From fea3311b3939773683372fc13cbd943b727c10fd Mon Sep 17 00:00:00 2001
From: MoritzBoehme <mail@moritzboeh.me>
Date: Sun, 3 Oct 2021 18:39:08 +0200
Subject: [PATCH] added samba mounts

---
 modules/services/agenix.nix              |   2 ++
 modules/services/diskstation/default.nix |  38 ++++++++++++++++-------
 secrets/secrets.nix                      |   2 ++
 secrets/smbMedia.age                     |  12 +++++++
 secrets/smbMoritz.age                    | Bin 0 -> 660 bytes
 5 files changed, 42 insertions(+), 12 deletions(-)
 create mode 100644 secrets/smbMedia.age
 create mode 100644 secrets/smbMoritz.age

diff --git a/modules/services/agenix.nix b/modules/services/agenix.nix
index c630228..617f85b 100644
--- a/modules/services/agenix.nix
+++ b/modules/services/agenix.nix
@@ -9,4 +9,6 @@
     mode = "600";
     path = "/etc/davfs2/secrets";
   };
+  age.secrets.smbMoritz.file = ../../secrets/smbMoritz.age;
+  age.secrets.smbMedia.file = ../../secrets/smbMedia.age;
 }
diff --git a/modules/services/diskstation/default.nix b/modules/services/diskstation/default.nix
index 2be1486..7f672e7 100644
--- a/modules/services/diskstation/default.nix
+++ b/modules/services/diskstation/default.nix
@@ -4,13 +4,6 @@
   services.davfs2 = {
     enable = true;
     extraConfig = ''
-      buf_size 32
-      use_compression 1
-      table_size 4096
-      [/auto/diskstation]
-      trust_server_cert diskstation.pem
-      [/auto/media]
-      trust_server_cert diskstation.pem
       [/auto/keepass]
       trust_server_cert home-boehmies-de.pem
     '';
@@ -20,8 +13,6 @@
     autoMaster = let
       mapConf = pkgs.writeText "auto" ''
         keepass -fstype=davfs,uid=1000 :https\://davs.home.boehmies.de/home/Drive/
-        diskstation -fstype=davfs,uid=1000 :https\://192.168.0.2\:5006/home/Drive/
-        media -fstype=davfs,uid=1000 :https\://192.168.0.2\:5006/media
       '';
     in ''
       /auto file:${mapConf}
@@ -31,8 +22,31 @@
   environment.etc."davfs2/certs/diskstation.pem" = {
     text = builtins.readFile ./diskstation.pem;
   };
-  environment.etc."davfs2/certs/home-boehmies-de.pem" = {
-    text = builtins.readFile ./home-boehmies-de.pem;
+
+  fileSystems."/media/media" = {
+    device = "//192.168.0.2/media";
+    fsType = "cifs";
+    options = let
+      # this line prevents hanging on network split
+      automount_opts =
+        "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
+
+    in [
+      "${automount_opts},credentials=/run/secrets/smbMedia,uid=1000,gid=100"
+    ];
+  };
+
+  fileSystems."/media/diskstation" = {
+    device = "//192.168.0.2/home/Drive";
+    fsType = "cifs";
+    options = let
+      # this line prevents hanging on network split
+      automount_opts =
+        "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
+
+    in [
+      "${automount_opts},credentials=/run/secrets/smbMoritz,uid=1000,gid=100"
+    ];
   };
 
