Fix s3fs mount and secrets

2023-07-29 21:38:06 +02:00 · 2023-07-29 21:38:06 +02:00 · ccce9fbd31
commit ccce9fbd31
parent 502b1a1091
20 changed files with 151 additions and 123 deletions
--- a/instances/baldur/hm.nix
+++ b/instances/baldur/hm.nix
@ -7,6 +7,28 @@
    };
    packages = builtins.attrValues { inherit (pkgs) nix-prefetch-scripts; };
  };
+
+  systemd.user.services.garage-home-s3 = {
+    Unit = {
+      After = [ "network.target" "network-online.target" "local-fs.target" ];
+      AssertPathIsDirectory = "/home/bertof/s3";
+      AssertPathIsReadWrite = "/home/bertof/s3";
+      Description = "Mount S3 bucket in bertof's home";
+      StartLimitBurst = 5;
+      StartLimitInterval = 200;
+      Wants = [ "network.target" "network-online.target" ];
+    };
+    Service = {
+      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_baldur_key.path},use_path_request_style,url=http://localhost:3900";
+      Restart = "always";
+      RestartSec = 30;
+      Type = "exec";
+    };
+    Install = {
+      WantedBy = [ "default.target" ];
+    };
+  };
+
  imports = [
    ../../modules/hm/__basic.nix

@ -26,23 +48,5 @@
    # ../../modules/hm/noti.nix
  ];

-  systemd.user.services.garage-home-s3 = {
-    Unit = {
-      After = [ "network.target" "network-online.target" "local-fs.target" ];
-      AssertPathIsDirectory = "/home/bertof/s3";
-      AssertPathIsReadWrite = "/home/bertof/s3";
-      Description = "Mount S3 bucket in bertof's home";
-      Wants = [ "network.target" "network-online.target" ];
-    };
-    Service = {
-      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_baldur_key.path},use_path_request_style,url=http://localhost:3900";
-      Type = "exec";
-    };
-    Install = {
-      WantedBy = [ "default.target" ];
-    };
-  };
-
-
  home.stateVersion = "22.05";
 }
--- a/instances/baldur/hm_tiziano.nix
+++ b/instances/baldur/hm_tiziano.nix
@ -13,10 +13,14 @@
      AssertPathIsDirectory = "/home/tiziano/s3";
      AssertPathIsReadWrite = "/home/tiziano/s3";
      Description = "Mount S3 bucket in tiziano's home";
+      StartLimitBurst = 5;
+      StartLimitInterval = 200;
      Wants = [ "network.target" "network-online.target" ];
    };
    Service = {
      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d tiziano /home/tiziano/s3 -o passwd_file=${nixosConfig.age.secrets.garage_tiziano_baldur_key.path},use_path_request_style,url=http://localhost:3900";
+      Restart = "always";
+      RestartSec = 30;
      Type = "exec";
    };
    Install = {
--- a/instances/freya/hm.nix
+++ b/instances/freya/hm.nix
@ -17,10 +17,14 @@
      AssertPathIsDirectory = "/home/bertof/s3";
      AssertPathIsReadWrite = "/home/bertof/s3";
      Description = "Mount S3 bucket in bertof's home";
+      StartLimitBurst = 5;
+      StartLimitInterval = 200;
      Wants = [ "network.target" "network-online.target" ];
    };
    Service = {
      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_freya_key.path},use_path_request_style,url=http://localhost:3900";
+      Restart = "always";
+      RestartSec = 30;
      Type = "exec";
    };
    Install = {
--- a/instances/loki/hm.nix
+++ b/instances/loki/hm.nix
@ -13,10 +13,14 @@
      AssertPathIsDirectory = "/home/bertof/s3";
      AssertPathIsReadWrite = "/home/bertof/s3";
      Description = "Mount S3 bucket in bertof's home";
+      StartLimitBurst = 5;
+      StartLimitInterval = 200;
      Wants = [ "network.target" "network-online.target" ];
    };
    Service = {
      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_loki_key.path},use_path_request_style,url=http://localhost:3900";
+      Restart = "always";
+      RestartSec = 30;
      Type = "exec";
    };
    Install = {
--- a/instances/loki/hm_tiziano.nix
+++ b/instances/loki/hm_tiziano.nix
@ -13,10 +13,14 @@
      AssertPathIsDirectory = "/home/tiziano/s3";
      AssertPathIsReadWrite = "/home/tiziano/s3";
      Description = "Mount S3 bucket in tiziano's home";
+      StartLimitBurst = 5;
+      StartLimitInterval = 200;
      Wants = [ "network.target" "network-online.target" ];
    };
    Service = {
      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d tiziano /home/tiziano/s3 -o passwd_file=${nixosConfig.age.secrets.garage_tiziano_loki_key.path},use_path_request_style,url=http://localhost:3900";
+      Restart = "always";
+      RestartSec = 30;
      Type = "exec";
    };
    Install = {
--- a/instances/odin/hm.nix
+++ b/instances/odin/hm.nix
@ -48,10 +48,14 @@
      AssertPathIsDirectory = "/home/bertof/s3";
      AssertPathIsReadWrite = "/home/bertof/s3";
      Description = "Mount S3 bucket in bertof's home";
+      StartLimitBurst = 5;
+      StartLimitInterval = 200;
      Wants = [ "network.target" "network-online.target" ];
    };
    Service = {
      ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_odin_key.path},use_path_request_style,url=http://localhost:3900";
+      Restart = "always";
+      RestartSec = 30;
      Type = "exec";
    };
    Install = {