nfs

hosts/kima/modules.nix

@@ -175,6 +175,11 @@
       mullvad = {
         enable = true;
       };
+      nfs = {
+        enable = true;
+        server.enable = false;
+        client.enable = true;
+      };
       nix-ld = {
         enable = false;
       };

hosts/sobotka/modules.nix

@@ -167,6 +167,11 @@
       mullvad = {
         enable = true;
       };
+      nfs = {
+        enable = true;
+        server.enable = true;
+        client.enable = false;
+      };
       nix-ld = {
         enable = false;
       };

modules/default.nix

@@ -100,6 +100,7 @@
         ./nixos/services/kanata
         ./nixos/services/locate
         ./nixos/services/mullvad
+        ./nixos/services/nfs
         ./nixos/services/nix-ld
         ./nixos/services/openssh
         ./nixos/services/pcscd

modules/nixos/services/nfs/default.nix

@@ -0,0 +1,67 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  inherit (lib) mkIf mkEnableOption mkOption types;
+  cfg = config.nixos.services.nfs;
+in {
+  options.nixos.services.nfs = {
+    enable = mkEnableOption "Enable NFS support";
+
+    server = {
+      enable = mkEnableOption "Enable the NFS server";
+      exports = mkOption {
+        type = types.str;
+        default = "/shared *(rw,async,wdelay,root_squash,no_subtree_check)";
+        description = "NFS export entries";
+      };
+    };
+
+    client = {
+      enable = mkEnableOption "Enable NFS client mounting";
+      mountPoint = mkOption {
+        type = types.str;
+        default = "/shared";
+        description = "Mount point for NFS share";
+      };
+      device = mkOption {
+        type = types.str;
+        default = "sobotka:/shared";
+        description = "Remote NFS device";
+      };
+      fsType = mkOption {
+        type = types.str;
+        default = "nfs4";
+        description = "Filesystem type";
+      };
+      options = mkOption {
+        type = types.listOf types.str;
+        default = ["x-systemd.automount"];
+        description = "Mount options";
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    boot.supportedFilesystems = ["nfs"];
+    services.rpcbind.enable = true;
+    networking.firewall = {
+      allowedTCPPorts = [2049 4000 4001 4002];
+      allowedUDPPorts = [2049 4000 4001 4002];
+    };
+
+    services.nfs.server = mkIf cfg.server.enable {
+      enable = true;
+      exports = cfg.server.exports;
+    };
+
+    fileSystems = mkIf cfg.client.enable {
+      "${cfg.client.mountPoint}" = {
+        device = cfg.client.device;
+        fsType = cfg.client.fsType;
+        options = cfg.client.options;
+      };
+    };
+  };
+}

modules/server/qbittorrent/default.nix

@@ -70,6 +70,7 @@ in {
         volumes = [
           "config:/storage/volumes/config"
           "config:/storage/volumes/downloads"
+          "/var/lib/qbittorrent:/config"
         ];
         environmentFiles = [
           config.age.secrets.gluetunEnv.path
@@ -106,6 +107,18 @@ in {
         };
       };
     };
+
+    environment.persistence."/persist/backup" = {
+      directories = [
+        {
+          directory = "/var/lib/qbittorrent";
+          user = "qbittorrent";
+          group = "qbittorrent";
+          mode = "0750";
+        }
+      ];
+    };
+
     users = {
       users.qbittorrent = {
         uid = cfg.uid;