fs mounts: don't auto-mount ssh; try to specify correct net dependencies for better shutdown
This commit is contained in:
parent
0d0a9fce6a
commit
9eb36441e1
|
@ -1,26 +1,36 @@
|
||||||
{ pkgs, sane-lib, ... }:
|
{ pkgs, sane-lib, ... }:
|
||||||
|
|
||||||
let sshOpts = rec {
|
let fsOpts = rec {
|
||||||
fsType = "fuse.sshfs";
|
common = [
|
||||||
optionsBase = [
|
|
||||||
"x-systemd.automount"
|
|
||||||
"_netdev"
|
"_netdev"
|
||||||
|
"noatime"
|
||||||
|
"x-systemd.requires=network-online.target"
|
||||||
|
"x-systemd.after=network-online.target"
|
||||||
|
];
|
||||||
|
sshCommon = common ++ [
|
||||||
"user"
|
"user"
|
||||||
"identityfile=/home/colin/.ssh/id_ed25519"
|
"identityfile=/home/colin/.ssh/id_ed25519"
|
||||||
"allow_other"
|
"allow_other"
|
||||||
"default_permissions"
|
"default_permissions"
|
||||||
];
|
];
|
||||||
optionsColin = optionsBase ++ [
|
sshColin = sshCommon ++ [
|
||||||
"transform_symlinks"
|
"transform_symlinks"
|
||||||
"idmap=user"
|
"idmap=user"
|
||||||
"uid=1000"
|
"uid=1000"
|
||||||
"gid=100"
|
"gid=100"
|
||||||
];
|
];
|
||||||
|
sshRoot = sshCommon ++ [
|
||||||
optionsRoot = optionsBase ++ [
|
|
||||||
# we don't transform_symlinks because that breaks the validity of remote /nix stores
|
# we don't transform_symlinks because that breaks the validity of remote /nix stores
|
||||||
"sftp_server=/run/wrappers/bin/sudo\\040/run/current-system/sw/libexec/sftp-server"
|
"sftp_server=/run/wrappers/bin/sudo\\040/run/current-system/sw/libexec/sftp-server"
|
||||||
];
|
];
|
||||||
|
auto = [ "x-systemd.automount" ];
|
||||||
|
noauto = [ "noauto" ];
|
||||||
|
wg = [
|
||||||
|
"x-systemd.requires=wireguard-wg-home.service"
|
||||||
|
"x-systemd.after=wireguard-wg-home.service"
|
||||||
|
];
|
||||||
|
# in the event of hunt NFS mounts, consider:
|
||||||
|
# - <https://unix.stackexchange.com/questions/31979/stop-broken-nfs-mounts-from-locking-a-directory>
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -34,56 +44,50 @@ in
|
||||||
device = "servo-hn:/";
|
device = "servo-hn:/";
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "x-systemd.automount" ];
|
options = fsOpts.common ++ fsOpts.auto ++ fsOpts.wg;
|
||||||
};
|
};
|
||||||
# fileSystems."/mnt/servo-nfs-lan" = {
|
|
||||||
# device = "servo:/";
|
|
||||||
# noCheck = true;
|
|
||||||
# fsType = "nfs";
|
|
||||||
# options = [ "x-systemd.automount" ];
|
|
||||||
# };
|
|
||||||
# fileSystems."/mnt/servo-media-nfs" = {
|
# fileSystems."/mnt/servo-media-nfs" = {
|
||||||
# device = "10.0.10.5:/media";
|
# device = "servo-hn:/media";
|
||||||
# noCheck = true;
|
# noCheck = true;
|
||||||
# fsType = "nfs";
|
# fsType = "nfs";
|
||||||
# options = [ "x-systemd.automount" ];
|
# options = fsOpts.common ++ fsOpts.auto;
|
||||||
# };
|
# };
|
||||||
sane.fs."/mnt/servo-media" = sane-lib.fs.wantedSymlinkTo "/mnt/servo-nfs/media";
|
sane.fs."/mnt/servo-media" = sane-lib.fs.wantedSymlinkTo "/mnt/servo-nfs/media";
|
||||||
|
|
||||||
fileSystems."/mnt/servo-media-wan" = {
|
fileSystems."/mnt/servo-media-wan" = {
|
||||||
device = "colin@uninsane.org:/var/lib/uninsane/media";
|
device = "colin@uninsane.org:/var/lib/uninsane/media";
|
||||||
inherit (sshOpts) fsType;
|
fsType = "fuse.sshfs";
|
||||||
options = sshOpts.optionsColin;
|
options = fsOpts.sshColin ++ fsOpts.noauto;
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/servo-media-lan" = {
|
fileSystems."/mnt/servo-media-lan" = {
|
||||||
device = "colin@servo:/var/lib/uninsane/media";
|
device = "colin@servo:/var/lib/uninsane/media";
|
||||||
inherit (sshOpts) fsType;
|
fsType = "fuse.sshfs";
|
||||||
options = sshOpts.optionsColin;
|
options = fsOpts.sshColin ++ fsOpts.noauto;
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/servo-root-wan" = {
|
fileSystems."/mnt/servo-root-wan" = {
|
||||||
device = "colin@uninsane.org:/";
|
device = "colin@uninsane.org:/";
|
||||||
inherit (sshOpts) fsType;
|
fsType = "fuse.sshfs";
|
||||||
options = sshOpts.optionsRoot;
|
options = fsOpts.sshRoot ++ fsOpts.noauto;
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/servo-root-lan" = {
|
fileSystems."/mnt/servo-root-lan" = {
|
||||||
device = "colin@servo:/";
|
device = "colin@servo:/";
|
||||||
inherit (sshOpts) fsType;
|
fsType = "fuse.sshfs";
|
||||||
options = sshOpts.optionsRoot;
|
options = fsOpts.sshRoot ++ fsOpts.noauto;
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/desko-home" = {
|
fileSystems."/mnt/desko-home" = {
|
||||||
device = "colin@desko:/home/colin";
|
device = "colin@desko:/home/colin";
|
||||||
inherit (sshOpts) fsType;
|
fsType = "fuse.sshfs";
|
||||||
options = sshOpts.optionsColin;
|
options = fsOpts.sshColin ++ fsOpts.noauto;
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/desko-root" = {
|
fileSystems."/mnt/desko-root" = {
|
||||||
device = "colin@desko:/";
|
device = "colin@desko:/";
|
||||||
inherit (sshOpts) fsType;
|
fsType = "fuse.sshfs";
|
||||||
options = sshOpts.optionsRoot;
|
options = fsOpts.sshRoot ++ fsOpts.noauto;
|
||||||
noCheck = true;
|
noCheck = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user