto = "true"; + batch = "true"; + log = "false"; + repeat = "watch"; + sshcmd = "\${pkgs.openssh}/bin/ssh"; + ui = "text"; + fastcheck = "true"; + }; + }; }; }; }; diff --git a/secrets/davfs.age b/secrets/davfs.age index d69952ad51a0cecfdb7f4e17a05467c6a9caba01..7e4b937a748237617ea305eaab4b42c6557acb06 100644 GIT binary patch delta 702 zcmV;v0zv(t1@Z-uEPq*TM@daDQc`zAa8@yOO)@WLHZMbMLNrr2V{J!jYDa1@dPY%e zLu5);RSGvwX>N64T4^{rQ*cR3QczDyY*t!hN^e-=bVq7vRx3+UVsdLWW@#&7VlQq`SZ!}d zH)dKek?|LQL`H8zXLnXlG-qRBS~xdkQ7}etFHJ#ISvE6qcX4t^N;fM^R90|kPiQa- zMME}Octt`pcuiJUc|v7#ZfI3>S~G2RSw~oQLu*cOLw8bYbunx)P%upjEj}PXK`m!; zWnpt=AR=>O3N%%4Fjr-BZ+dxeaZz?xSxi(yL1-&~crh|7H$hQuR!?whYilbpY%w@f zFHd$#H&-iAHBf74H7jaIFl#SCa8e3TYIZR~Mp1KXb!cKtS8Ys4LRv>{SxQY;G*C4P zEiEk|T54uyHDPIYH%CiHL~KT9LSiv>R%~%hLNa4lSawopQ#C_kR9SF1Giyx>Ye!kd z0&RhRUTSaG{TX5$J8dRUB0A$Y*{q6hC^CKMggw;0umMuS059`-a)GCxw$5|5!|n!% zpNs1lKW?bw?$%&y{pY@Y*`G@5BD3i>JIBsfBNkg`r9S9>qFAQN4yQ#F7QO zWin70lL=m@L#E;mqN0o`KBg!2rXqUq;9xorJ~k1yiTM44?`QjL`?R-JGeRN676<|2 zGHJg~Sk-EhA+!jMG- zl7mCMX1E6A4gGag}(yQuELix$Zb4jD~Xx z79-JSKF2wkT%ITefkHARCSiP3hjcd{OeV$+O=SpJDwE@=6f2JFb&s1Rl}Jg5U;NS8 zf`p2UP)u2Zi&8zIG!n7=5KW;bWypRv(_nQzA~AVU6)*#Ud5X|UQA{d~f^c|+W~xX5 z%T*mA8Ko^Hi-zU0kqMhLO#Pqqn(P>9`|?#?wRJFZ3ix}$Cfi4z0#bG> z7zkq7s8E%ovWn>niYNFH%u><8M7b0q>tm6ChMG2HR&*^9L|upG(~4$#gkjf%R{)>S z2R4Kz$;a5ViWws~Yg;&}@)qKp7_7@Fy1_NnbU2gKYAH8F0mcXB0QxoYd8K>eC{$cVeaFNx6RVxp75@v%k!uA zfvc~tuSu7nL%-IJKD<9K^j-M==&-!P&3b$AwpZR|@%^2)+LJ#M&q9M#nYjvVZe|0U z2bXuB+%9*YTcOtNskSf9r}JCl%*@=tViz!NUir4raW5inys`FsCvQPrzavXXbtnGd EA6k6ooB#j-