fix rsync command

devices/conv.nix

@@ -10,7 +10,7 @@
 
   boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
+  boot.kernelModules = [ "kvm-amd sg" ];
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =

devices/desk.nix

@@ -13,6 +13,7 @@
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-amd" "sg" ];
   boot.extraModulePackages = [ ];
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
 
   fileSystems."/" =
     { device = "NIX_DESK_POOL/root";

devices/nas.nix

@@ -13,26 +13,28 @@
   boot.initrd.kernelModules = [ "dm-snapshot" ];
   boot.kernelModules = [ ];    
   boot.extraModulePackages = [ ];
-  
+
+  security.sudo.wheelNeedsPassword = false;
+
   fileSystems."/" =
-    { device = "/dev/disk/by-uuid/05da5ea5-180f-41a3-a81c-5e3325a4c866";
+    { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
       fsType = "ext4";
     };
-
+  
   #fileSystems."/srv/dev-disk-by-uuid-0fc5586c-ed51-4b02-9a87-4a733ea353a7" =
   #  { device = "/dev/mapper/base--storage-Docker";
   #    fsType = "ext4";
   #  };
 
-  #fileSystems."/srv/dev-disk-by-uuid-18333f38-626c-4c22-af29-314a87282809" =
+  fileSystems."/srv/private" =
-  #  { device = "/dev/mapper/base--storage-ShatteredMINT";
+   { device = "/dev/mapper/base--storage-ShatteredMINT";
-  #    fsType = "ext4";
+     fsType = "ext4";
-  #  };
+   };
 
-  #fileSystems."/srv/dev-disk-by-uuid-98570615-8eda-4a45-8a20-3c58b50e3d79" =
+  fileSystems."/srv/shared" =
-  #  { device = "/dev/mapper/base--storage-NAS";
+   { device = "/dev/mapper/base--storage-NAS";
-  #    fsType = "ext4";
+     fsType = "ext4";
-  #  };
+   };
 
   #fileSystems."/export/ShatteredMINT" =
   #  { device = "/srv/dev-disk-by-uuid-18333f38-626c-4c22-af29-314a87282809";
@@ -71,4 +73,11 @@
   networking.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+
+  services.cron = {
+   enable = true;
+   systemCronJobs = [
+     "* 20 * * *     root rsync -Pav -e 'ssh -i /root/.ssh/backup' /srv backup@192.168.178.24:/ 1>> /root/backup.log 2>> /root/backup.err"
+   ];
+  };
 }

flake.lock

@@ -40,6 +40,21 @@
         "type": "github"
       }
     },
+    "nix-flatpak": {
+      "locked": {
+        "lastModified": 1768656715,
+        "narHash": "sha256-Sbh037scxKFm7xL0ahgSCw+X2/5ZKeOwI2clqrYr9j4=",
+        "owner": "gmodena",
+        "repo": "nix-flatpak",
+        "rev": "123fe29340a5b8671367055b75a6e7c320d6f89a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "gmodena",
+        "repo": "nix-flatpak",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1772773019,
@@ -60,6 +75,7 @@
       "inputs": {
         "friendlyelecCM3588": "friendlyelecCM3588",
         "home-manager": "home-manager",
+        "nix-flatpak": "nix-flatpak",
         "nixpkgs": "nixpkgs"
       }
     }

flake.nix

@@ -13,6 +13,7 @@
       url = "github:YayaADev/nixos-friendlyelec-cm3588";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    nix-flatpak.url = "github:gmodena/nix-flatpak";
   };
 
   outputs = {self, nixpkgs, home-manager, ... }@inputs: 
@@ -30,12 +31,13 @@
 
 	      ./configuration.nix 
 	      ./plasma.nix
+          ./software/default-graphical.nix
           ./network-shares.nix
 
           ./backup-target.nix
 
 	      ./users/shatteredmint.nix
-          ./qemu-bridges.nix
+          # ./qemu-bridges.nix
 	];
       };
 
@@ -49,6 +51,7 @@
           ./configuration.nix
 
           ./plasma.nix
+          ./software/default-graphical.nix
           ./users/shatteredmint.nix
           ./network-shares.nix
         ];
@@ -59,10 +62,12 @@
 
         modules = [
           inputs.friendlyelecCM3588.nixosModules.cm3588  # board + kernel support
+          ./devices/nas.nix
 
