diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2024-01-02 16:32:52 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2024-01-02 22:55:10 +0530 |
| commit | 880ca20d73086666760e7416b6871e941d2c5bd3 (patch) | |
| tree | bc6fcb724fe1de8dbab7aad94d82e8eabe891468 /hosts/cez/modules | |
| parent | 84fb4decd77e893a3551bfbef36fb789a563434e (diff) | |
cez/sshfs: refactor to reflect changes made in 84fb4de
Diffstat (limited to 'hosts/cez/modules')
| -rw-r--r-- | hosts/cez/modules/sshfs.nix | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/hosts/cez/modules/sshfs.nix b/hosts/cez/modules/sshfs.nix index a1f1904..a9ff183 100644 --- a/hosts/cez/modules/sshfs.nix +++ b/hosts/cez/modules/sshfs.nix @@ -1,22 +1,27 @@ { config, pkgs, ... }: let - user = config.userdata.user; domain = config.userdata.domain; + user = config.userdata.user; + uid = config.users.users.${user}.uid; + gid = config.users.groups.users.gid; in { + sops.secrets."misc/sftp" = {}; system.fsPackages = with pkgs; [ sshfs ]; fileSystems."/kay" = { - device = "${user}@${domain}:"; + device = "sftp@${domain}:"; fsType = "sshfs"; options = [ "allow_other" # for non-root access + "uid=${toString uid}" + "gid=${toString gid}" "_netdev" # this is a network fs "x-systemd.automount" # mount on demand "reconnect" # handle connection drops "ServerAliveInterval=15" # keep connections alive - "IdentityFile=/var/secrets/ssh/${user}.key" + "IdentityFile=${config.sops.secrets."misc/sftp".path}" ]; }; } |