add LAN prefer to nfs

2025-10-25 15:35:16 +02:00 · 2025-10-25 15:35:16 +02:00 · 475ab0df9b
commit 475ab0df9b
parent 73b137dc84
4 changed files with 25 additions and 11 deletions
--- a/hosts/nixos/hs/system.nix
+++ b/hosts/nixos/hs/system.nix
@ -200,7 +200,7 @@
  services.nfs-custom = {
    enable = true;
    exportPath = "/mnt/storage/Media";
-    allowedNetwork = "10.2.2.0/24";
+    allowedNetworks = [ "10.1.1.0/24" "10.2.2.0/24" ];  # LAN and WireGuard
  };
  # Login display with SMART disk health status
--- a/hosts/nixos/thinkpad/system.nix
+++ b/hosts/nixos/thinkpad/system.nix
@ -321,7 +321,8 @@
  # AutoFS auto-mounting for remote NFS shares
  services.autofs-custom = {
    enable = true;
-    remoteHost = "10.2.2.20";
+    remoteHost = "lan.hs.yanlincs.com";  # Prefer LAN when at home
    replicas = [ "10.2.2.20" ];  # Fallback to WireGuard when remote
    remotePath = "/mnt/storage/Media";
    mountPoint = "/mnt/hs-media";
  };
--- a/modules/autofs.nix
+++ b/modules/autofs.nix
@ -12,7 +12,7 @@ in
    remoteHost = mkOption {
      type = types.str;
-      description = "Remote NFS server hostname or IP";
+      description = "Primary remote NFS server hostname or IP";
    };
    remotePath = mkOption {
@ -24,15 +24,28 @@ in
      type = types.str;
      description = "Local mount point";
    };
    replicas = mkOption {
      type = types.listOf types.str;
      default = [];
      description = "Replica server hostnames or IPs for failover (in order of preference)";
    };
  };
  config = mkIf cfg.enable {
    services.autofs = {
      enable = true;
      timeout = 300;
-      autoMaster = ''
+      autoMaster =
-        ${cfg.mountPoint} -fstype=nfs4,rw,soft,intr,noatime ${cfg.remoteHost}:${cfg.remotePath}
+        let
-      '';
+          # Build server list: primary host followed by replicas
          allHosts = [ cfg.remoteHost ] ++ cfg.replicas;
          # Format as "host1:/path host2:/path host3:/path"
          locations = concatStringsSep " " (map (host: "${host}:${cfg.remotePath}") allHosts);
        in
        ''
          ${cfg.mountPoint} -fstype=nfs4,rw,soft,intr,noatime ${locations}
        '';
    };
    systemd.tmpfiles.rules = [
--- a/modules/nfs.nix
+++ b/modules/nfs.nix
@ -15,10 +15,10 @@ in
      description = "Path to export via NFS";
    };
-    allowedNetwork = mkOption {
+    allowedNetworks = mkOption {
-      type = types.str;
+      type = types.listOf types.str;
-      default = "10.2.2.0/24";
+      default = [ "10.2.2.0/24" ];
-      description = "Network allowed to access the export (CIDR)";
+      description = "Networks allowed to access the export (CIDR)";
    };
  };
@ -26,7 +26,7 @@ in
    services.nfs.server = {
      enable = true;
      exports = ''
-        ${cfg.exportPath} ${cfg.allowedNetwork}(rw,sync,no_subtree_check,no_root_squash)
+        ${cfg.exportPath} ${concatStringsSep " " (map (net: "${net}(rw,sync,no_subtree_check,no_root_squash)") cfg.allowedNetworks)}
      '';
    };
  };