exported export folder from nfs

added more config for nfs mounts
updated nfs mounts
2025-03-09 14:24:15 -05:00 · 2025-03-09 14:10:50 -05:00 · 2025-03-08 16:16:03 -06:00 · 2025-03-08 05:05:32 -06:00 · 2025-03-07 19:53:11 -06:00 · 2025-03-07 18:54:22 -06:00
9 changed files with 88 additions and 39 deletions
--- a/configurations/home-manager/leyla/packages.nix
+++ b/configurations/home-manager/leyla/packages.nix
@ -76,7 +76,6 @@ in {
            # system tools
            protonvpn-gui
            openvpn
-            nextcloud-client
            noisetorch

            # hardware managment tools
--- a/configurations/nixos/defiant/configuration.nix
+++ b/configurations/nixos/defiant/configuration.nix
@ -58,6 +58,7 @@
          folder = "leyla";
          user = "leyla";
          group = "leyla";
+          bind = "/home/leyla/documents";
        }
        {
          folder = "eve";
@ -69,6 +70,12 @@
          user = "root";
          group = "users";
        }
+        {
+          folder = "media";
+          user = "jellyfin";
+          group = "jellyfin_media";
+          bind = config.host.jellyfin.media_directory;
+        }
      ];
      nfs = {
        enable = true;
@ -108,7 +115,7 @@
      enable = false;
    };
    nextcloud = {
-      enable = true;
+      enable = false;
      subdomain = "drive";
    };
    sync = {
--- a/configurations/nixos/horizon/hardware-configuration.nix
+++ b/configurations/nixos/horizon/hardware-configuration.nix
@ -38,40 +38,28 @@
      fsType = "vfat";
    };

-    "/mnt/new_leyla_home" = {
+    "/mnt/leyla_documents" = {
      device = "defiant:/exports/leyla";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

-    "/mnt/new_eve_home" = {
+    "/mnt/eve_documents" = {
      device = "defiant:/exports/eve";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

-    "/mnt/new_users_home" = {
+    "/mnt/users_documents" = {
      device = "defiant:/exports/users";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

-    "/mnt/leyla_home" = {
-      device = "server.arpa:/home/leyla";
+    "/mnt/media" = {
+      device = "defiant:/exports/media";
      fsType = "nfs";
-      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
-    };
-
-    "/mnt/share_home" = {
-      device = "server.arpa:/home/share";
-      fsType = "nfs";
-      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
-    };
-
-    "/mnt/docker_home" = {
-      device = "server.arpa:/home/docker";
-      fsType = "nfs";
-      options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
+      options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };
  };

--- a/configurations/nixos/twilight/hardware-configuration.nix
+++ b/configurations/nixos/twilight/hardware-configuration.nix
@ -47,22 +47,22 @@
      options = ["fmask=0022" "dmask=0022"];
    };

-    "/mnt/leyla_home" = {
-      device = "server.arpa:/home/leyla";
+    "/mnt/leyla_documents" = {
+      device = "defiant:/exports/leyla";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

-    "/mnt/share_home" = {
-      device = "server.arpa:/home/share";
+    "/mnt/users_documents" = {
+      device = "defiant:/exports/users";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

-    "/mnt/docker_home" = {
-      device = "server.arpa:/home/docker";
+    "/mnt/media" = {
+      device = "defiant:/exports/media";
      fsType = "nfs";
-      options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
+      options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };
  };

--- a/modules/nixos-modules/server/home-assistant.nix
+++ b/modules/nixos-modules/server/home-assistant.nix
@ -1,9 +1,11 @@
 {
  lib,
+  pkgs,
  config,
  ...
 }: let
  configDir = "/var/lib/hass";
+  db_user = "hass";
 in {
  options.host.home-assistant = {
    enable = lib.mkEnableOption "should home-assistant be enabled on this computer";
@ -16,27 +18,57 @@ in {

