diff --git a/data.nix b/data.nix index 491e4af..b1a7c74 100644 --- a/data.nix +++ b/data.nix @@ -12,6 +12,8 @@ rec { node_exporter = 503; borgstor = 504; + + jakstpub = 505; }; ports = { diff --git a/hosts/vno1-rp3b/configuration.nix b/hosts/vno1-rp3b/configuration.nix index f1c0a0b..9bc49ed 100644 --- a/hosts/vno1-rp3b/configuration.nix +++ b/hosts/vno1-rp3b/configuration.nix @@ -80,6 +80,13 @@ publicKey = myData.hosts."vno1-oh2.servers.jakst".publicKey; }; }; + + jakstpub = { + enable = true; + dataDir = "/data/shared"; + requires = ["data-shared.mount"]; + uidgid = myData.uidgid.jakstpub; + }; }; }; @@ -87,25 +94,6 @@ services.journald.extraConfig = "Storage=volatile"; - #services.samba = { - # enable = true; - # securityType = "user"; - # enableNmbd = true; - # enableWinbindd = false; - # extraConfig = '' - # map to guest = Bad User - # guest account = jakstpub - # passwd backend = tbdsam - # ''; - # shares = { - # public = { - # path = "/data/shared"; - # writable = "yes"; - # printable = "no"; - # }; - # }; - #}; - environment.etc = { "datapool-passphrase.txt".source = config.age.secrets.datapool-passphrase.path; }; diff --git a/modules/base/zfsborg/default.nix b/modules/base/zfsborg/default.nix index eaf4780..f34c69a 100644 --- a/modules/base/zfsborg/default.nix +++ b/modules/base/zfsborg/default.nix @@ -92,13 +92,15 @@ in { weekly = 4; monthly = 3; }; - environment = { - BORG_HOST_ID = let - h = config.networking; - in "${h.hostName}.${h.domain}@${h.hostId}"; - } // lib.optionalAttrs (sshKeyPath != null) { - BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"''; - }; + environment = + { + BORG_HOST_ID = let + h = config.networking; + in "${h.hostName}.${h.domain}@${h.hostId}"; + } + // lib.optionalAttrs (sshKeyPath != null) { + BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"''; + }; } // lib.optionalAttrs (attrs ? patterns) { patterns = attrs.patterns; diff --git a/modules/services/default.nix b/modules/services/default.nix index 6d96ff6..cacb3a3 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -10,6 +10,7 @@ ./friendlyport ./gitea ./headscale + ./jakstpub ./matrix-synapse ./node_exporter ./nsd-acme diff --git a/modules/services/jakstpub/default.nix b/modules/services/jakstpub/default.nix new file mode 100644 index 0000000..9a58894 --- /dev/null +++ b/modules/services/jakstpub/default.nix @@ -0,0 +1,55 @@ +{ + config, + lib, + pkgs, + ... +}: { + options.mj.services.jakstpub = with lib.types; { + enable = lib.mkEnableOption "Enable jakstpub"; + dataDir = lib.mkOption {type = path;}; + # RequiresMountsFor is used by upstream, hacking with the unit + requires = lib.mkOption {type = listOf str;}; + uidgid = lib.mkOption {type = int;}; + }; + + config = with config.mj.services.jakstpub; + lib.mkIf enable { + services.samba = { + enable = true; + securityType = "user"; + enableNmbd = true; + enableWinbindd = false; + extraConfig = '' + map to guest = Bad User + guest account = jakstpub + ''; + shares = { + public = { + path = dataDir; + writable = "yes"; + printable = "no"; + public = "yes"; + }; + }; + }; + + users.users.jakstpub = { + description = "Jakstys Public"; + home = dataDir; + useDefaultShell = true; + group = "jakstpub"; + isSystemUser = true; + createHome = false; + uid = uidgid; + }; + + users.groups.jakstpub.gid = uidgid; + + systemd.services.samba-smbd = { + unitConfig.Requires = requires; + }; + + # WIP ports + #friendlyport.vpn.ports = [ 13 + }; +}