   home-manager.users.moritz = {
@@ -41,7 +55,7 @@
       pairs = {
         keepass.roots = [ "/home/moritz/Keepass" "/auto/keepass" ];
         diskstation = {
-          roots = [ "/home/moritz/Documents" "/auto/diskstation" ];
+          roots = [ "/home/moritz/Documents" "/media/diskstation" ];
           commandOptions = {
             auto = "true";
             batch = "true";
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 892fe32..1987304 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -11,4 +11,6 @@ let
 in {
   "nordvpn.age".publicKeys = users ++ hosts;
   "davfs.age".publicKeys = users ++ hosts;
+  "smbMoritz.age".publicKeys = users ++ hosts;
+  "smbMedia.age".publicKeys = users ++ hosts;
 }
diff --git a/secrets/smbMedia.age b/secrets/smbMedia.age
new file mode 100644
index 0000000..7e4624c
--- /dev/null
+++ b/secrets/smbMedia.age
@@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> ssh-ed25519 ZYd7Zg ZSzrad3yohMhlM8+Tdr+LjTUqzxd7uXr6udffNjsYS4
+0WVNLdXmw0BX1L2Oa1f5h0/16KLZ9Tlw3XOj/50Jvrc
+-> ssh-ed25519 wG6LYg T5TU592Q/oERkYzgj80V3DxU9E8LUIDVxJts09sBXwk
+ospPAH+10LCuhDDVk0d9m6ONwDRaQusv54P0DtRbzz8
+-> ssh-ed25519 CjuqfA lOZt3LmXW0PKYELNl7WbUd3AoQte4YPnUvw6WEU9wW0
+X6q1zv9m9zCJWM6cYjagOOzA/ESVQRSEHvlnwRHJx7U
+-> :>-grease
+ykOwD1jnYtkqqBx/YxyrUbr6AiQjzU7bug
+--- FJNBXl9G9I7m9B1gBd56H6hGYTVmcxEnrNGRreU07OA
+ñÙ§-¤3»ý™c=žP©÷UnSûE™
+ô–+Âó´Ž„¹Å®w=#ŸÃ£åL?tÅ–7ÞSd‰©0Rªüäs¥<‘¤ãÓTéØÖÍ˜èÒi¢Q»¸
\ No newline at end of file
diff --git a/secrets/smbMoritz.age b/secrets/smbMoritz.age
new file mode 100644
index 0000000000000000000000000000000000000000..efda958024f932e04a60a58e3733b2c5fadef20e
GIT binary patch
literal 660
zcmZ9_JB!l*003a;jG}{s7(^WG)jXO<tDvT7lO}DFwn^J0;E?9kBu&$#X_{2QMGzDY
z5#>OfbiBbu5OKOe5f>4J>*U>SZi0h1I4G|7{ejPL?Xo>HlVYBF(d=rJxKM@w<s0B)
zF)7;?isMKP)HRFLU9dfp8ib}0Fe8RyEaSw)svs?K6xmZ{-r*Z`C^tf@T3NCj!1!pz
z$6zg41<gW-Nr!}JAA;uW%!wf{X1O?tEXixZtHH@_#S$IO1!YpJyE^GM#`<7jA?>Qo
z4G}>f3mDaw;wV&t1s<ld3#l-mF;>)DnJOMN`Ke{Yr7qoTGEAr9ibPN|s5w+h>dl^u
znb^sV_Ls3kfopZbX}YCw0omszpXd)uxk-9yx-!=s=A}*^NKRBq&B*}pb3Af%llS2^
z<=K_-a)wGcvUJ#HXtF|=4x<7}j4o~m+W*b+ZwiW2b`#rJ*kBc1!C-L>glRM@U0i~B
zhvTx_G*D@D&=HlTnAAYoqF*SJun>_f;SHK-58J7cF_=@MpxQ8oq~VCCM}dOjh>YiH
z)XDHE5U8^zUso-ipU`wN*YP1T!&+uj>}!5rphVQisy(Nhi*w725oqGddS5J}deEa7
zbqWLJavAKZb2;R*^`bN&#~I^s{MzX*F>|c+*^!kQGTd^y)3rZ?1>ni0<AcrpuaAE`
zJ!9VKeS7x)&3SL@`u8iRKb?Jh?$L`2A5ZO&znJ7XwYQ14h2CBKr+@h1aJrx0+Wq@M
hIN00S9Q}T^zyIa<-u55i<<aGb>A~wQ<K5@Y?mrHK=$-%o

literal 0
HcmV?d00001