kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity

feat(hu-berlin): add network filesystems

Browse Source
This commit is contained in:
Kierán Meinhardt
2020-12-18 10:27:34 +01:00
parent 2bf095c553
commit 10224de58a
2 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
configs/default.nix
View File

@@ -70,6 +70,7 @@ in {
hashedPassword = hashedPassword =
"$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/"; "$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/";
isNormalUser = true; isNormalUser = true;
uid = 1000;
}; };
} }
{ {

38
configs/hu-berlin.nix
View File

@@ -23,24 +23,50 @@ let
}" }"
phase2="auth=PAP" phase2="auth=PAP"
''; '';
hu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
"sec=ntlmv2"
"workgroup=german"
"username=meinhaki"
"password=${lib.strings.fileContents <secrets/mail/meinhaki>}"
"noauto"
"x-systemd.requires=hu-vpn.service"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
in { in {
networking.wireless.networks = { networking.wireless.networks = {
eduroam_5GHz.auth = eduroamAuth; eduroam_5GHz.auth = eduroamAuth;
eduroam.auth = eduroamAuth; eduroam.auth = eduroamAuth;
}; };
environment.systemPackages = [ fileSystems."/media/hu-berlin/germpro2" = {
pkgs.sshfsFuse device = "//hugerm31c.user.hu-berlin.de/germpro2/ling";
fsType = "cifs";
options = hu-berlin-cifs-options;
};
(pkgs.writers.writeDashBin "hu-vpn" '' fileSystems."/media/hu-berlin/germhome" = {
${pkgs.openfortivpn}/bin/openfortivpn -p "${eduroam.password}" -c ${pkgs.writeText "hu-berlin.config" '' device = "//hugerm31c.user.hu-berlin.de/germhome/ling/meinhaki";
fsType = "cifs";
options = hu-berlin-cifs-options;
};
systemd.services.hu-vpn = {
enable = true;
wants = [ "network-online.target" ];
script = ''
${pkgs.openfortivpn}/bin/openfortivpn -c ${pkgs.writeText "hu-berlin.config" ''
host = forti-ssl.vpn.hu-berlin.de host = forti-ssl.vpn.hu-berlin.de
port = 443 port = 443
trusted-cert = e5a7d56543002ffe1e8962caa5fd6d94053aa702381458247b670877a66f3c6f trusted-cert = e5a7d56543002ffe1e8962caa5fd6d94053aa702381458247b670877a66f3c6f
username = ${eduroam.identity} username = ${eduroam.identity}
password = ${eduroam.password}
''} ''}
'') '';
]; };
services.openvpn.servers.hu-berlin = { services.openvpn.servers.hu-berlin = {
autoStart = false; autoStart = false;