panacea/modules/datasync.nix

137 lines
3.8 KiB
Nix

{ config, lib, pkgs, ... }:
{
# ZFS automatic snapshots
services.zfs.autoSnapshot = {
enable = true;
frequent = 4;
hourly = 24;
daily = 7;
weekly = 4;
monthly = 12;
};
# Syncthing configuration
services.syncthing = {
enable = true;
user = "coolneng";
dataDir = "/home/coolneng";
key = config.age.secrets.syncthing.path;
settings = {
devices.zion = {
id = "FLI2RS7-GNI5PDM-SQRNF7P-YJIOXJ7-46FRPEI-NRLQGBC-HXRWG7O-RKOVLAF";
addresses = [ "tcp://192.168.13.2:22000" ];
};
folders = {
Documents = {
id = "wusdj-bfjkr";
path = "/home/coolneng/Documents";
devices = [ "zion" ];
versioning = {
type = "simple";
params.keep = "5";
};
};
Notes = {
id = "kafhz-bfmzm";
path = "/home/coolneng/Notes";
devices = [ "zion" ];
versioning = {
type = "simple";
params.keep = "5";
};
};
Music = {
id = "2aqt7-vpprc";
path = "/home/coolneng/Music";
devices = [ "zion" ];
};
Photos = {
id = "mjibc-ustcg";
path = "/home/coolneng/Photos";
devices = [ "zion" ];
};
Projects = {
id = "cjhmu-avy9v";
path = "/home/coolneng/Projects";
devices = [ "zion" ];
};
Phone = {
id = "m2007j20cg_vc7r-photos";
type = "receiveonly";
path = "/home/coolneng/Photos/Phone";
devices = [ "zion" ];
};
Phone-screenshots = {
id = "pp70r-pbr70";
type = "receiveonly";
path = "/home/coolneng/Photos/Phone-screenshots";
devices = [ "zion" ];
};
Files = {
id = "tsk52-u6rbk";
path = "/home/coolneng/Files";
devices = [ "zion" ];
};
Audio = {
id = "tarrs-5mxck";
path = "/home/coolneng/Audio";
devices = [ "zion" ];
};
};
};
};
# Automount external storage
systemd.mounts = [
# UGent Samba
{
what = "//files.ugent.be/akasroua/home";
type = "cifs";
where = "/ugent";
options =
"credentials=${config.age.secrets.samba-ugent.path},noperm,vers=3.11,sec=ntlmv2i,noserverino";
mountConfig = { TimeoutSec = "5"; };
}
];
systemd.automounts = [
# UGent Samba
{
where = "/ugent";
automountConfig = { TimeoutIdleSec = "5"; };
wantedBy = [ "default.target" ];
}
];
# HACK Workaround to change the configuration of keyutils in order to get CIFS working
environment.etc."request-key.conf" = {
text = let
upcall = "${pkgs.cifs-utils}/bin/cifs.upcall";
keyctl = "${pkgs.keyutils}/bin/keyctl";
in ''
#OP TYPE DESCRIPTION CALLOUT_INFO PROGRAM
# -t is required for DFS share servers...
create cifs.spnego * * ${upcall} -t %k
create dns_resolver * * ${upcall} %k
# Everything below this point is essentially the default configuration,
# modified minimally to work under NixOS. Notably, it provides debug
# logging.
create user debug:* negate ${keyctl} negate %k 30 %S
create user debug:* rejected ${keyctl} reject %k 30 %c %S
create user debug:* expired ${keyctl} reject %k 30 %c %S
create user debug:* revoked ${keyctl} reject %k 30 %c %S
create user debug:loop:* * |${pkgs.coreutils}/bin/cat
create user debug:* * ${pkgs.keyutils}/share/keyutils/request-key-debug.sh %k %d %c %S
negate * * * ${keyctl} negate %k 30 %S
'';
};
}