From f85907ffc86c8fa10cb9b6b759382d622c75f113 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Thu, 22 Jan 2026 17:10:04 +0900 Subject: [PATCH] temmie/nfs-mounts: generate systemd units ourselves --- hosts/temmie/services/nfs-mounts.nix | 62 +++++++++++++++++++++------- 1 file changed, 46 insertions(+), 16 deletions(-) diff --git a/hosts/temmie/services/nfs-mounts.nix b/hosts/temmie/services/nfs-mounts.nix index 125cc20..3b831de 100644 --- a/hosts/temmie/services/nfs-mounts.nix +++ b/hosts/temmie/services/nfs-mounts.nix @@ -1,21 +1,51 @@ -{ pkgs, lib, ... }: +{ lib, ... }: +let + # See microbel:/etc/exports + letters = [ "a" "b" "c" "d" "h" "i" "j" "k" "l" "m" "z" ]; +in { - fileSystems = let - # See microbel:/etc/exports - shorthandAreas = lib.listToAttrs (map - (l: lib.nameValuePair "/run/pvv-home-mounts/${l}" "homepvv${l}.pvv.ntnu.no:/export/home/pvv/${l}") - [ "a" "b" "c" "d" "h" "i" "j" "k" "l" "m" "z" ]); - in { } - // - (lib.mapAttrs (_: device: { - inherit device; - fsType = "nfs"; - options = [ + systemd.mounts = map (l: { + description = "PVV Homedirs Partition ${l}"; + + before = [ "remote-fs.target" ]; + wantedBy = [ "multi-user.target" ]; + + type = "nfs"; + what = "homepvv${l}.pvv.ntnu.no:/export/home/pvv/${l}"; + where = "/run/pvv-home-mounts/${l}"; + + options = lib.concatStringsSep "," [ "nfsvers=3" - "noauto" "proto=tcp" - "x-systemd.automount" - "x-systemd.idle-timeout=300" + "auto" + "async" + + # We don't want to update access time constantly + "noatime" + + # No SUID/SGID, no special devices + "nosuid" + "nodev" + + # TODO: are there cgi scripts that modify stuff in peoples homedirs? + # "ro" + "rw" + + # TODO: can we enable this and still run cgi stuff? + # "noexec" ]; - }) shorthandAreas); + }) letters; + + systemd.automounts = map (l: { + description = "PVV Homedirs Partition ${l}"; + + wantedBy = [ "multi-user.target" ]; + + where = "/run/pvv-home-mounts/${l}"; + + automountConfig = { + # Unmount if not accessed in 5 mins + TimeoutIdleSec = "5min"; + }; + }) letters; }