From 85ccce45b9d76de3070125d443a99fe0d13767ba Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Fri, 12 Jul 2024 01:52:26 +0200
Subject: [PATCH 1/2] Server: move transmission nfs share settings to
 transmission.nix

---
 roles/server/nfs.nix          | 18 ------------------
 roles/server/transmission.nix | 29 ++++++++++++++++++++++++++++-
 2 files changed, 28 insertions(+), 19 deletions(-)

diff --git a/roles/server/nfs.nix b/roles/server/nfs.nix
index 5122cc7..e6aff84 100755
--- a/roles/server/nfs.nix
+++ b/roles/server/nfs.nix
@@ -2,29 +2,11 @@
   services = {
     nfs.server = {
       enable = true;
-      exports = ''
-        ${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid})
-      '';
       # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall
       statdPort = 4000;
       lockdPort = 4001;
       mountdPort = 4002;
     };
-
-    avahi.extraServiceFiles = {
-      Transmission-downloads-nfs = ''
-        <?xml version="1.0" standalone='no'?>
-        <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
-        <service-group>
-        	<name replace-wildcards="yes">Transmission Downloads on %h (NFS)</name>
-        	<service>
-        		<type>_nfs._tcp</type>
-        		<port>2049</port>
-        		<txt-record>path=${config.services.transmission.settings.download-dir}</txt-record>
-        	</service>
-        </service-group>
-      '';
-    };
   };
 
   networking.firewall = {
diff --git a/roles/server/transmission.nix b/roles/server/transmission.nix
index 3e64aec..9b90f1b 100755
--- a/roles/server/transmission.nix
+++ b/roles/server/transmission.nix
@@ -1,4 +1,8 @@
-{config, ...}: {
+{config, ...}: let
+  transmissionUid = toString config.users.users.transmission.uid;
+  transmissionGid = toString config.users.groups.transmission.gid;
+  mountPoint = config.fileSystems."nfs_transmission".mountPoint;
+in {
   services.transmission = {
     enable = true;
     openFirewall = true;
@@ -10,6 +14,29 @@
     };
   };
 
+  # Allow my devices to access the downloads folder though NFS
+  fileSystems."nfs_transmission" = {
+    device = config.services.transmission.settings.download-dir;
+    mountPoint = "/srv/nfs/transmission";
+    options = ["bind"];
+  };
+  services.nfs.server.exports = "${mountPoint} *.sable-pancake.ts.net(ro,all_squash,anonuid=${transmissionUid},anongid=${transmissionGid})";
+
+  services.avahi.extraServiceFiles = {
+    Transmission-downloads-nfs = ''
+      <?xml version="1.0" standalone='no'?>
+      <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+      <service-group>
+      	<name replace-wildcards="yes">Transmission Downloads on %h (NFS)</name>
+      	<service>
+      		<type>_nfs._tcp</type>
+      		<port>2049</port>
+      		<txt-record>path=${mountPoint}</txt-record>
+      	</service>
+      </service-group>
+    '';
+  };
+
   # Add a cname for transmission
   services.dnsmasq.settings.cname = ["transmission.everest.sable-pancake.ts.net,everest"];
 

From a826c532e558fbb7c19834fb56a39933e62e4b95 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Fri, 12 Jul 2024 02:02:52 +0200
Subject: [PATCH 2/2] Server/nfs: add nfs root

---
 roles/server/nfs.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/server/nfs.nix b/roles/server/nfs.nix
index e6aff84..22dbe91 100755
--- a/roles/server/nfs.nix
+++ b/roles/server/nfs.nix
@@ -2,6 +2,7 @@
   services = {
     nfs.server = {
       enable = true;
+      exports = "/srv/nfs *.sable-pancake.ts.net(ro,fsid=root)";
       # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall
       statdPort = 4000;
       lockdPort = 4001;