add samba storagebox mount
This commit is contained in:
parent
4aa0b15af8
commit
46b304ceb4
2 changed files with 113 additions and 1 deletions
|
|
@ -1,9 +1,15 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, config, ... }:
|
||||||
{
|
{
|
||||||
imports = [ ./resources/prune-backup.nix ];
|
imports = [ ./resources/prune-backup.nix ];
|
||||||
|
|
||||||
networking.hostId = "cdab8473";
|
networking.hostId = "cdab8473";
|
||||||
networking.hostName = "varda"; # Define your hostname.
|
networking.hostName = "varda"; # Define your hostname.
|
||||||
|
|
||||||
|
# Add required CIFS support
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
cifs-utils
|
||||||
|
];
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "rpool/root";
|
device = "rpool/root";
|
||||||
|
|
@ -19,10 +25,32 @@
|
||||||
device = "/dev/disk/by-uuid/8091-E7F2";
|
device = "/dev/disk/by-uuid/8091-E7F2";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
"/mnt/storagebox" = {
|
||||||
|
device = "//u370253-sub2.your-storagebox.de/u370253-sub2";
|
||||||
|
fsType = "cifs";
|
||||||
|
|
||||||
|
options =
|
||||||
|
let
|
||||||
|
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,vers=3";
|
||||||
|
in
|
||||||
|
[
|
||||||
|
"${automount_opts},credentials=${config.sops.secrets.sambaCredentials.path},uid=994,gid=993" # evaluated and deployed from another machine
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
# sops
|
||||||
|
sops = {
|
||||||
|
secrets = {
|
||||||
|
"sambaCredentials" = {
|
||||||
|
sopsFile = ./secrets.sops.yaml;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# System settings and services.
|
# System settings and services.
|
||||||
mySystem = {
|
mySystem = {
|
||||||
purpose = "Production";
|
purpose = "Production";
|
||||||
|
|
|
||||||
84
nixos/hosts/varda/secrets.sops.yaml
Normal file
84
nixos/hosts/varda/secrets.sops.yaml
Normal file
|
|
@ -0,0 +1,84 @@
|
||||||
|
sambaCredentials: ENC[AES256_GCM,data:/Ghze4VQ0RKyTKZAh9T5rX37c2l+W44bayusTSHzU9jBviThWYHJBhPwgnpGaqw=,iv:3PvwXwTpQTsdKL/jqbOs0z6ErnWjY9YW5yQylUwtBMA=,tag:ecaNKAytyCC+eveQHiOtaA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1d9p83j52m2xg0vh9k7q0uwlxwhs3y6tlv68yg9s2h9mdw2fmmsqshddz5m
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5WXpsV2xYNVdWMkNWZ2NK
|
||||||
|
bUhCaXhpZG5GeWVXakdySzZhNjdnbmVFNFY4CmZiZEZDaDJSdmFCS1dQZ053V1lF
|
||||||
|
Z1ZBa0dWRy9jMVZkYXJlLy9WRmIrREEKLS0tIFFLbEhxaTI5OXQyRFJ2bWF1dU9U
|
||||||
|
WGZxd2dSZGhOVnBLSUNwaEZlMEFydzQKVG18nJUQgS0w69l+x2XD6BA9IEYra4E7
|
||||||
|
Wr7GURRrSnS19eqpJR3NTcVBhRO4wUxaj8Xq+nJ54Duik13X1XXdkw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1m83ups8xn2jy4ayr8gw0pyn34smr0huqc5v76e4887az4vsl4yzsj0dlhd
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0NDdTNHlnSkZaT2s2TTVs
|
||||||
|
MnlSSXJFMUdtQ256LzIyZVJ6eFluejMyYmlNCnp5UzFjelN5bXlqRCttMTNiLzg2
|
||||||
|
Z0xzWGZmK2U2Y0xzMlF6QnUzWmRidWcKLS0tIFB4YmJ0bDYzS2llN1RFT1Y5RE40
|
||||||
|
KzhXQ1NtbVBWbGxGZjVMRUsvVnI1aTAKxdac0X3IX2HcKtuGHfqJn0MXhxU8bdGw
|
||||||
|
D1RbcNR1R+uTwZ1IYLG8l6YHXSYV0U6wtv9BuFA7k6ayTA/PmziI6g==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age18kj3xhlvgjeg2awwku3r8d95w360uysu0w5ejghnp4kh8qmtge5qwa2vjp
