dotfiles/nixos/systems/blowhole/filesystems.nix

{ pkgs, lib, secret, ... }:
let
  inherit (lib)
    singleton
    concatStringsSep;
in
{
  environment.systemPackages = with pkgs; [
    sshfs
  ];

  services.hashicorp.vault-agent = {
    settings.template = singleton {
      source = pkgs.writeText "kodi-samba.cred.vtmpl"
        ''{{ with secret "kv/data/homelab-1/blowhole/kodi_samba.cred" }}{{ .Data.data.cred }}{{ end }}'';
      destination = "/run/secrets/kodi_samba.cred";
    };
  };

  fileSystems =
    {
      "/boot" = {
        device = "/dev/disk/by-uuid/738acc32-3e2e-4986-987c-40264153d5bf";
        fsType = "ext4";
      };
      "/" = {
        device = "blowhole-zpool/local/root";
        fsType = "zfs";
      };
      "/nix" = {
        device = "blowhole-zpool/local/nix";
        fsType = "zfs";
      };

      "/var/nfs" = {
        device = "/dev/disk/by-uuid/e06f6d2c-e434-4eec-b00d-b13c1ecc96f0";
        fsType = "btrfs";
        options = [
          "subvol=/nfs"
          "noatime"
        ];
      };

      "/mnt/cctv" = {
        device = "camera@${secret.network.ips.woodchip or ""}:/";
        fsType = "fuse.sshfs";
        noCheck = true;
        options = [
          "_netdev"
          "noauto"
          "x-systemd.automount"
          "IdentityFile=/run/secrets/id_ed_camera"
          "StrictHostKeyChecking=no"
          "allow_other"
          "reconnect"
          "Port=2522"
          "nofail"
        ];
      };

      "/old-root" = {
        device = "/dev/disk/by-uuid/e06f6d2c-e434-4eec-b00d-b13c1ecc96f0";
        fsType = "btrfs";
        options = [
          "subvol=/arch"
          "noatime"
        ];
      };
      "/var/lib/nomad" = {
        device = "blowhole-zpool/persist/nomad";
        fsType = "zfs";
      };
      "/var/secrets" = {
        device = "blowhole-zpool/persist/secrets";
        fsType = "zfs";
      };
      "/var/lib/consul" = {
        device = "blowhole-zpool/persist/consul";
        fsType = "zfs";
      };
      "/var/lib/vault" = {
        device = "blowhole-zpool/persist/vault";
        fsType = "zfs";
      };
    }
    // secret.mounts.blowhole or {};
}
Possibly functional blowhole configuration Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-12 23:25:40 +02:00			`{ pkgs, lib, secret, ... }:`
			`let`
			`inherit (lib)`
Switch jellyfin to a host volume and add new share for media Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-28 14:24:21 +02:00			`singleton`
			`concatStringsSep;`
Possibly functional blowhole configuration Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-12 23:25:40 +02:00			`in`
			`{`
			`environment.systemPackages = with pkgs; [`
			`sshfs`
			`];`

Switch jellyfin to a host volume and add new share for media Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-28 14:24:21 +02:00			`services.hashicorp.vault-agent = {`
			`settings.template = singleton {`
			`source = pkgs.writeText "kodi-samba.cred.vtmpl"`
			`''{{ with secret "kv/data/homelab-1/blowhole/kodi_samba.cred" }}{{ .Data.data.cred }}{{ end }}'';`
			`destination = "/run/secrets/kodi_samba.cred";`
			`};`
			`};`

Possibly functional blowhole configuration Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-12 23:25:40 +02:00			`fileSystems =`
			`{`
			`"/boot" = {`
			`device = "/dev/disk/by-uuid/738acc32-3e2e-4986-987c-40264153d5bf";`
			`fsType = "ext4";`
			`};`
			`"/" = {`
			`device = "blowhole-zpool/local/root";`
			`fsType = "zfs";`
			`};`
			`"/nix" = {`
			`device = "blowhole-zpool/local/nix";`
			`fsType = "zfs";`
			`};`

			`"/var/nfs" = {`
			`device = "/dev/disk/by-uuid/e06f6d2c-e434-4eec-b00d-b13c1ecc96f0";`
			`fsType = "btrfs";`
			`options = [`
			`"subvol=/nfs"`
			`"noatime"`
			`];`
			`};`

			`"/mnt/cctv" = {`
			`device = "camera@${secret.network.ips.woodchip or ""}:/";`
			`fsType = "fuse.sshfs";`
			`noCheck = true;`
			`options = [`
			`"_netdev"`
			`"noauto"`
			`"x-systemd.automount"`
			`"IdentityFile=/run/secrets/id_ed_camera"`
			`"StrictHostKeyChecking=no"`
			`"allow_other"`
			`"reconnect"`
			`"Port=2522"`
Mark camera mount as `nofail` Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-28 14:25:39 +02:00			`"nofail"`
Possibly functional blowhole configuration Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-12 23:25:40 +02:00			`];`
			`};`

			`"/old-root" = {`
			`device = "/dev/disk/by-uuid/e06f6d2c-e434-4eec-b00d-b13c1ecc96f0";`
			`fsType = "btrfs";`
			`options = [`
			`"subvol=/arch"`
			`"noatime"`
			`];`
			`};`
			`"/var/lib/nomad" = {`
			`device = "blowhole-zpool/persist/nomad";`
			`fsType = "zfs";`
			`};`
			`"/var/secrets" = {`
			`device = "blowhole-zpool/persist/secrets";`
			`fsType = "zfs";`
			`};`
			`"/var/lib/consul" = {`
Move Consul and Vault onto ZFS on blowhole Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-07-10 23:36:07 +02:00			`device = "blowhole-zpool/persist/consul";`
			`fsType = "zfs";`
Possibly functional blowhole configuration Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-12 23:25:40 +02:00			`};`
			`"/var/lib/vault" = {`
Fix wrong mount for vault on blowhole Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-07-18 11:45:01 +02:00			`device = "blowhole-zpool/persist/vault";`
Move Consul and Vault onto ZFS on blowhole Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-07-10 23:36:07 +02:00			`fsType = "zfs";`
Possibly functional blowhole configuration Signed-off-by: Magic_RB <magic_rb@redalder.org> 2023-06-12 23:25:40 +02:00			`};`
			`}`
			`// secret.mounts.blowhole or {};`
			`}`