ma share: set file-mode to 0770 for hetzner

This commit is contained in:
makefu 2022-03-01 23:26:31 +01:00
parent 4904dcf229
commit 94b29daa13
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
3 changed files with 42 additions and 5 deletions

View File

@ -0,0 +1,29 @@
{ config, lib, ... }:
with import <stockholm/lib>;
let
base-dir = config.services.rtorrent.downloadDir;
in {
users.users = {
download = {
name = "download";
home = base-dir;
isNormalUser = true;
uid = mkDefault (genid "download");
createHome = false;
useDefaultShell = true;
group = "download";
openssh.authorizedKeys.keys = [ ];
};
};
users.groups = {
download = {
gid = lib.mkDefault (genid "download");
members = [
config.krebs.build.user.name
"download"
];
};
};
}

View File

@ -1,5 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with <stockholm/lib>;
let let
automount_opts = automount_opts =
[ "x-systemd.automount" [ "x-systemd.automount"
@ -10,14 +11,16 @@ let
host = "u288834.your-storagebox.de"; host = "u288834.your-storagebox.de";
in { in {
boot.kernel.sysctl."net.ipv6.route.max_size" = 2147483647; boot.kernel.sysctl."net.ipv6.route.max_size" = 2147483647;
fileSystems."/media/cloud" = { fileSystems."/media/cloud" = {
device = "//${host}/backup"; device = "//${host}/backup";
fsType = "cifs"; fsType = "cifs";
options = automount_opts ++ options = automount_opts ++
[ "credentials=/var/src/secrets/hetzner.smb" [ "credentials=${toString <secrets/hetzner.smb>}"
"file_mode=0775" "file_mode=0770"
"dir_mode=0775" "dir_mode=0770"
"uid=9001" "uid=${toString config.users.users.download.uid}"
"gid=${toString config.users.groups.download.gid}"
#"vers=3" #"vers=3"
"vers=2.1" "vers=2.1"
"rsize=65536" "rsize=65536"
@ -25,5 +28,4 @@ in {
"iocharset=utf8" "iocharset=utf8"
]; ];
}; };
} }

View File

@ -32,6 +32,12 @@ in {
browseable = "yes"; browseable = "yes";
"guest ok" = "yes"; "guest ok" = "yes";
}; };
movies = {
path = "/media/cryptX/movies";
"read only" = "yes";
browseable = "yes";
"guest ok" = "yes";
};
audiobook = { audiobook = {
path = "/media/crypt1/audiobooks"; path = "/media/crypt1/audiobooks";
"read only" = "yes"; "read only" = "yes";