Chore: move more implementation details out of service definitions

2024-09-17 10:42:09 -04:00 · 2024-09-17 10:42:09 -04:00 · 45d0e19862
parent 0693336769
commit 45d0e19862
3 changed files with 25 additions and 5 deletions
--- a/hosts/Hevana/default.nix
+++ b/hosts/Hevana/default.nix
@ -93,7 +93,11 @@ in
    gpu.amd.enable = true;

    # Enable support for primary RAID array
-    raid.storage.enable = true;
+    raid.storage = {
+      enable = true;
+      keyFile = config.secrets.devices.storage.keyFile.path;
+      mailAddr = config.secrets.users.aires.email;
+    };

    # Change how long old generations are kept for.
    retentionPeriod = "30d";
--- a/modules/services/boinc.nix
+++ b/modules/services/boinc.nix
@ -31,6 +31,8 @@ in
      allowRemoteGuiRpc = true;
    };

+    systemd.services.boinc.unitConfig.RequiresMountsFor = cfg.home;
+
    # Allow connections via BOINC Manager
    networking.firewall.allowedTCPPorts = [ 31416 ];
  };
--- a/modules/system/raid.nix
+++ b/modules/system/raid.nix
@ -7,7 +7,21 @@ in
  options = {
    aux.system.raid = {
      enable = lib.mkEnableOption "Enables RAID support.";
-      storage.enable = lib.mkEnableOption "Enables support for the storage array.";
+      storage = {
+        enable = lib.mkEnableOption "Enables support for the storage array.";
+        mailAddr = lib.mkOption {
+          default = "";
+          type = lib.types.str;
+          description = "Address to email in case of issues.";
+          example = "admin@example.com";
+        };
+        keyFile = lib.mkOption {
+          default = "";
+          type = lib.types.path;
+          description = "Path to the key file to use to auto-unlock the array.";
+          example = /home/user/storage.key;
+        };
+      };
    };
  };

@ -17,12 +31,12 @@ in
      aux.system.raid.enable = true;
      boot.swraid.mdadmConf = ''
        ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
-        MAILADDR ${config.secrets.users.aires.email}
+        MAILADDR ${cfg.storage.mailAddr}
      '';

      # Auto-unlock RAID array with a key file
-      environment.etc."crypttab".text = ''
-        storage /dev/md/Sapana ${config.secrets.devices.storage.keyFile.path} nofail,keyfile-timeout=5s
+      environment.etc."crypttab".text = lib.mkIf (cfg.storage.keyFile != "") ''
+        storage /dev/md/Sapana ${toString cfg.storage.keyFile} nofail,keyfile-timeout=5s
      '';
      fileSystems."/storage" = {
        device = "/dev/mapper/storage";