           ./configuration.nix
 
           ./users/shatteredmint.nix
+          ./software/samba.nix
         ];
       };
     };

network-shares.nix

@@ -1,17 +1,37 @@
 { config, lib, pkgs, ... }:
 
 { 
-  # mount network shares
+  environment.systemPackages = [ pkgs.cifs-utils ];
-  fileSystems."/mnt/nas/private" = {
+  fileSystems."/mnt/share/private" = {
-    device = "dashboard.omv:/ShatteredMINT";
+    device = "//192.168.178.108/shatteredmint";
-    fsType = "nfs";
+    fsType = "cifs";
-    options = [ "x-systemd.automount" "noauto" ];
+    options = let
+      # this line prevents hanging on network split
+      automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
 
+    in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=${toString config.users.users.shatteredmint.uid},gid=${toString config.users.groups.users.gid}"];
   };
-  fileSystems."/mnt/nas/shared" = {
+  fileSystems."/mnt/share/shared" = {
-    device = "dashboard.omv:/default-nas";
+    device = "//192.168.178.108/shared";
-    fsType = "nfs";
+    fsType = "cifs";
-    options = [ "x-systemd.automount" "noauto" ];
+    options = let
+      # this line prevents hanging on network split
+      automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
 
+    in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=${toString config.users.users.shatteredmint.uid},gid=${toString config.users.groups.users.gid}"];
   };
+
+  # # mount network shares
+  # fileSystems."/mnt/nas/private" = {
+  #   device = "dashboard.omv:/ShatteredMINT";
+  #   fsType = "nfs";
+  #   options = [ "x-systemd.automount" "noauto" ];
+  #
+  # };
+  # fileSystems."/mnt/nas/shared" = {
+  #   device = "dashboard.omv:/default-nas";
+  #   fsType = "nfs";
+  #   options = [ "x-systemd.automount" "noauto" ];
+  #
+  # };
 }

plasma.nix

@@ -12,12 +12,54 @@
     pkgs.kdePackages.elisa
   ];
 
-  # enable flatpak
-  services.flatpak.enable = true;
 
   # Enable sound.
   services.pipewire = {
     enable = true;
     pulse.enable = true;
   };
+
+  system.fsPackages = [ pkgs.bindfs ];
+  fileSystems = let
+    mkRoSymBind = path: {
+      device = path;
+      fsType = "fuse.bindfs";
+      options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ];
+    };
+    fontsPkgs = config.fonts.packages;
+    x11Fonts = pkgs.runCommand "X11-fonts"
+      {
+        preferLocalBuild = true;
+        nativeBuildInputs = with pkgs; [
+          gzip
+          mkfontscale
+          mkfontdir
+        ];
+      }
+      (''
+        mkdir -p "$out/share/fonts"
+        font_regexp='.*\.\(ttf\|ttc\|otb\|otf\|pcf\|pfa\|pfb\|bdf\)\(\.gz\)?'
+      ''
+      + (builtins.concatStringsSep "\n" (builtins.map (pkg: ''
+          find ${toString pkg} -regex "$font_regexp" \
+            -exec ln -sf -t "$out/share/fonts" '{}' \;
+        '') fontsPkgs
+        ))
+      + ''
+        cd "$out/share/fonts"
+        mkfontscale
+        mkfontdir
+        cat $(find ${pkgs.font-alias}/ -name fonts.alias) >fonts.alias
+      '');
+    aggregatedIcons = pkgs.buildEnv {
+      name = "system-icons";
+      paths = fontsPkgs;
+      pathsToLink = [
+        "/share/icons"
+      ];
+    };
+  in {
+    "/usr/share/icons" = mkRoSymBind (aggregatedIcons + "/share/icons");
+    "/usr/share/fonts" = mkRoSymBind (x11Fonts + "/share/fonts");
+  };
 }

