diff --git a/modules/default.nix b/modules/default.nix index 4a3c84e..1f2e13d 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -6,12 +6,15 @@ ./chia.nix ./common/hostinfo.nix ./desktop/awesome/default.nix + ./filesystems.nix ./impermanence.nix ./locations.nix ./resilio.nix ./services/downloads.nix + ./services/emby.nix ./services/mastodon/default.nix ./services/matrix.nix + ./services/plex.nix ./services/version_tracker.nix ./services/zigbee2mqtt.nix ./storj.nix diff --git a/modules/filesystems.nix b/modules/filesystems.nix new file mode 100644 index 0000000..f1c6ec6 --- /dev/null +++ b/modules/filesystems.nix @@ -0,0 +1,91 @@ +{ config, lib, ... }: + +let + cfg = config.custom.filesystems; +in +{ + options.custom.filesystems = { + films = { + enable = lib.mkEnableOption "mounting films"; + host = lib.mkOption { + default = "archnas.storage.ts.hillion.co.uk"; + }; + path = lib.mkOption { + type = lib.types.str; + default = "/mnt/media/films"; + description = "Path at which to mount"; + }; + localPath = lib.mkOption { + default = "/data/media/films"; + }; + remotePath = lib.mkOption { + default = { + type = "cifs"; + share = "films"; + credentials = config.age.secrets."filesystems/films".path; + }; + }; + }; + + tv = { + enable = lib.mkEnableOption "mounting tv"; + host = lib.mkOption { + default = "archnas.storage.ts.hillion.co.uk"; + }; + localPath = lib.mkOption { + default = "/data/media/tv"; + }; + path = lib.mkOption { + type = lib.types.str; + default = "/mnt/media/tv"; + description = "Path at which to mount"; + }; + remotePath = lib.mkOption { + default = { + type = "cifs"; + share = "tv"; + credentials = config.age.secrets."filesystems/tv".path; + }; + }; + }; + }; + + config = { + age.secrets = { + "filesystems/films" = lib.mkIf cfg.tv.enable { file = ../secrets/filesystems/films.age; }; + "filesystems/tv" = lib.mkIf cfg.tv.enable { file = ../secrets/filesystems/tv.age; }; + }; + fileSystems = { + "${cfg.films.path}" = lib.mkIf cfg.films.enable (if cfg.films.host == config.networking.fqdn then { + device = cfg.films.localPath; + options = [ "bind" ]; + } else { + device = "//${cfg.films.host}/${cfg.films.remotePath.share}"; + fsType = "cifs"; + options = [ + "x-systemd.automount" + "noauto" + "x-systemd.idle-timeout=60" + "x-systemd.device-timeout=5s" + "x-systemd.mount-timeout=5s" + "credentials=${cfg.films.remotePath.credentials}" + ]; + }); + "${cfg.tv.path}" = lib.mkIf cfg.tv.enable (if cfg.tv.host == config.networking.fqdn then { + device = cfg.tv.localPath; + options = [ "bind" ]; + } else { + device = "//${cfg.tv.host}/${cfg.tv.remotePath.share}"; + fsType = "cifs"; + options = [ + "x-systemd.automount" + "noauto" + "x-systemd.idle-timeout=60" + "x-systemd.device-timeout=5s" + "x-systemd.mount-timeout=5s" + "credentials=${cfg.tv.remotePath.credentials}" + ]; + }); + }; + }; +} diff --git a/modules/locations.nix b/modules/locations.nix index ff95c36..22df788 100644 --- a/modules/locations.nix +++ b/modules/locations.nix @@ -14,16 +14,22 @@ in default = { services = { downloads = "tywin.storage.ts.hillion.co.uk"; + emby = "gendry.jakehillion-terminals.ts.hillion.co.uk"; mastodon = "vm.strangervm.ts.hillion.co.uk"; matrix = "vm.strangervm.ts.hillion.co.uk"; + plex = "gendry.jakehillion-terminals.ts.hillion.co.uk"; }; }; }; }; config = lib.mkIf cfg.autoServe { - custom.services.downloads.enable = cfg.locations.services.downloads == config.networking.fqdn; - custom.services.mastodon.enable = cfg.locations.services.mastodon == config.networking.fqdn; - custom.services.matrix.enable = cfg.locations.services.matrix == config.networking.fqdn; + custom.services = { + emby.enable = cfg.locations.services.emby == config.networking.fqdn; + mastodon.enable = cfg.locations.services.mastodon == config.networking.fqdn; + matrix.enable = cfg.locations.services.matrix == config.networking.fqdn; + plex.enable = cfg.locations.services.plex == config.networking.fqdn; + downloads.enable = cfg.locations.services.downloads == config.networking.fqdn; + }; }; } diff --git a/modules/services/emby.nix b/modules/services/emby.nix new file mode 100644 index 0000000..d9e6923 --- /dev/null +++ b/modules/services/emby.nix @@ -0,0 +1,17 @@ +{ config, lib, ... }: + +let + cfg = config.custom.services.emby; +in +{ + options.custom.services.emby = { + enable = lib.mkEnableOption "emby"; + }; + + config = lib.mkIf cfg.enable { + custom.filesystems = { + tv.enable = true; + films.enable = true; + }; + }; +} diff --git a/modules/services/plex.nix b/modules/services/plex.nix new file mode 100644 index 0000000..6879b96 --- /dev/null +++ b/modules/services/plex.nix @@ -0,0 +1,17 @@ +{ config, lib, ... }: + +let + cfg = config.custom.services.plex; +in +{ + options.custom.services.plex = { + enable = lib.mkEnableOption "plex"; + }; + + config = lib.mkIf cfg.enable { + custom.filesystems = { + tv.enable = true; + films.enable = true; + }; + }; +} diff --git a/secrets/filesystems/films.age b/secrets/filesystems/films.age new file mode 100644 index 0000000..12a8c05 --- /dev/null +++ b/secrets/filesystems/films.age @@ -0,0 +1,22 @@ +age-encryption.org/v1 +-> ssh-rsa GxPFJQ +JVp8o+VPHTFP6CNhqCVQfMSMYckL84genQq+JqL93wbjMkA5Gr9k6hPNdxNClwkH +XP8uevqyYOAF97h0BszK3bsw3h7tmVXZo/GoB4wgS0sTNcNY6YqMqVnGt91O1WFC +BXw/0QR9YiomZKrius0LEHSYXLQJQrdYfih4vdDDdRr29CfaIvb96QuDx61kS4kc +wTucUkYR7Q1WXXv8+5uB5+IuyAkynC5PIL7bpNpOcufqnBF048Q4PsyW/bo164FZ +QDkdIANun1jOwvadLJJ6gVh/2YxKzSieugWrwhI9Gc6Xt03yslhTsUmfJqwI9sqE +0pi5cgtcs4vCa3/ypopN+w +-> ssh-rsa K9mW1w +s5HBnZPfQWvrVS3QyMRzFRbl8xBCGNTz7xumuODqieexT9qzVkHyTO2rd0vyR+AV +4S1cPD87cu1KSEZJgeta7uNeRFg4EkWRkSv0df3C9JUlWw5Hl1m6AauTKsdUKO/B +p++ew8z9b2nnfB81a0C3BT4UyTsBjPauU4d5hLQO8XH6HhJPJdz4qCz/vhjmOFth +HMeDOkiPy2K3vvWpsg6R5da9Xwg+rMiXbrRjXgBTqQWvEkfNvB4v79hcl1yOkTEC +A+71jwQlLNIxcXnFNuckY/xXmRLxeDBGx2WWDH/e6PkyMNQalzIvzRLBTGLPV8vG +hHyFmHgt6gjr3Mu5KUC2VQ +-> ssh-ed25519 O0LMHg U9RQSq7gs8QCKLC5VbOC+CoeLfPys4wwvZ3jYdnpIno +4pduSmqb5l9fCQYDRnPY0TYunkmyd1/a0C3HNMnvHR4 +-> --grease :=~[ ,q,V$>Of Lm? +2WQFp5zXpu2z5y2J405q5Mlu1IZoulv/dCqB4Cs7hZt57vAuLtWLvFev13RW4oxR +rB3elGCCiGc7kA +--- k1yLTDRntg//5MfBXrvdEm4EM6zYv1DaJey8HS0THmg +pk$ O=il*PpJS3]bwgݨ3R풖y!6*VM韃;.Y \ No newline at end of file diff --git a/secrets/filesystems/tv.age b/secrets/filesystems/tv.age new file mode 100644 index 0000000..6ef5a67 --- /dev/null +++ b/secrets/filesystems/tv.age @@ -0,0 +1,22 @@ +age-encryption.org/v1 +-> ssh-rsa GxPFJQ +S8LhCEjcKwVXqm9AEyHQNv8veKcEwIOpzqI8fgSnFjhVPi7XKdjYQZPMVaD4oDxM +AE7dBGy2PxoXxaqLLgnL7IGgMN9B2En6LoaazavGNrPvl07LWZFk+dUBvh/cA3Be +G8F3xl0ei7V6zsTuEIy1brVHtsTLrD9CHo2LOx3Pz3vIKIYNoi29QOB4vhfW6qM5 +xMaNfoRlweJJ+CeC7vKDinkUGbyLFF3UQQC7lJpz3TgOzpCvukRxjMXBw6767PrA +2Ua9KTtXCGJeq8qfIMXPo2OD7IEh1Ob8HGHKqqeTa+uM4gEGE+3yKLMfc32BlU6D +HaN9gJ4r9cmWSq1ZmtKTRA +-> ssh-rsa K9mW1w +HPQauPQLfyfoKu4OlFLR6jZQzZRN51mycXKlPb57fffY3Jk+fAsjFNPcuiSup14u +1W0VIZcki64QA4nTdyIWWrIxMe1WpjI3KnEjUu0AaeXAhS1hHsd2imux07SfwVzm +d71c5Mkk9BjN3GnAlvSYfe8u1sfpBhTn0RgjprHRdHfZSkomu00VltB6G84WqQuJ +DlzFS/b4Q2dS4KV+aG3YForqN0iJmUXMIYRm0LCmqvsUGIXqj2ER+Kw/ov4DrgUa +8UWSgVOLC4SGMk4qZi3/GI/Vvp32U3IGmO+RbR1q36FDtWXe6Cz/XIxKZw5tDuIA +q0we6rb0OZEhmIL7nbLM/g +-> ssh-ed25519 O0LMHg tI2AD8+MzZw7+5rCT6LBCtPyGKIm5728S3aoSPmdFmY +dRuUAshH/zwZ9oL2heJaLmhq1sFJPe7XonDVWgIz7hs +-> hE7|6$-grease +rCFOlWXcHUh3kOzEFVh7KxkX7VlO0aQCmfuvHon6zspAzysY/UnVNICYLrnPaQvn +Xxx2/BvVQSDinUXEs/5ycuYTMS5+suKi0cSA7+ZD/YaNHL/CWnhOGJcYElQK +--- CE4gEsUZaituW2wZUrhwEtlLiCmHy+dQ4w2DWnVKATc +g5` "YHOB  0y+S`S[ЉRE۲d6QXQRn \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 75eaa49..65629a9 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -97,4 +97,8 @@ in # Deluge Secrets "deluge/auth.age".publicKeys = jake_users ++ [ ts.storage.tywin ]; + + # Filesystem Secrets + "filesystems/films.age".publicKeys = jake_users ++ [ ts.storage.tywin ts.terminals.jakehillion.gendry ]; + "filesystems/tv.age".publicKeys = jake_users ++ [ ts.storage.tywin ts.terminals.jakehillion.gendry ]; }