diff --git a/luci/default.nix b/luci/default.nix index a474c6a..2a994f7 100644 --- a/luci/default.nix +++ b/luci/default.nix @@ -20,6 +20,8 @@ nfsEnable = true; nfsRoot = "/nfs_export"; nfsExports = [ "/kage" ]; + nfsIpExport = "192.168.1.1/24"; + syncthingEnable = true; }; # deskCfg = { diff --git a/luci/nixos/hardware-configuration.nix b/luci/nixos/hardware-configuration.nix index 98b9505..4397c0f 100644 --- a/luci/nixos/hardware-configuration.nix +++ b/luci/nixos/hardware-configuration.nix @@ -28,22 +28,11 @@ fsType = "vfat"; }; - # fileSystems."/zdata" = - # { device = "zdata"; - # fsType = "zfs"; - # }; - fileSystems."/nfs_export/kage" = { device = "zdata/kage"; fsType = "zfs"; }; - # Bind mount for nfs export - # fileSystems."/nfs_export/kage" = { - # device = "zdata/kage"; - # options = [ "bind" ]; - # }; - # change ownership of kage to be open systemd.tmpfiles.rules = [ "d /nfs_export/kage 0777 nobody nogroup - -" diff --git a/shared/server-configuration.nix b/shared/server-configuration.nix index c0ee9ce..8450b97 100644 --- a/shared/server-configuration.nix +++ b/shared/server-configuration.nix @@ -35,6 +35,14 @@ in default = []; description = "List of file paths provided as strings to the nfs exports"; }; + nfsIpExport = lib.mkOption { + type = lib.types.str; + description = "Where to export the shares to i.e. 192.168.0.0/24 (export to local network)"; + }; + syncthingEnable = lib.mkOption { + default = false; + description = "Whether to enable syncThing host on this machine"; + }; }; imports = [ @@ -78,16 +86,48 @@ in enable = true; }; + # nfs options breakdown: link for export options https://linux.die.net/man/5/exports + # rw - default read write + # sync - wait until requests are saved to disk to respond to clients, safer but slower + # no_subtree_check - services.nfs.server = lib.mkIf srvConfig.nfsEnable { enable = true; exports = '' - ${srvConfig.nfsRoot} 192.168.1.1/24(rw,fsid=root,no_subtree_check) - ${lib.concatMapStringsSep "\n" (n: "${srvConfig.nfsRoot}${n} 192.168.1.1/24(rw,no_subtree_check,nohide)") srvConfig.nfsExports} + ${srvConfig.nfsRoot} ${srvConfig.nfsIpExport}(rw,fsid=root,no_subtree_check) + ${lib.concatMapStringsSep "\n" (n: "${srvConfig.nfsRoot}${n} ${srvConfig.nfsIpExport}(rw,sync,no_subtree_check,no_root_squash)") srvConfig.nfsExports} ''; }; - + # nfs port TODO make dependant on option enabled networking.firewall.allowedTCPPorts = [ 2049 ]; + + services.syncthing = lib.mkIf srvConfig.syncthingEnable { + enable = true; + user = "myusername"; + dataDir = "${srvConfig.nfsRoot}/kage/syncthing"; + configDir = "${srvConfig.nfsRoot}/kage/.config/syncthing"; + overrideDevices = true; # overrides any devices added or deleted through the WebUI + overrideFolders = true; # overrides any folders added or deleted through the WebUI + openDefaultPorts = true; + settings = { + devices = { + "supernote" = { id = "DEVICE-ID-GOES-HERE"; }; + "pixel" = { id = "DEVICE-ID-GOES-HERE2"; }; + "winmax" = { id = "id3"; }; + "nix-box" = { id = "id4"; }; + }; + folders = { + "supernote" = { # Name of folder in Syncthing, also the folder ID + path = "${srvConfig.nfsRoot}/kage/syncthing/supernote"; # Which folder to add to Syncthing + devices = [ "supernote" "pixel" ]; # Which devices to share the folder with + }; + "web" = { # Name of folder in Syncthing, also the folder ID + path = "${srvConfig.nfsRoot}/kage/syncthing/web"; # Which folder to add to Syncthing + devices = [ "supernote" "pixel" "winmax" "nix-box" ]; # Which devices to share the folder with + }; + }; + }; + }; # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];