panacea/modules/datasync.nix

{ config, lib, pkgs, ... }:

{
  # ZFS automatic snapshots
  services.zfs.autoSnapshot = {
    enable = true;
    frequent = 4;
    hourly = 24;
    daily = 7;
    weekly = 4;
    monthly = 12;
  };

  # Syncthing configuration
  services.syncthing = {
    enable = true;
    user = "coolneng";
    dataDir = "/home/coolneng";
    key = config.age.secrets.syncthing.path;
    settings = {
      devices.zion = {
        id = "FLI2RS7-GNI5PDM-SQRNF7P-YJIOXJ7-46FRPEI-NRLQGBC-HXRWG7O-RKOVLAF";
        addresses = [ "tcp://192.168.13.2:22000" ];
      };
      folders = {
        Documents = {
          id = "wusdj-bfjkr";
          path = "/home/coolneng/Documents";
          devices = [ "zion" ];
          versioning = {
            type = "simple";
            params.keep = "5";
          };
        };

        Notes = {
          id = "kafhz-bfmzm";
          path = "/home/coolneng/Notes";
          devices = [ "zion" ];
          versioning = {
            type = "simple";
            params.keep = "5";
          };
        };

        Music = {
          id = "2aqt7-vpprc";
          path = "/home/coolneng/Music";
          devices = [ "zion" ];
        };

        Photos = {
          id = "mjibc-ustcg";
          path = "/home/coolneng/Photos";
          devices = [ "zion" ];
        };

        Projects = {
          id = "cjhmu-avy9v";
          path = "/home/coolneng/Projects";
          devices = [ "zion" ];
        };

        Phone = {
          id = "m2007j20cg_vc7r-photos";
          type = "receiveonly";
          path = "/home/coolneng/Photos/Phone";
          devices = [ "zion" ];
        };

        Phone-screenshots = {
          id = "pp70r-pbr70";
          type = "receiveonly";
          path = "/home/coolneng/Photos/Phone-screenshots";
          devices = [ "zion" ];
        };

        Files = {
          id = "tsk52-u6rbk";
          path = "/home/coolneng/Files";
          devices = [ "zion" ];
        };
        Audio = {
          id = "tarrs-5mxck";
          path = "/home/coolneng/Audio";
          devices = [ "zion" ];
        };
      };
    };
  };

  # Automount external storage
  systemd.mounts = [
    # UGent Samba
    {
      what = "//files.ugent.be/akasroua/home";
      type = "cifs";
      where = "/ugent";
      options =
        "credentials=${config.age.secrets.samba-ugent.path},noperm,vers=3.11,sec=ntlmv2i,noserverino";
      mountConfig = { TimeoutSec = "5"; };
    }
  ];
  systemd.automounts = [
    # UGent Samba
    {
      where = "/ugent";
      automountConfig = { TimeoutIdleSec = "5"; };
      wantedBy = [ "default.target" ];
    }
  ];

  # HACK Workaround to change the configuration of keyutils in order to get CIFS working
  environment.etc."request-key.conf" = {
    text = let
      upcall = "${pkgs.cifs-utils}/bin/cifs.upcall";
      keyctl = "${pkgs.keyutils}/bin/keyctl";
    in ''
      #OP     TYPE          DESCRIPTION  CALLOUT_INFO  PROGRAM
      # -t is required for DFS share servers...
      create  cifs.spnego   *            *             ${upcall} -t %k
      create  dns_resolver  *            *             ${upcall} %k
      # Everything below this point is essentially the default configuration,
      # modified minimally to work under NixOS. Notably, it provides debug
      # logging.
      create  user          debug:*      negate        ${keyctl} negate %k 30 %S
      create  user          debug:*      rejected      ${keyctl} reject %k 30 %c %S
      create  user          debug:*      expired       ${keyctl} reject %k 30 %c %S
      create  user          debug:*      revoked       ${keyctl} reject %k 30 %c %S
      create  user          debug:loop:* *             |${pkgs.coreutils}/bin/cat
      create  user          debug:*      *             ${pkgs.keyutils}/share/keyutils/request-key-debug.sh %k %d %c %S
      negate  *             *            *             ${keyctl} negate %k 30 %S
    '';
  };

}