software/default-graphical.nix

@@ -0,0 +1,53 @@
+
+{ config, lib, pkgs, home-manager, ... }@inputs:
+{
+  imports = [home-manager.nixosModules.home-manager];
+  home-manager.users.shatteredmint = {
+    home.packages = with pkgs; [
+      thunderbird
+      firefox
+      lazygit
+      veracrypt
+      keepassxc
+      kdePackages.yakuake
+      cargo
+      zig
+      clang
+      nil
+      wl-clipboard
+      makemkv
+    ];
+  };
+  # enable flatpak
+  services.flatpak.enable = true;
+  home-manager.users.shatteredmint.imports = [
+    inputs.nix-flatpak.homeManagerModules.nix-flatpak 
+    {
+        services.flatpak = {
+          update.onActivation = true;
+          packages = [
+            "com.atlauncher.ATLauncher"
+            "com.discordapp.Discord"
+            "com.github.k4zmu2a.spacecadetpinball"
+            "com.heroicgameslauncher.hgl"
+            "com.obsproject.Studio"
+            "com.revolutionarygamesstudio.ThriveLauncher"
+            "com.spotify.Client"
+            # "com.teamspeak.TeamSpeak"
+            # "com.teamspeak.TeamSpeak3"
+            "com.usebottles.bottles"
+            "com.valvesoftware.Steam"
+            # "md.obsidian.Obsidian"
+            "org.kde.neochat"
+            "org.kicad.KiCad"
+            "org.libreoffice.LibreOffice"
+            # "org.pipewire.Helvum"
+            # "org.rncbc.qpwgraph"
+            "org.telegram.desktop"
+          ];
+        };
+    }
+  ];
+
+
+}

software/samba.nix

@@ -0,0 +1,49 @@
+{config, pkgs, ...} : {
+  services = {
+    samba = {
+      enable = true;
+      package = pkgs.samba4Full;
+      openFirewall = true;
+
+      settings = {
+        global = {
+          "server smb encrypt" = "required";
+          "server min protocol" = "SMB3_00";
+          "workgroup" = "WORKGROUP";
+          "security" = "user";
+          "browseable" = "yes";
+        };
+
+        # "private-shatteredmint" = {
+        #   "path" = "/srv/shatteredmint";
+        #   "writable" = "yes";
+        #   "comment" = "private share for shatteredmint";
+        #   "browseable" = "yes";
+        # };
+        "homes" = {
+          "path" = "/srv/private/%S";
+          "valid users" = "%S";
+          "writable" = "yes";
+          "comment" = "homes share";
+          "browseable" = "no";
+          "create mask" = "0700";
+          "directory mask" = "0700";
+        };
+
+        "shared" = {
+          "path" = "/srv/shared";
+          "writable" = "yes";
+          "comment" = "homes share";
+          "browseable" = "yes";
+          "create mask" = "0700";
+          "directory mask" = "0700";
+          "force user" = "shatteredmint";
+        };
+      };
+    };
+    samba-wsdd = {
+      enable = true;
+      openFirewall = true;
+    };
+  };
+}

users/shatteredmint.nix

@@ -11,20 +11,23 @@
     openssh.authorizedKeys.keys = [
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKT9u43WNMlu3gnu5z9Twt1vkdNdpf6REfEK/OT4qxjK shatteredmint"
     ];
+    uid = 1000;
   };
 
   
-  home-manager.users.shatteredmint = {
+  home-manager.users.shatteredmint = {config, ...}: {
     home.stateVersion = "24.11";
 
     home.username = "shatteredmint";
     home.homeDirectory = "/home/shatteredmint";
 
     programs.zsh = {
+
+      dotDir = "${config.xdg.configHome}/zsh";
       enable = true;
       autosuggestion = {
         enable = true;
-	highlight = "fg=white,bg=green,bold";
+	    highlight = "fg=white,bg=green,bold";
       };
       defaultKeymap = "viins";
 
@@ -63,23 +66,10 @@
       ];
     };
 
-    home.packages = with pkgs; [
-      thunderbird
-      firefox
-      lazygit
-      veracrypt
-      keepassxc
-      kdePackages.yakuake
-      cargo
-      zig
-      clang
-      nil
-      wl-clipboard
-      makemkv
-    ];
 
     home.sessionPath = [
       "$HOME/scripts"
     ];
+
   };
 }