nixos-config/vaccaria.nix

{ config, pkgs, ... }:

{
  imports =
    [
      ./common-headless.nix
    ];

  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/sdg"; # or "nodev" for efi only

  networking = {
    hostName = "vaccaria";
    hostId = "3d551a7c";
  };

  users.extraUsers.gebner.extraGroups = ["transmission"];

  boot.supportedFilesystems = ["zfs"];
  boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;

  system.stateVersion = "17.03";

  fileSystems."/mnt/vaccaria" = pkgs.lib.mkOverride 10 {
    device = "vaccaria/export";
    fsType = "zfs";
  };

  fileSystems."/home/drebner" = pkgs.lib.mkOverride 10 {
    device = "vaccaria/drebner";
    fsType = "zfs";
  };

  users.extraUsers.drebner = {
    isNormalUser = true;
  };

 services.samba = {
   enable = true;
   extraConfig = ''
     passdb backend = tdbsam
     unix password sync = no
     min protocol = NT1
   '';
   shares = {
     export = {
       "guest ok" = "no";
       "read only" = "no";
       path = "/mnt/vaccaria";
     };
     drebner = {
       "guest ok" = "no";
       "read only" = "no";
       path = "/home/drebner";
     };
   };
 };

 services.transmission = {
   enable = true;
   settings = {
     download-dir = "/mnt/vaccaria/torrents";
     incomplete-dir = "/mnt/vaccaria/torrents";

     peer-port = 51414;
   };
 };

  networking.firewall = {
    allowedTCPPorts = [
      445 139 # samba
      config.services.transmission.settings.peer-port
      config.services.rsyncd.port
    ];
    allowedUDPPorts = [
      137 138 # samba
    ];
  };

  environment.systemPackages = with pkgs; [
    transmission
    samba
    rdiff-backup
  ];


  # fancontrol
  boot.kernelModules = ["it87"];
  # systemd.services.fancontrol =
  #   let fancontrolConfig = pkgs.writeText "fancontrol" ''
  #     # Configuration file generated by pwmconfig, changes will be lost
  #     INTERVAL=10
  #     DEVPATH=hwmon1=devices/pci0000:00/0000:00:18.3 hwmon0=devices/platform/it87.552
  #     DEVNAME=hwmon1=k10temp hwmon0=it8720
  #     FCTEMPS=hwmon0/pwm3=hwmon1/temp1_input hwmon0/pwm1=hwmon1/temp1_input
  #     FCFANS=hwmon0/pwm3=hwmon0/fan1_input hwmon0/pwm1=hwmon0/fan1_input
  #     MINTEMP=hwmon0/pwm3=40 hwmon0/pwm1=40
  #     MAXTEMP=hwmon0/pwm3=65 hwmon0/pwm1=65
  #     MINSTART=hwmon0/pwm3=150 hwmon0/pwm1=150
  #     MINSTOP=hwmon0/pwm3=0 hwmon0/pwm1=100
  #   ''; in {
  #   description = "fancontrol from lm_sensors";
  #   wantedBy = ["multi-user.target"];
  #   serviceConfig.ExecStart = "${pkgs.lm_sensors}/bin/fancontrol ${fancontrolConfig}";
  # };

  # hdd spindown
  powerManagement.powerUpCommands = ''
    ${pkgs.hdparm}/bin/hdparm -B200 -S0 /dev/sd{a,b,c,d,e,f}
  '';

  services.rsyncd = {
    enable = true;
    modules = {
      lr_mobile = {
        path = "/mnt/vaccaria/fotos/lr_mobile";
        "read only" = "yes";
      };
    };
  };

  users.extraUsers.gebner.openssh.authorizedKeys.keys = [
    ''command="rdiff-backup --server --restrict-read-only /",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiZhy9mm9sUeomfe9Vj5JhNE4l7YOkj7Yiii5Ni2RzUyj/dc9pxvNJSI+om/ruwb1n2gIYi0bOpwrZGiyvrUrpiqLcOwU6IOYLxnQ3E9nHLX3rsGMIyJtMcoBOcTY/rJMogqA4m6uMaaPEaeBlS5F/qb5UGIvQ7YlW1rF75RJ/QXrdL3Y7R3OJbG90QGR5EThs/1HOEBUKgkEcPQDodzNvZ8hFtznWrCw5bMSQYGMfY4WBc1b7UdLaYZ6vghQgsZ5IyvFDvCNTHTfhObYhv71YMXDkocAyI8XecNP1hoJ67oZ1xn06LEUEMiuXIQ4Ss7RYZLzNc2yrd5RYqCdd4x1n backups@aruanus''
  ];

}