diff options
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/storage-media.nix | 99 |
1 files changed, 0 insertions, 99 deletions
diff --git a/profiles/storage-media.nix b/profiles/storage-media.nix deleted file mode 100644 index 9acb007..0000000 --- a/profiles/storage-media.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ pkgs, config, ... }: -let - syncJobs = [ - { - name = "movies"; - source = "/data/media/movies/"; - destination = "/volume1/media/movies/"; - } - { - name = "videos"; - source = "/data/media/videos/"; - destination = "/volume1/media/videos/"; - } - ]; - remoteHost = "192.168.1.68"; - remoteUser = "nas"; -in -{ - environment.systemPackages = with pkgs; [ - ffmpeg - imagemagick - makemkv - mkvtoolnix-cli - ]; - - services.samba = { - enable = true; - openFirewall = true; - settings = { - global = { - security = "user"; - workgroup = "WORKGROUP"; - "server string" = config.networking.hostName; - "netbios name" = config.networking.hostName; - "hosts allow" = "192.168.1.0/24 10.100.0.0/24 localhost"; - "guest account" = "nobody"; - "map to guest" = "bad user"; - "use sendfile" = true; - "load printers" = false; - "vfs objects" = "fruit streams_xattr"; - "fruit:metadata" = "stream"; - "mangled names" = false; - }; - media = { - path = "/data/media"; - browseable = "yes"; - "read only" = "yes"; - "guest ok" = "yes"; - }; - }; - }; - - services.avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; - }; - - systemd.timers = pkgs.lib.listToAttrs ( - map (job: { - name = "rsync-backup-${job.name}"; - value = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = "daily"; - Persistent = true; - RandomizedDelaySec = "1h"; - }; - }; - }) syncJobs - ); - - systemd.services = pkgs.lib.listToAttrs ( - map (job: { - name = "rsync-backup-${job.name}"; - value = { - description = "Rsync backup for ${job.name}"; - - serviceConfig = { - Type = "oneshot"; - DynamicUser = true; - LoadCredential = "ssh-key:${config.age.secrets.rsync-ssh-key.path}"; - PrivateTmp = true; - NoNewPrivileges = true; - ProtectSystem = "strict"; - ProtectHome = true; - - ExecStart = pkgs.writeShellScript "rsync-backup-${job.name}" '' - ${pkgs.rsync}/bin/rsync \ - -avz \ - -e "${pkgs.openssh}/bin/ssh -i ''${CREDENTIALS_DIRECTORY}/ssh-key -o StrictHostKeyChecking=accept-new" \ - ${job.source} \ - ${remoteUser}@${remoteHost}:${job.destination} - ''; - }; - }; - }) syncJobs - ); -} |