dotfiles/nixos/systems/blowhole/filesystems.nix

101 lines
2.3 KiB
Nix
Raw Normal View History

{
pkgs,
lib,
secret,
...
}: let
inherit
(lib)
singleton
concatStringsSep
;
in {
environment.systemPackages = with pkgs; [
sshfs
];
# services.hashicorp.vault-agent = {
# settings.template = singleton {
# source = pkgs.writeText "kodi-samba.cred.vtmpl"
# ''{{ with secret "kv/data/homelab-1/blowhole/kodi_samba.cred" }}{{ .Data.data.cred }}{{ end }}'';
# destination = "/run/secrets/kodi_samba.cred";
# };
# };
fileSystems =
{
"/boot" = {
device = "/dev/disk/by-uuid/738acc32-3e2e-4986-987c-40264153d5bf";
fsType = "ext4";
};
"/" = {
device = "blowhole-zpool/local/root";
fsType = "zfs";
};
"/nix" = {
device = "blowhole-zpool/local/nix";
fsType = "zfs";
};
"/var/nfs" = {
device = "/dev/disk/by-uuid/e06f6d2c-e434-4eec-b00d-b13c1ecc96f0";
fsType = "btrfs";
options = [
"subvol=/nfs"
"noatime"
];
};
"/mnt/cctv" = {
device = "camera@${secret.network.ips.woodchip or ""}:/";
fsType = "fuse.sshfs";
noCheck = true;
options = [
"_netdev"
"noauto"
"x-systemd.automount"
"IdentityFile=/run/secrets/id_ed_camera"
"StrictHostKeyChecking=no"
"allow_other"
"reconnect"
"Port=2522"
"nofail"
];
};
"/old-root" = {
device = "/dev/disk/by-uuid/e06f6d2c-e434-4eec-b00d-b13c1ecc96f0";
fsType = "btrfs";
options = [
"subvol=/arch"
"noatime"
];
};
"/var/lib/nomad" = {
device = "blowhole-zpool/persist/nomad";
fsType = "zfs";
};
"/var/secrets" = {
device = "blowhole-zpool/persist/secrets";
fsType = "zfs";
};
"/var/lib/consul" = {
device = "blowhole-zpool/persist/consul";
fsType = "zfs";
};
"/var/lib/vault" = {
device = "blowhole-zpool/persist/vault";
fsType = "zfs";
};
"/var/lib/matrix-commander" = {
device = "blowhole-zpool/persist/matrix-commander";
fsType = "zfs";
};
"/var/lib/smartd" = {
device = "blowhole-zpool/persist/smartd";
fsType = "zfs";
};
}
// secret.mounts.blowhole or {};
}