nixos-config/hosts/voyager/filesystems.nix

53 lines
1.5 KiB
Nix
Raw Normal View History

2023-04-17 02:23:56 +02:00
{ config, pkgs, lib, ... }:
{
# Boot drives are defined in ./hardware-configuration.nix
environment.systemPackages = with pkgs; [ cifs-utils ];
# Local zfs
boot = {
zfs.extraPools = [ "tank" ];
supportedFilesystems = [ "zfs" ];
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
};
services.zfs.autoScrub.enable = true;
services.prometheus.exporters.zfs = {
enable = true;
2023-12-26 12:21:30 +01:00
# "ip46" is cursed, do it manually below
# openFirewall = true;
# firewallFilter = "-p tcp -m tcp --source 192.168.10.175/32 --dport 9134";
};
networking.firewall = {
allowedTCPPorts = [ 9134 ];
extraCommands = ''
iptables -A INPUT -p tcp -m tcp --source 192.168.10.175/32 --dport 9134 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 9134 -j DROP
'';
};
2023-04-17 02:23:56 +02:00
# Network mounts (import)
fileSystems = {
"/mnt/feal-syn1/media" = {
device = "feal-syn1.home.feal.no:/volume2/media";
fsType = "nfs";
options = [ "vers=3" ];
#options = [ "x-systemd.automount" "noauto" ];
};
"/mnt/feal-syn1/nfs_proxmox" = {
device = "//feal-syn1.home.feal.no/nfs_proxmox";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
in ["${automount_opts},credentials=/etc/feal-syn1-credentials"];
};
"/var/backup" = {
device = "/tank/backup/voyager";
options = [ "bind "];
};
2023-04-17 02:23:56 +02:00
};
}