feat: implement NFS with NFSv4 ID mapping across home lab

- Add NFSv4 ID mapping configuration using services.nfs.idmapd.settings
- Configure consistent domain 'home.lab' for ID mapping across all machines
- Update sleeper-service NFS server with proper security (root_squash, all_squash)
- Create reusable NFS client module (modules/services/nfs-client.nix)
- Deploy NFS client configuration to grey-area and congenital-optimist
- Maintain consistent media group GID (993) across all machines
- Support both local (10.0.0.0/24) and Tailscale (100.64.0.0/10) networks
- Test and verify NFS connectivity and ID mapping functionality

Resolves permission management issues and enables secure file sharing
across the home lab infrastructure.

modules/services/nfs-client.nix

@@ -13,23 +13,18 @@ with lib; {
 
   config = {
     # Enable NFS filesystem support
-    boot.supportedFilesystems = ["nfs"];
-
-    # Enable RPC services required for NFS
+    boot.supportedFilesystems = ["nfs"]; # Enable RPC services required for NFS
     services.rpcbind.enable = true;
 
     # NFSv4 ID mapping service - must match server configuration
-    services.nfs.idmapd = {
-      enable = true;
-      settings = {
-        General = {
-          Domain = "home.lab"; # Must match server domain
-          Verbosity = 0;
-        };
-        Mapping = {
-          Nobody-User = "nobody";
-          Nobody-Group = "nogroup";
-        };
+    services.nfs.idmapd.settings = {
+      General = {
+        Domain = "home.lab"; # Must match server domain
+        Verbosity = 0;
+      };
+      Mapping = {
+        Nobody-User = "nobody";
+        Nobody-Group = "nogroup";
       };
     };