gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(kyuuto): data share

Browse source
This commit is contained in:
arcnmx 2024-10-28 09:51:15 -07:00
parent ab0d81cb5d
commit ce2ccebcc4
3 changed files with 67 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

77
modules/extern/nixos/kyuuto.nix vendored
View file

@ -29,33 +29,24 @@
(mkIf config.smb.enable config.smb.fstabOptions) (mkIf config.smb.enable config.smb.fstabOptions)
(mkIf config.automount.enable config.automount.fstabOptions) (mkIf config.automount.enable config.automount.fstabOptions)
]; ];
mountOptions = subpath: {
enable =
mkEnableOption "/mnt/${subpath}"
// {
default = true;
};
krb5.enable =
mkEnableOption "krb5"
// {
default = enabled.krb5;
};
};
in { in {
options = with lib.types; { options = with lib.types; {
enable = mkEnableOption "kyuuto"; enable = mkEnableOption "kyuuto";
media = { media = mountOptions "kyuuto-media";
enable = data = mountOptions "kyuuto-data";
mkEnableOption "/mnt/kyuuto-media" transfer = mountOptions "kyuuto-transfer";
// {
default = true;
};
krb5.enable =
mkEnableOption "krb5"
// {
default = enabled.krb5;
};
};
transfer = {
enable =
mkEnableOption "/mnt/kyuuto-transfer"
// {
default = true;
};
krb5.enable =
mkEnableOption "krb5"
// {
default = enabled.krb5;
};
};
shared.enable = mkEnableOption "/mnt/kyuuto-shared"; shared.enable = mkEnableOption "/mnt/kyuuto-shared";
domain = mkOption { domain = mkOption {
type = str; type = str;
@ -127,17 +118,15 @@
"x-systemd.mount-timeout=2m" "x-systemd.mount-timeout=2m"
"x-systemd.idle-timeout=10m" "x-systemd.idle-timeout=10m"
]; ];
setFilesystems = { setFilesystems = let
"/mnt/kyuuto-media" = mkIf config.media.enable { mkKyuutoFs = {
cfg,
nfsSubpath,
smbSubpath,
}: mkIf cfg.enable {
device = mkMerge [ device = mkMerge [
(mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/kyuuto/media") (mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/${nfsSubpath}")
(mkIf config.smb.enable ( (mkIf config.smb.enable ''\\smb.${config.domain}\${smbSubpath}'')
if config.smb.user != null && access.local.enable
then ''\\smb.${config.domain}\kyuuto-media''
else if config.smb.user != null
then ''\\smb.${config.domain}\kyuuto-media-global''
else ''\\smb.${config.domain}\kyuuto-library-access''
))
]; ];
fsType = mkMerge [ fsType = mkMerge [
(mkIf config.nfs.enable "nfs4") (mkIf config.nfs.enable "nfs4")
@ -145,12 +134,27 @@
]; ];
options = mkMerge (setFilesystemOptions options = mkMerge (setFilesystemOptions
++ [ ++ [
(mkIf config.media.krb5.enable [ (mkIf cfg.krb5.enable [
"sec=krb5" "sec=krb5"
(mkIf config.nfs.enable "nfsvers=4") (mkIf config.nfs.enable "nfsvers=4")
]) ])
]); ]);
}; };
in {
"/mnt/kyuuto-media" = mkKyuutoFs {
cfg = config.media;
nfsSubpath = "kyuuto/media";
smbSubpath = if config.smb.user != null && access.local.enable
then "kyuuto-media"
else if config.smb.user != null
then "kyuuto-library-net"
else "kyuuto-library";
};
"/mnt/kyuuto-data" = mkKyuutoFs {
cfg = config.data;
nfsSubpath = "kyuuto/data";
smbSubpath = "kyuuto-data";
};
"/mnt/kyuuto-transfer" = mkIf config.transfer.enable { "/mnt/kyuuto-transfer" = mkIf config.transfer.enable {
device = mkMerge [ device = mkMerge [
(mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/kyuuto/transfer") (mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/kyuuto/transfer")
@ -162,7 +166,7 @@
]; ];
options = mkMerge (setFilesystemOptions options = mkMerge (setFilesystemOptions
++ [ ++ [
(mkIf config.media.krb5.enable [ (mkIf config.transfer.krb5.enable [
( (
if access.local.enable || access.tail.enabled if access.local.enable || access.tail.enabled
then "sec=sys:krb5" then "sec=sys:krb5"
@ -199,6 +203,7 @@
}; };
in { in {
"${escapeSystemdPath "/mnt/kyuuto-media"}.mount" = mkIf config.media.enable netMountConfig; "${escapeSystemdPath "/mnt/kyuuto-media"}.mount" = mkIf config.media.enable netMountConfig;
"${escapeSystemdPath "/mnt/kyuuto-data"}.mount" = mkIf config.data.enable netMountConfig;
"${escapeSystemdPath "/mnt/kyuuto-transfer"}.mount" = mkIf config.transfer.enable netMountConfig; "${escapeSystemdPath "/mnt/kyuuto-transfer"}.mount" = mkIf config.transfer.enable netMountConfig;
"${escapeSystemdPath "/mnt/kyuuto-shared"}.mount" = mkIf (config.shared.enable && config.smb.enable) netMountConfig; "${escapeSystemdPath "/mnt/kyuuto-shared"}.mount" = mkIf (config.shared.enable && config.smb.enable) netMountConfig;
}; };

15
nixos/kyuuto/nfs.nix
View file

@ -13,6 +13,7 @@
__toString = _: config.services.nfs.export.root.path; __toString = _: config.services.nfs.export.root.path;
transfer = "${nfsRoot}/kyuuto/transfer"; transfer = "${nfsRoot}/kyuuto/transfer";
media = "${nfsRoot}/kyuuto/media"; media = "${nfsRoot}/kyuuto/media";
data = "${nfsRoot}/kyuuto/data";
}; };
in { in {
services.nfs = { services.nfs = {
@ -27,6 +28,15 @@ in {
}; };
}; };
}; };
${nfsRoot.data} = {
flags = flagSets.common ++ ["fsid=130"] ++ flagSets.secip ++ ["rw"] ++ flagSets.anon_ro;
clients = {
local = {
machine = flagSets.allClients;
flags = flagSets.seclocal ++ ["rw" "no_all_squash"];
};
};
};
${nfsRoot.transfer} = { ${nfsRoot.transfer} = {
flags = flagSets.common ++ ["fsid=129"] ++ ["rw" "async"]; flags = flagSets.common ++ ["fsid=129"] ++ ["rw" "async"];
clients = { clients = {
@ -54,6 +64,11 @@ in {
what = kyuuto.mountDir; what = kyuuto.mountDir;
where = nfsRoot.media; where = nfsRoot.media;
} }
{
inherit type options wantedBy before;
what = kyuuto.dataDir;
where = nfsRoot.data;
}
{ {
inherit type options wantedBy before; inherit type options wantedBy before;
what = kyuuto.transferDir; what = kyuuto.transferDir;

11
nixos/kyuuto/samba.nix
View file

@ -81,6 +81,17 @@ in {
"valid users" = ["@kyuuto-peeps"]; "valid users" = ["@kyuuto-peeps"];
} }
]; ];
kyuuto-data = mkMerge [
kyuuto-media
{
path = kyuuto.dataDir;
comment = "Kyuuto Data";
writeable = true;
public = false;
browseable = false;
"valid users" = ["@kyuuto-peeps"];
}
];
shared = { shared = {
path = kyuuto.shareDir; path = kyuuto.shareDir;
comment = "Shared Data"; comment = "Shared Data";