diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-07-25 07:29:21 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-07-25 08:47:10 -0700 |
| commit | 598f9b7b2bd3ace4561a3d6ff4b5d14b1e6eced4 (patch) | |
| tree | 0da1dbb3359d43003780d15f9f23ae5278235a7d /modules/nas-client.nix | |
| parent | enable cloudflared on the vm (diff) | |
| download | infra-598f9b7b2bd3ace4561a3d6ff4b5d14b1e6eced4.tar.gz | |
add a module for mounting CIFS volumes
The new module is for NAS clients, where we specify the server and the
paths to mount locally.
We add a new secret to have the username of the `nas' user.
We mount the backups volume from the NAS under `/data/backups` on the
VM.
Diffstat (limited to '')
| -rw-r--r-- | modules/nas-client.nix | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/modules/nas-client.nix b/modules/nas-client.nix new file mode 100644 index 0000000..fe0952e --- /dev/null +++ b/modules/nas-client.nix @@ -0,0 +1,84 @@ +{ + config, + lib, + pkgs, + ... +}: + +let + cfg = config.my.modules.nas-client; +in +{ + options.my.modules.nas-client = with lib; { + enable = mkEnableOption "NAS client"; + + volumes = mkOption { + type = types.attrsOf ( + types.submodule { + options = { + server = mkOption { + type = types.str; + example = "nas"; + description = "Hostname of the server to connect to."; + }; + remotePath = mkOption { + type = types.str; + example = "data"; + description = "Remote path on the NAS to mount."; + }; + mountPoint = mkOption { + type = types.str; + description = "Local directory where the volume will be mounted."; + }; + uid = mkOption { + type = types.int; + default = 1000; + description = "User ID for mounted files."; + }; + gid = mkOption { + type = types.int; + default = 1000; + description = "Group ID for mounted files."; + }; + options = mkOption { + type = types.str; + default = "rw"; + description = "Additional mount options."; + }; + }; + } + ); + default = { }; + description = "NAS volumes to mount."; + }; + }; + + config = lib.mkIf cfg.enable { + boot.kernelModules = [ + "cifs" + "cmac" + "sha256" + ]; + + # this is required to get the credentials options to work + environment.systemPackages = [ pkgs.cifs-utils ]; + + systemd.mounts = lib.mapAttrsToList (name: volume: { + description = "Mount for NAS volume ${name}"; + what = "//${volume.server}/${volume.remotePath}"; + where = volume.mountPoint; + unitConfig = { + # This ensures it uses mount.cifs + Type = "cifs"; + }; + type = "cifs"; # Explicitly specify CIFS type otherwise we ran into issues when using the credentials file option + options = "credentials=${config.age.secrets.nas_client_credentials.path},uid=${toString volume.uid},gid=${toString volume.gid},${volume.options}"; + }) cfg.volumes; + + systemd.automounts = lib.mapAttrsToList (name: volume: { + description = "Automount for NAS volume ${name}"; + where = volume.mountPoint; + wantedBy = [ "multi-user.target" ]; + }) cfg.volumes; + }; +} |