  config = lib.mkIf config.host.home-assistant.enable (lib.mkMerge [
    {
+      systemd.tmpfiles.rules = [
+        "f ${config.services.home-assistant.configDir}/automations.yaml 0755 hass hass"
+      ];
      services.home-assistant = {
        enable = true;
+        package =
+          (pkgs.home-assistant.override {
+            extraPackages = py: with py; [psycopg2];
+          })
+          .overrideAttrs (oldAttrs: {
+            doInstallCheck = false;
+          });
+        configDir = configDir;
        extraComponents = [
-          "esphome"
          "met"
          "radio_browser"
          "isal"
+          "zha"
+          "jellyfin"
+          "webostv"
+          "tailscale"
+          "syncthing"
+          "sonos"
+          "analytics_insights"
+          "unifi"
+          "minecraft_server"
+          "openweathermap"
        ];
-        config.http = {
+        config = {
+          http = {
            server_port = 8082;
            use_x_forwarded_for = true;
            trusted_proxies = ["127.0.0.1" "::1"];
            ip_ban_enabled = true;
            login_attempts_threshold = 10;
          };
+          recorder.db_url = "postgresql://@/${db_user}";
+          "automation manual" = [];
+          "automation ui" = "!include automations.yaml";
+        };
        extraPackages = python3Packages:
          with python3Packages; [
            numpy
            gtts
          ];
      };
+      systemd.services.home-assistant = {
+        requires = [
+          "postgresql.service"
+        ];
+      };
      host = {
        reverse_proxy.subdomains.${config.host.home-assistant.subdomain} = {
          target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}";
@ -44,15 +76,33 @@ in {
          extraConfig = ''
            add_header Upgrade $http_upgrade;
            add_header Connection \"upgrade\";
+
            proxy_set_header Host $host;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Forwarded-Host $server_name;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+            proxy_buffering off;
+
            proxy_read_timeout 90;
          '';
        };
+        postgres = {
+          enable = true;
+          extraUsers = {
+            ${db_user} = {
+              isClient = true;
+              createUser = true;
+            };
+          };
+          extraDatabases = {
+            ${db_user} = {
+              name = db_user;
+            };
+          };
+        };
      };
    }
    (lib.mkIf config.host.impermanence.enable {
--- a/modules/nixos-modules/server/jellyfin.nix
+++ b/modules/nixos-modules/server/jellyfin.nix
@ -7,7 +7,6 @@
  jellyfinPort = 8096;
  jellyfin_data_directory = "/var/lib/jellyfin";
  jellyfin_cache_directory = "/var/cache/jellyfin";
-  jellyfin_media_directory = "/srv/jellyfin/media";
 in {
  options.host.jellyfin = {
    enable = lib.mkEnableOption "should jellyfin be enabled on this computer";
@ -21,6 +20,11 @@ in {
      description = "ex subdomain of base domain that jellyfin will be hosted at";
      default = [];
    };
+    media_directory = lib.mkOption {
+      type = lib.types.str;
+      description = "directory jellyfin media will be hosted at";
+      default = "/srv/jellyfin/media";
+    };
  };

  config = lib.mkIf config.host.jellyfin.enable (
@ -126,7 +130,7 @@ in {
            hideMounts = true;
            directories = [
              {
-                directory = jellyfin_media_directory;
+                directory = config.host.jellyfin.media_directory;
                user = "jellyfin";
                group = "jellyfin_media";
                mode = "1770";
--- a/modules/nixos-modules/server/network_storage/default.nix
+++ b/modules/nixos-modules/server/network_storage/default.nix
@ -57,7 +57,7 @@ in {
      # create any folders that we need to have for our exports
      systemd.tmpfiles.rules =
        [
-          "d ${config.host.network_storage.export_directory} 2770 root root -"
+          "d ${config.host.network_storage.export_directory} 2775 root root -"
        ]
        ++ (
          builtins.map (
--- a/modules/nixos-modules/server/network_storage/nfs.nix
+++ b/modules/nixos-modules/server/network_storage/nfs.nix
@ -38,8 +38,8 @@
        services.nfs.server = {
          enable = true;
          exports = lib.strings.concatLines (
-            builtins.map (
-              directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt)"
+            lib.lists.imap0 (
+              i: directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt,fsid=${builtins.toString i})"
            )
            (
              builtins.filter (
--- a/modules/nixos-modules/server/postgres.nix
+++ b/modules/nixos-modules/server/postgres.nix
@ -65,6 +65,7 @@ in {
            ++ (
              builtins.map (user: {
                name = user.name;
+                ensureDBOwnership = true;
              })
              createUsers
            );
Author	SHA1	Message	Date
Leyla Becker	7b9b394ad2	exported export folder from nfs	2025-03-09 14:24:15 -05:00
Leyla Becker	1e98b54454	added more config for nfs mounts	2025-03-09 14:10:50 -05:00
Leyla Becker	f5c67b812f	updated nfs mounts	2025-03-08 16:16:03 -06:00
Leyla Becker	0e5d8e3335	added postgres config to home assistant	2025-03-08 05:05:32 -06:00
Leyla Becker	9715517af6	added more config to home assistant	2025-03-07 19:53:11 -06:00
Leyla Becker	99e57603c7	added components to home assistant	2025-03-07 18:54:22 -06:00