From ee98b5cf8967c82df2a2a5e436ef4b08eda82716 Mon Sep 17 00:00:00 2001
From: Sam <samual.shop@proton.me>
Date: Sun, 19 Jan 2025 12:22:29 +0000
Subject: [PATCH 1/2] MODIFY: update flake secrets

---
 flake.lock | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/flake.lock b/flake.lock
index 26ffb07..8faaf6e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -538,11 +538,11 @@
     },
     "nix-secrets": {
       "locked": {
-        "lastModified": 1737285182,
-        "narHash": "sha256-ZnKYk0PIkmi6bT602bM+nwho+p5d67OU1YAy47ljeX0=",
+        "lastModified": 1737289135,
+        "narHash": "sha256-gyRNbWriRKU+2ISw0IU+IyN6tPLFVpKHlUMu9XJnlaA=",
         "ref": "refs/heads/master",
-        "rev": "d92a47388c617d90d127f154cfc4507ce0b390b2",
-        "revCount": 214,
+        "rev": "66732e26abe33ba633c157837b24701635866199",
+        "revCount": 215,
         "type": "git",
         "url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
       },

From ba181205c48777508e31023805d9080a6ef1e13d Mon Sep 17 00:00:00 2001
From: Sam <samual.shop@proton.me>
Date: Sun, 19 Jan 2025 12:22:50 +0000
Subject: [PATCH 2/2] FEATURE: setup nfs-client on citadel

---
 hosts/citadel/default.nix                     |  9 ++++---
 .../common/optional/fileserver-nfs-mount.nix  | 27 -------------------
 .../optional/fileserver/nfs-client/media.nix  |  3 ++-
 .../fileserver/nfs-client/personal.nix        |  3 ++-
 .../optional/fileserver/nfs-client/photos.nix |  3 ++-
 5 files changed, 11 insertions(+), 34 deletions(-)
 delete mode 100644 hosts/common/optional/fileserver-nfs-mount.nix

diff --git a/hosts/citadel/default.nix b/hosts/citadel/default.nix
index 6f3d799..07686f0 100644
--- a/hosts/citadel/default.nix
+++ b/hosts/citadel/default.nix
@@ -49,9 +49,9 @@ in {
     ../common/optional/openssh.nix
     ../common/optional/dwm.nix
 
-    # ../common/optional/fileserver/media.nix
-    # ../common/optional/fileserver/homeshare.nix
-    # ../common/optional/fileserver/photos.nix
+    ../common/optional/fileserver/nfs-client/media.nix
+    ../common/optional/fileserver/nfs-client/photos.nix
+    ../common/optional/fileserver/nfs-client/personal.nix
 
     ../common/optional/printing.nix
     ../common/optional/backlight.nix
@@ -69,9 +69,10 @@ in {
   ];
 
   boot = {
+    supportedFilesystems = ["nfs"];
     blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
     kernelModules = ["iwlwifi"];
-    initrd.kernelModules = ["thinkpad-acpi" "acpi-call"];
+    initrd.kernelModules = ["thinkpad-acpi" "acpi-call" "nfs"];
     kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
     extraModulePackages = [
       config.boot.kernelPackages.acpi_call
diff --git a/hosts/common/optional/fileserver-nfs-mount.nix b/hosts/common/optional/fileserver-nfs-mount.nix
deleted file mode 100644
index f31f7d7..0000000
--- a/hosts/common/optional/fileserver-nfs-mount.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{...}:
-{
-  fileSystems."/exports" = {
-    device = "/dev/vdb1";
-    fsType = "ext4";
-  };
-
- services.nfs.server = {
-    enable = true;
-    # fixed rpc.statd port; for firewall
-    lockdPort = 4001;
-    mountdPort = 4002;
-    statdPort = 4000;
-    extraNfsdConfig = '''';
-    exports = ''
-      /exports    *(rw,insecure,all_squash)
-    '';
-  };
-  # open nfs ports
-  networking.firewall = {
-    enable = true;
-      # for NFSv3; view with `rpcinfo -p`
-    allowedTCPPorts = [ 111 2049 4000 4001 4002 20048 ];
-    allowedUDPPorts = [ 111 2049 4000 4001 4002 20048 ];
-  };
-}
-
diff --git a/hosts/common/optional/fileserver/nfs-client/media.nix b/hosts/common/optional/fileserver/nfs-client/media.nix
index 3e55822..0855314 100644
--- a/hosts/common/optional/fileserver/nfs-client/media.nix
+++ b/hosts/common/optional/fileserver/nfs-client/media.nix
@@ -1,6 +1,7 @@
-{configVars, ...}: let
+{configVars, pkgs, ...}: let
   fileserverIp = configVars.networking.addresses.fileserver.ip;
 in {
+  environment.systemPackages = [pkgs.nfs-utils];
   fileSystems."/media/media" = {
     device = "${fileserverIp}:/srv/export/media";
     fsType = "nfs";
diff --git a/hosts/common/optional/fileserver/nfs-client/personal.nix b/hosts/common/optional/fileserver/nfs-client/personal.nix
index f64af8f..d8a882a 100644
--- a/hosts/common/optional/fileserver/nfs-client/personal.nix
+++ b/hosts/common/optional/fileserver/nfs-client/personal.nix
@@ -1,6 +1,7 @@
-{configVars, ...}: let
+{configVars, pkgs, ...}: let
   fileserverIp = configVars.networking.addresses.fileserver.ip;
 in {
+  environment.systemPackages = [pkgs.nfs-utils];
   fileSystems."/media/personal" = {
     device = "${fileserverIp}:/srv/export/personal";
     fsType = "nfs";
diff --git a/hosts/common/optional/fileserver/nfs-client/photos.nix b/hosts/common/optional/fileserver/nfs-client/photos.nix
index df16a23..ca639f6 100644
--- a/hosts/common/optional/fileserver/nfs-client/photos.nix
+++ b/hosts/common/optional/fileserver/nfs-client/photos.nix
@@ -1,6 +1,7 @@
-{configVars, ...}: let
+{configVars, pkgs, ...}: let
   fileserverIp = configVars.networking.addresses.fileserver.ip;
 in {
+  environment.systemPackages = [pkgs.nfs-utils];
   fileSystems."/media/photos" = {
     device = "${fileserverIp}:/srv/export/photos";
     fsType = "nfs";