waffentrager: add acme mount from valkyrie

2024-03-23 16:18:53 +01:00 · 2024-03-23 16:18:53 +01:00 · 3b285229d7
parent 597131aba4
commit 3b285229d7
2 changed files with 21 additions and 0 deletions
--- a/configurations/host/waffentrager/services/default.nix
+++ b/configurations/host/waffentrager/services/default.nix
@ -4,7 +4,9 @@
    [
      ./elements.nix
      ./postgresql.nix
+      ./mount-acme.nix
    ];
  waffentragerService.elements.enable = true;
  waffentragerService.postgresql.enable = true;
+  waffentragerService.mount-acme.enable = true;
 }
--- a/configurations/host/waffentrager/services/mount-acme.nix
+++ b/configurations/host/waffentrager/services/mount-acme.nix
@ -0,0 +1,19 @@
+{ materusArg, config, lib, pkgs, ... }:
+{
+  options.waffentragerService.mount-acme.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable mount-acme";
+
+  config =
+    let
+      cfg = config.waffentragerService.mount-acme;
+    in
+    lib.mkIf cfg.enable {
+      environment.systemPackages = with pkgs; [ sshfs ];
+      systemd.mounts = [{
+        description = "Mount remote acme dir from valkyrie";
+        what = "acme@valkyrie:/var/lib/acme";
+        where = "/var/lib/mnt_acme";
+        type = "fuse.sshfs";
+        options = "reconnect,gid=${builtins.toString config.ids.uids.nginx},_netdev,rw,nosuid,allow_other,default_permissions,follow_symlinks,idmap=user,compression=yes,identityfile=/materus/root/ssh_host_ed25519_key";
+      }];
+    };
+}