From 4a57978f4533384ec85f6e24d84758c0ec3168c2 Mon Sep 17 00:00:00 2001
From: Geir Okkenhaug Jerstad <geokkjer@gmail.com>
Date: Sat, 7 Jun 2025 16:33:34 +0000
Subject: [PATCH] fixed nfs

---
 machines/grey-area/configuration.nix          |  4 ++--
 machines/grey-area/hardware-configuration.nix |  5 +----
 machines/reverse-proxy/configuration.nix      |  4 ++--
 machines/sleeper-service/configuration.nix    |  8 ++++----
 machines/sleeper-service/nfs.nix              | 15 ++++++++-------
 modules/users/sma.nix                         |  5 ++++-
 6 files changed, 21 insertions(+), 20 deletions(-)

diff --git a/machines/grey-area/configuration.nix b/machines/grey-area/configuration.nix
index 7939910..a75419c 100644
--- a/machines/grey-area/configuration.nix
+++ b/machines/grey-area/configuration.nix
@@ -39,7 +39,7 @@
 
   # Mount remote filesystem
   fileSystems."/mnt/remote/media" = {
-    device = "sleeper-service:/mnt/storage";
+    device = "sleeper-service:/mnt/storage/media";
     fsType = "nfs";
     options = [ 
       "x-systemd.automount"
@@ -94,7 +94,7 @@
 
   # Firewall
   networking.firewall.enable = true;
-  networking.firewall.allowedTCPPorts = [ 22 23231];
+  networking.firewall.allowedTCPPorts = [ 22 3000 23231];
   networking.firewall.allowedUDPPorts = [ 22 23231 ];
   networking.nftables.enable = true;
   system.stateVersion = "23.05"; # Do not change this, it maintains data compatibility.
diff --git a/machines/grey-area/hardware-configuration.nix b/machines/grey-area/hardware-configuration.nix
index d23a899..bb57062 100644
--- a/machines/grey-area/hardware-configuration.nix
+++ b/machines/grey-area/hardware-configuration.nix
@@ -22,10 +22,7 @@
     { device = "/dev/disk/by-uuid/E251-F60A";
       fsType = "vfat";
     };
-  fileSystems."/mnt/remote/media" =
-    { device = "sleeper-service:/mnt/storage";
-      fsType = "nfs";
-    };
+
   swapDevices = [ ];
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
diff --git a/machines/reverse-proxy/configuration.nix b/machines/reverse-proxy/configuration.nix
index eb391d6..11910f3 100644
--- a/machines/reverse-proxy/configuration.nix
+++ b/machines/reverse-proxy/configuration.nix
@@ -72,7 +72,7 @@
       "git.geokkjer.eu" = {
         addSSL = true;
         enableACME = true;
-        locations."/".proxyPass = "http://apps:3000";
+        locations."/".proxyPass = "http://grey-area:3000";
       };
       #"geokkjer.eu" = {
       #  default = true;
@@ -85,7 +85,7 @@
     # Stream configuration for SSH forwarding to Git server
     streamConfig = ''
       upstream git_ssh_backend {
-          server apps:22;
+          server grey-area:22;
       }
       
       server {
diff --git a/machines/sleeper-service/configuration.nix b/machines/sleeper-service/configuration.nix
index 3d16891..d72c55e 100644
--- a/machines/sleeper-service/configuration.nix
+++ b/machines/sleeper-service/configuration.nix
@@ -58,10 +58,10 @@
   # ];
   
   # Create mount directories early in boot process
-  systemd.tmpfiles.rules = [
-    "d /mnt/storage 0755 root root -"
-    "d /mnt/storage/media 0755 root root -"
-  ];
+  # systemd.tmpfiles.rules = [
+  #   "d /mnt/storage 0755 root root -"
+  #   "d /mnt/storage/media 0755 root root -"
+  # ];
 
   # Network configuration - using working setup from old config
   # networking.hostName = "sleeper-service";
diff --git a/machines/sleeper-service/nfs.nix b/machines/sleeper-service/nfs.nix
index 5cf2a4f..8398cab 100644
--- a/machines/sleeper-service/nfs.nix
+++ b/machines/sleeper-service/nfs.nix
@@ -9,19 +9,20 @@
     # Export the storage directory (ZFS dataset)
     # Allow access from both local network and Tailscale network
     exports = ''
-      /mnt/storage    10.0.0.0/24(rw,sync,no_subtree_check,no_root_squash) 100.64.0.0/10(rw,sync,no_subtree_check,no_root_squash)
+      /mnt/storage       10.0.0.0/24(rw,sync,no_subtree_check,no_root_squash) 100.64.0.0/10(rw,sync,no_subtree_check,no_root_squash)
+      /mnt/storage/media 10.0.0.0/24(rw,sync,no_subtree_check,no_root_squash) 100.64.0.0/10(rw,sync,no_subtree_check,no_root_squash)
     '';
     # Create exports on startup
     createMountPoints = true;
   };
 
   # Ensure the storage subdirectories exist (ZFS dataset is mounted at /mnt/storage)
-  systemd.tmpfiles.rules = [
-    "d /mnt/storage/media 0755 sma users -"
-    "d /mnt/storage/downloads 0755 sma users -"
-    "d /mnt/storage/backups 0755 sma users -"
-    "d /mnt/storage/shares 0755 sma users -"
-  ];
+  # systemd.tmpfiles.rules = [
+  #   "d /mnt/storage/media 0755 sma users -"
+  #   "d /mnt/storage/downloads 0755 sma users -"
+  #   "d /mnt/storage/backups 0755 sma users -"
+  #   "d /mnt/storage/shares 0755 sma users -"
+  # ];
 
   # Required packages for NFS
   environment.systemPackages = with pkgs; [
diff --git a/modules/users/sma.nix b/modules/users/sma.nix
index 86bf65f..be81927 100644
--- a/modules/users/sma.nix
+++ b/modules/users/sma.nix
@@ -7,6 +7,7 @@
   users.users.sma = {
     description = "Diziet Sma - System Administrator";
     isNormalUser = true;
+    uid = 1001;     # Fixed UID for consistency across machines
     group = "sma";  # Primary group
     
     # Admin privileges
@@ -132,5 +133,7 @@
   ];
 
   # Create the sma group
-  users.groups.sma = {};
+  users.groups.sma = {
+    gid = 992;  # Fixed GID for consistency across machines
+  };
 }