fix rsync command

add backup cron job
disable visibility for homes
2026-03-19 23:09:02 +01:00 · 2026-03-19 22:25:38 +01:00 · 2026-03-19 22:05:36 +01:00 · 2026-03-19 22:00:51 +01:00 · 2026-03-19 21:40:24 +01:00 · 2026-03-19 21:29:54 +01:00
5 changed files with 95 additions and 17 deletions
--- a/devices/nas.nix
+++ b/devices/nas.nix
@@ -26,15 +26,15 @@
  #    fsType = "ext4";
  #  };

-  #fileSystems."/srv/dev-disk-by-uuid-18333f38-626c-4c22-af29-314a87282809" =
-  #  { device = "/dev/mapper/base--storage-ShatteredMINT";
-  #    fsType = "ext4";
-  #  };
+  fileSystems."/srv/private" =
+   { device = "/dev/mapper/base--storage-ShatteredMINT";
+     fsType = "ext4";
+   };

-  #fileSystems."/srv/dev-disk-by-uuid-98570615-8eda-4a45-8a20-3c58b50e3d79" =
-  #  { device = "/dev/mapper/base--storage-NAS";
-  #    fsType = "ext4";
-  #  };
+  fileSystems."/srv/shared" =
+   { device = "/dev/mapper/base--storage-NAS";
+     fsType = "ext4";
+   };

  #fileSystems."/export/ShatteredMINT" =
  #  { device = "/srv/dev-disk-by-uuid-18333f38-626c-4c22-af29-314a87282809";
@@ -73,4 +73,11 @@
  networking.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+
+  services.cron = {
+   enable = true;
+   systemCronJobs = [
+     "* 20 * * *     root rsync -Pav -e 'ssh -i /root/.ssh/backup' /srv backup@192.168.178.24:/ 1>> /root/backup.log 2>> /root/backup.err"
+   ];
+  };
 }
--- a/flake.nix
+++ b/flake.nix
@@ -67,6 +67,7 @@
          ./configuration.nix

          ./users/shatteredmint.nix
+          ./software/samba.nix
        ];
      };
    };
--- a/network-shares.nix
+++ b/network-shares.nix
@@ -1,17 +1,37 @@
 { config, lib, pkgs, ... }:

 { 
-  # mount network shares
-  fileSystems."/mnt/nas/private" = {
-    device = "dashboard.omv:/ShatteredMINT";
-    fsType = "nfs";
-    options = [ "x-systemd.automount" "noauto" ];
+  environment.systemPackages = [ pkgs.cifs-utils ];
+  fileSystems."/mnt/share/private" = {
+    device = "//192.168.178.108/shatteredmint";
+    fsType = "cifs";
+    options = let
+      # this line prevents hanging on network split
+      automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";

+    in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=${toString config.users.users.shatteredmint.uid},gid=${toString config.users.groups.users.gid}"];
  };
-  fileSystems."/mnt/nas/shared" = {
-    device = "dashboard.omv:/default-nas";
-    fsType = "nfs";
-    options = [ "x-systemd.automount" "noauto" ];
+  fileSystems."/mnt/share/shared" = {
+    device = "//192.168.178.108/shared";
+    fsType = "cifs";
+    options = let
+      # this line prevents hanging on network split
+      automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";

+    in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=${toString config.users.users.shatteredmint.uid},gid=${toString config.users.groups.users.gid}"];
  };
+
+  # # mount network shares
+  # fileSystems."/mnt/nas/private" = {
+  #   device = "dashboard.omv:/ShatteredMINT";
+  #   fsType = "nfs";
+  #   options = [ "x-systemd.automount" "noauto" ];
+  #
+  # };
+  # fileSystems."/mnt/nas/shared" = {
+  #   device = "dashboard.omv:/default-nas";
+  #   fsType = "nfs";
+  #   options = [ "x-systemd.automount" "noauto" ];
+  #
+  # };
 }
--- a/software/samba.nix
+++ b/software/samba.nix
@@ -0,0 +1,49 @@
+{config, pkgs, ...} : {
+  services = {
+    samba = {
+      enable = true;
+      package = pkgs.samba4Full;
+      openFirewall = true;
+
+      settings = {
+        global = {
+          "server smb encrypt" = "required";
+          "server min protocol" = "SMB3_00";
+          "workgroup" = "WORKGROUP";
+          "security" = "user";
+          "browseable" = "yes";
+        };
+
+        # "private-shatteredmint" = {
+        #   "path" = "/srv/shatteredmint";
+        #   "writable" = "yes";
+        #   "comment" = "private share for shatteredmint";
+        #   "browseable" = "yes";
+        # };
+        "homes" = {
+          "path" = "/srv/private/%S";
+          "valid users" = "%S";
+          "writable" = "yes";
+          "comment" = "homes share";
+          "browseable" = "no";
+          "create mask" = "0700";
+          "directory mask" = "0700";
+        };
+
+        "shared" = {
+          "path" = "/srv/shared";
+          "writable" = "yes";
+          "comment" = "homes share";
+          "browseable" = "yes";
+          "create mask" = "0700";
+          "directory mask" = "0700";
+          "force user" = "shatteredmint";
+        };
+      };
+    };
+    samba-wsdd = {
+      enable = true;
+      openFirewall = true;
+    };
+  };
+}
--- a/users/shatteredmint.nix
+++ b/users/shatteredmint.nix
@@ -11,6 +11,7 @@
    openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKT9u43WNMlu3gnu5z9Twt1vkdNdpf6REfEK/OT4qxjK shatteredmint"
    ];
+    uid = 1000;
  };
Author	SHA1	Message	Date
ShatteredMINT	2644e7f843	fix rsync command	2026-03-19 23:09:02 +01:00
ShatteredMINT	4ba0830997	add backup cron job	2026-03-19 22:25:38 +01:00
ShatteredMINT	1b3257fbf2	disable visibility for homes	2026-03-19 22:05:36 +01:00
ShatteredMINT	7a484976f8	add share share to mounts	2026-03-19 22:00:51 +01:00
ShatteredMINT	e27b5206e7	add shared share	2026-03-19 21:40:24 +01:00
ShatteredMINT	103a5f3b2d	fix user permissions on smb mount	2026-03-19 21:29:54 +01:00
ShatteredMINT	4ff36b1000	update samba configuration	2026-03-19 20:36:56 +01:00
ShatteredMINT	ae5f6f1fc4	test samba configuration for nas	2026-03-19 20:10:29 +01:00