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5U0FjbjFrOVd0Rkp1TDJJ
|
||||||
|
RTgrb0Q4cENjcEljTEJZOEI3NHZWVVI3S1dJCjVnS0JpL0dFbmdSN3Bnc3J1cXd5
|
||||||
|
TE1uai92QVEwZFZKU0VUUEwyK3dyNG8KLS0tIEhZTG1kOWgzU2lCbkcxUTc2NHZH
|
||||||
|
VjdjaEsyT1B6RjdsZWpVK3BJaU1EMlEKvOxJ5TyUYfpvCwpGNQpL+munayzBye2+
|
||||||
|
aWKwNfbJS/0gZy+YpdDRwSliiOMh+DKa0rUHCDt/t79+Bhq/1FEpjA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1lp6rrlvmytp9ka6q89m0e0am26222kwrn7aqd45hu07s3a6jv3gqty86eu
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDL2pSS2JQeDVDa2EvMFhx
|
||||||
|
OEFOT0RvUXdpT2ZYcHFNcmVxYzM1TS9lWkJvCmMvRE1ueUp0akxhVWxtY1dLTmRC
|
||||||
|
M1U0ajdjT3ppZS81Y1llQll1UGg1emMKLS0tIFFMTEhHRmZrS1hVTjByS3ZmYjJJ
|
||||||
|
Y2VtanY0RU51N2FFRlM1cVhQWktuSFkKRHc3kH4vvDFgFETVDSWZLES5lfWRcwVW
|
||||||
|
eQs/glxlPh6yUhCutuEvrIy/fGwNbVaJsuud8jqFMemggt7x981DWg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1e4sd6jjd4uxxsh9xmhdsnu6mqd5h8c4zz4gwme7lkw9ee949fc9q4px9df
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBreXVOaSsvQlBsTXB2dlUy
|
||||||
|
VlNNMHhNTVFEamJBMTI0dDl4ZlBDSVNlZVg4CjhCNTlIMmdxUjJ0cHJuYUJUT0dV
|
||||||
|
UWFLNnZwTzVrbitFZTRXVjREYWVlSjQKLS0tIGMvZ25UNkttRTU1dmE1NThBVUR1
|
||||||
|
eWdMcy9rejNncEQ0T282QXpsUU1RWHcKJ5b/n751BlLzhsJNxRjAhMuCOD8ed630
|
||||||
|
urmj6eX8piCSGOgChviahqEpyrlhrs0WJJxlJyiYWjQ4e0HRgHZaMg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age19jm7uuam7gkacm3kh2v7uqgkvmmx0slmm9zwdjhd2ln9r60xzd7qh78c5a
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXZDMwKzlLUnVJdW8zbU1L
|
||||||
|
ZDBBMm1zV0tWSWxZSU51NU8yS3JNaDk0T1hrCnpFcy8rVUViODNHT0pJR210WUhR
|
||||||
|
aXp5ZlNENzEyRjI0TXducXpKN1ZsK1EKLS0tIC9HZW9OTnd4WjYxeXNuNDVQeTZx
|
||||||
|
LytvMjhzTk9NUVFUckJ1MVJhK2MyeWsKJALG7c/heYITQb/EBTAAQCCr4YovGqsH
|
||||||
|
Y6FhDlwUsPn8SHmHwsi0haAoc7tlMKN6Mtv4MyJ6rSbCBo+c6H0n5A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1nwnqxjuaxlt5g7fe8rnspvn2c36uuef4hzwuwa6cfjfalz2lrd4q4n5fpl
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlRU56YlJCcHdxQUZ5enJE
|
||||||
|
VGd5cnlKUFpvdGMwVXRDd1B5VmUvVlFUeno4CmF5RVRiSUVTQVJYS2lDdnpFbGgy
|
||||||
|
OTgzMkVHSWdsTWl6MWtxck5nTU41V1EKLS0tIFpZencxelRCd3R5c2dFSGNRV29l
|
||||||
|
aU5kS1BnYjNXSC92bFdvV21kRER6TmMK6uKyU0iINdkRXwGfxxFjg+DzowkAFVFa
|
||||||
|
vsZAbx1Q7V6prwldJwQz516CfvByqLi8s3GYDU7/s99TjK/V+MPqSw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1a8z3p24v32l9yxm5z2l8h7rpc3nhacyfv4jvetk2lenrvsdstd3sdu2kaf
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHNnBWSklCT3RFSExsSDRO
|
||||||
|
V2hPNmtiUGl5bjdaVU13dVFKVW5wL1hGOTBrClBKcG1YS0x5aGFyNGt5dkhPSDVC
|
||||||
|
VWNDRFd5VHNjTHVWOEZSNEIwdFNNSUUKLS0tIE9abWUwZDdDUmIybnJ2aVJKbEcw
|
||||||
|
c3dRV3NmMTFFbUlRUjF4dWZscEV0b3cKgXYOPwLnUyIBOkB2hIlnM42e3TQXXSIf
|
||||||
|
GpaLKqOVw1fMSC0u7l/sTz7c2tAWVAfSXyOFcyUGpV7VAIKPjXj4og==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2025-01-03T20:11:27Z"
|
||||||
|
mac: ENC[AES256_GCM,data:UFU5bQg2/OuCTkqV5efbGh8VPKqJWmyld0r01j97M7+CQGwyWoXlDmaMR+27xSjSDQPxwAhb+ejQue5585VNcztdBoaH0F8wOWgkdlzxiHMvQRC5TXjao4anxNRnedf07+YHQZ74udUa9Qf8UXZqIwb6HNCDmebrNi38GOWfoS0=,iv:YQ8gGj5LgMvaZqwTD3Vtj3tSjaAlmTaCFKaWkgM5WDA=,tag:K2tbaECleS8Rn0uIfL7x9w==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.2
|
||||||
Loading…
Reference in a new issue