Lander Van den Bulcke
9e0ebbdafb
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
86 lines
1.5 KiB
Nix
86 lines
1.5 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
with lib;
|
|
let
|
|
cfg = config.services.storagebox;
|
|
in
|
|
{
|
|
options.services.storagebox = {
|
|
enable = mkEnableOption "storagebox";
|
|
|
|
hostname = mkOption {
|
|
type = types.str;
|
|
};
|
|
|
|
hostKey = mkOption {
|
|
type = types.str;
|
|
};
|
|
|
|
user = mkOption {
|
|
type = types.str;
|
|
};
|
|
|
|
sshKeyFile = mkOption {
|
|
type = types.path;
|
|
};
|
|
|
|
plainMountPoint = mkOption {
|
|
type = types.str;
|
|
default = "/mnt/box";
|
|
};
|
|
|
|
cryptMountPoint = mkOption {
|
|
type = types.str;
|
|
default = "/data";
|
|
};
|
|
|
|
passFile = mkOption {
|
|
type = types.path;
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
environment.systemPackages = with pkgs; [
|
|
gocryptfs
|
|
sshfs
|
|
];
|
|
|
|
programs.ssh.knownHosts.storageBox = {
|
|
hostNames = [ cfg.hostname ];
|
|
publicKey = cfg.hostKey;
|
|
};
|
|
|
|
fileSystems."${cfg.plainMountPoint}" = {
|
|
device = "${cfg.user}@${cfg.hostname}:/home";
|
|
fsType = "fuse.sshfs";
|
|
options = [
|
|
"defaults"
|
|
"_netdev"
|
|
"allow_other"
|
|
"default_permissions"
|
|
"port=23"
|
|
"compression=no"
|
|
"reconnect"
|
|
"ServerAliveInterval=15"
|
|
"IdentityFile=${cfg.sshKeyFile}"
|
|
];
|
|
};
|
|
|
|
fileSystems."${cfg.cryptMountPoint}" = {
|
|
depends = [
|
|
"${cfg.plainMountPoint}"
|
|
];
|
|
device = "${cfg.plainMountPoint}/crypt";
|
|
fsType = "fuse.gocryptfs";
|
|
options = [
|
|
"rw"
|
|
"allow_other"
|
|
"passfile=${cfg.passFile}"
|
|
];
|
|
};
|
|
};
|
|
}
|