waffentrager: add elements drive service

This commit is contained in:
2024-03-23 02:30:39 +01:00
parent e9998e42c3
commit c47555fec7
5 changed files with 44 additions and 4 deletions
@@ -0,0 +1,8 @@
{ ... }:
{
imports =
[
./elements.nix
];
waffentragerService.elements.enable = true;
}
@@ -0,0 +1,30 @@
{ materusArg, config, lib, pkgs, ... }:
{
options.waffentragerService.elements.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable elements drive";
options.waffentragerService.elements.path = lib.mkOption { default = "/var/lib/elements"; };
options.waffentragerService.elements.uuid = lib.mkOption { default = "e32039c6-e98d-44b0-8e7d-120994bf7be1"; };
config =
let
cfg = config.waffentragerService.elements;
in
lib.mkIf cfg.enable {
systemd.services.elements-mount = {
wantedBy = [ "multi-user.target" ];
path = [ pkgs.cryptsetup pkgs.coreutils pkgs.util-linux ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
script = ''
mkdir -p ${cfg.path}
cryptsetup luksOpen /dev/disk/by-uuid/${cfg.uuid} elements -d ${config.sops.secrets.elements.path}
mount /dev/mapper/elements ${cfg.path}
'';
preStop = ''
umount ${cfg.path}
cryptsetup luksClose elements
'';
};
};
}