feat(kyuuto): data share

2026-02-09 04:19:19 -08:00 · 2024-10-28 09:51:15 -07:00 · 2024-10-28 09:51:15 -07:00 · ce2ccebcc4
commit ce2ccebcc4
parent ab0d81cb5d
3 changed files with 67 additions and 36 deletions
--- a/modules/extern/nixos/kyuuto.nix
+++ b/modules/extern/nixos/kyuuto.nix
@ -29,33 +29,24 @@
      (mkIf config.smb.enable config.smb.fstabOptions)
      (mkIf config.automount.enable config.automount.fstabOptions)
    ];
+    mountOptions = subpath: {
+      enable =
+        mkEnableOption "/mnt/${subpath}"
+        // {
+          default = true;
+        };
+      krb5.enable =
+        mkEnableOption "krb5"
+        // {
+          default = enabled.krb5;
+        };
+    };
  in {
    options = with lib.types; {
      enable = mkEnableOption "kyuuto";
-      media = {
-        enable =
-          mkEnableOption "/mnt/kyuuto-media"
-          // {
-            default = true;
-          };
-        krb5.enable =
-          mkEnableOption "krb5"
-          // {
-            default = enabled.krb5;
-          };
-      };
-      transfer = {
-        enable =
-          mkEnableOption "/mnt/kyuuto-transfer"
-          // {
-            default = true;
-          };
-        krb5.enable =
-          mkEnableOption "krb5"
-          // {
-            default = enabled.krb5;
-          };
-      };
+      media = mountOptions "kyuuto-media";
+      data = mountOptions "kyuuto-data";
+      transfer = mountOptions "kyuuto-transfer";
      shared.enable = mkEnableOption "/mnt/kyuuto-shared";
      domain = mkOption {
        type = str;
@ -127,17 +118,15 @@
        "x-systemd.mount-timeout=2m"
        "x-systemd.idle-timeout=10m"
      ];
-      setFilesystems = {
-        "/mnt/kyuuto-media" = mkIf config.media.enable {
+      setFilesystems = let
+        mkKyuutoFs = {
+          cfg,
+          nfsSubpath,
+          smbSubpath,
+        }: mkIf cfg.enable {
          device = mkMerge [
-            (mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/kyuuto/media")
-            (mkIf config.smb.enable (
-              if config.smb.user != null && access.local.enable
-              then ''\\smb.${config.domain}\kyuuto-media''
-              else if config.smb.user != null
-              then ''\\smb.${config.domain}\kyuuto-media-global''
-              else ''\\smb.${config.domain}\kyuuto-library-access''
-            ))
+            (mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/${nfsSubpath}")
+            (mkIf config.smb.enable ''\\smb.${config.domain}\${smbSubpath}'')
          ];
          fsType = mkMerge [
            (mkIf config.nfs.enable "nfs4")
@ -145,12 +134,27 @@
          ];
          options = mkMerge (setFilesystemOptions
            ++ [
-              (mkIf config.media.krb5.enable [
+              (mkIf cfg.krb5.enable [
                "sec=krb5"
                (mkIf config.nfs.enable "nfsvers=4")
              ])
            ]);
        };
+      in {
+        "/mnt/kyuuto-media" = mkKyuutoFs {
+          cfg = config.media;
+          nfsSubpath = "kyuuto/media";
+          smbSubpath = if config.smb.user != null && access.local.enable
+            then "kyuuto-media"
+            else if config.smb.user != null
+            then "kyuuto-library-net"
+            else "kyuuto-library";
+        };
+        "/mnt/kyuuto-data" = mkKyuutoFs {
+          cfg = config.data;
+          nfsSubpath = "kyuuto/data";
+          smbSubpath = "kyuuto-data";
+        };
        "/mnt/kyuuto-transfer" = mkIf config.transfer.enable {
          device = mkMerge [
            (mkIf config.nfs.enable "nfs.${config.domain}:/srv/fs/kyuuto/transfer")
@ -162,7 +166,7 @@
          ];
          options = mkMerge (setFilesystemOptions
            ++ [
-              (mkIf config.media.krb5.enable [
+              (mkIf config.transfer.krb5.enable [
                (
                  if access.local.enable || access.tail.enabled
                  then "sec=sys:krb5"
@ -199,6 +203,7 @@
        };
      in {
        "${escapeSystemdPath "/mnt/kyuuto-media"}.mount" = mkIf config.media.enable netMountConfig;
+        "${escapeSystemdPath "/mnt/kyuuto-data"}.mount" = mkIf config.data.enable netMountConfig;
        "${escapeSystemdPath "/mnt/kyuuto-transfer"}.mount" = mkIf config.transfer.enable netMountConfig;
        "${escapeSystemdPath "/mnt/kyuuto-shared"}.mount" = mkIf (config.shared.enable && config.smb.enable) netMountConfig;
      };
--- a/nixos/kyuuto/nfs.nix
+++ b/nixos/kyuuto/nfs.nix
@ -13,6 +13,7 @@
    __toString = _: config.services.nfs.export.root.path;
    transfer = "${nfsRoot}/kyuuto/transfer";
    media = "${nfsRoot}/kyuuto/media";
+    data = "${nfsRoot}/kyuuto/data";
  };
 in {
  services.nfs = {
@ -27,6 +28,15 @@ in {
            };
          };
        };
+        ${nfsRoot.data} = {
+          flags = flagSets.common ++ ["fsid=130"] ++ flagSets.secip ++ ["rw"] ++ flagSets.anon_ro;
+          clients = {
+            local = {
+              machine = flagSets.allClients;
+              flags = flagSets.seclocal ++ ["rw" "no_all_squash"];
+            };
+          };
+        };
        ${nfsRoot.transfer} = {
          flags = flagSets.common ++ ["fsid=129"] ++ ["rw" "async"];
          clients = {
@ -54,6 +64,11 @@ in {
        what = kyuuto.mountDir;
        where = nfsRoot.media;
      }
+      {
+        inherit type options wantedBy before;
+        what = kyuuto.dataDir;
+        where = nfsRoot.data;
+      }
      {
        inherit type options wantedBy before;
        what = kyuuto.transferDir;
--- a/nixos/kyuuto/samba.nix
+++ b/nixos/kyuuto/samba.nix
@ -81,6 +81,17 @@ in {
          "valid users" = ["@kyuuto-peeps"];
        }
      ];
+      kyuuto-data = mkMerge [
+        kyuuto-media
+        {
+          path = kyuuto.dataDir;
+          comment = "Kyuuto Data";
+          writeable = true;
+          public = false;
+          browseable = false;
+          "valid users" = ["@kyuuto-peeps"];
+        }
+      ];
      shared = {
        path = kyuuto.shareDir;
        comment = "Shared Data";