From 7a7b3315d0fff76f5a4c45c9de4e5f7640e62e7e Mon Sep 17 00:00:00 2001
From: Jonas Hahn <jonashahn1@gmx.net>
Date: Sun, 31 Aug 2025 04:55:23 +0200
Subject: [PATCH] Added webdav module that just works with the new server setup

---
 hosts/minoxy-workstation/configuration.nix | 13 +++---
 modules/hardware/nvidia.nix                |  8 +++-
 modules/services/webdav.nix                | 46 ++++++++++++++++++++++
 secrets.yaml                               |  6 +--
 4 files changed, 61 insertions(+), 12 deletions(-)
 create mode 100644 modules/services/webdav.nix

diff --git a/hosts/minoxy-workstation/configuration.nix b/hosts/minoxy-workstation/configuration.nix
index b3bfdf8..e096815 100644
--- a/hosts/minoxy-workstation/configuration.nix
+++ b/hosts/minoxy-workstation/configuration.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, inputs, ... }:
 
 {
 	imports = [
@@ -8,7 +8,10 @@
 		./../../modules/common.nix
 
 		./../../modules/hardware/xremap.nix
-		./../../modules/hardware/nvidia.nix
+		./../../modules/services/webdav.nix
+		#./../../modules/hardware/nvidia.nix
+
+		inputs.sops-nix.nixosModules.sops
 	];
 
 	networking.hostName = "minoxy";
@@ -21,12 +24,6 @@
 	systemd.targets.sleep.enable = true;
 	systemd.targets.suspend.enable = true;
 
-	environment.systemPackages = with pkgs; [
-		(blender.override {
-			cudaSupport = true;
-		})
-	];
-
 	virtualisation.docker.enable = true;
 	virtualisation.docker.storageDriver = "btrfs";
 
diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix
index c552e02..6618007 100644
--- a/modules/hardware/nvidia.nix
+++ b/modules/hardware/nvidia.nix
@@ -1,4 +1,4 @@
-{ config, ... }:
+{ pkgs, config, ... }:
 
 {
 	hardware.graphics = {
@@ -13,6 +13,12 @@
 		package = config.boot.kernelPackages.nvidiaPackages.stable;
 	};
 
+	environment.systemPackages = with pkgs; [
+		(blender.override {
+			cudaSupport = true;
+		})
+	];
+
 	# This causes very long build times
 	#nixpkgs.config.cudaSupport = true;
 	#hardware.enableAllFirmware = true;
diff --git a/modules/services/webdav.nix b/modules/services/webdav.nix
new file mode 100644
index 0000000..61b7fb6
--- /dev/null
+++ b/modules/services/webdav.nix
@@ -0,0 +1,46 @@
+{ inputs, config, ... }:
+
+{
+	imports = [
+		inputs.sops-nix.nixosModules.sops
+	];
+
+	services.davfs2.enable = true;
+
+	sops = {
+		defaultSopsFile = ./../../secrets.yaml;
+		defaultSopsFormat = "yaml";
+		age.keyFile =  "/home/jonas/.config/sops/age/keys.txt";
+		templates = {
+			"davtemp" = {
+				owner = "root";
+				content = ''${config.sops.placeholder.webdav_secret}'';
+				mode = "0600";
+				path = "/etc/davfs2/secrets";
+			};
+		};
+		secrets = {
+			webdav_secret = {
+				owner = "jonas";
+			};
+		};
+	};
+
+	# Ensure the mountpoint directory exists
+	systemd.tmpfiles.rules = [
+		"d /mnt/webdav 0755 jonas users -"
+	];
+
+	# Just works
+	systemd.mounts = [
+		{
+			description = "Webdav mount point";
+			wants = [ "network-online.target" ];
+			what = "https://dav.hahn1.one";
+			where = "/mnt/webdav";
+			type = "davfs";
+			options = "uid=1000,gid=1000,file_mode=0664,dir_mode=2775,_netdev";
+			mountConfig.TimeoutSec = "5s";
+		}
+	];
+}
diff --git a/secrets.yaml b/secrets.yaml
index af10305..14b7f53 100644
--- a/secrets.yaml
+++ b/secrets.yaml
@@ -1,4 +1,4 @@
-hello: ENC[AES256_GCM,data:k1EMjZbnlcpYw5pcRtQHGDfa/O++mQfxdr9vBHx+UFVFbofKaCKGEIdrVUE16Q==,iv:ahDFZ2w9BIpIANQSU02lNVx/iSUJD5PhlLATAjQmEdY=,tag:w5+8IWG8zb211Vc+UTwg3g==,type:str]
+webdav_secret: ENC[AES256_GCM,data:OZyEFW/Aw2dPqZFvZoPWA/BBO7k/lzw0UVffuuEuNBTkjN+eHAxFZw==,iv:Y6kTyMb5wD5iJ1g6OHPiHGuu8qFjiduau0mjcS8KLjs=,tag:97OIL+aegLCMjlJM0SdJBg==,type:str]
 sops:
     age:
         - recipient: age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv
@@ -10,7 +10,7 @@ sops:
             dmFEc1hrR3czZTBzU2pLQ0ZUL3VPblEKRwy03xI+qiTMJsmG/pe/3WoB8c+vLtXo
             kaYY18r3tICKfxQQyDWh3Gevo2+CGhblCcgJ3AnyWQBqIZwIudDuHw==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-08-30T23:26:45Z"
-    mac: ENC[AES256_GCM,data:N2986cJFr1zr7bykl1FDIJRqhO+gzXjqrL9ly1z3DNrbB8uus2ab7SrynueBdQvbICMslBuj3Q2WliEqpc8E0Td71bBaKz0kmbVBvrNm9HoRmQMkRSDQderBSrhlUnYYlwYViKOS07eoGGzvJ6LRpS4VCznW/S2/RJxSUmQ3oms=,iv:7RsMmeEDgWEZSKVPHibeoSYldYUf2sOI/HaVKAW6p8o=,tag:yjZ7LxfXUd1e6w6VNzIA5w==,type:str]
+    lastmodified: "2025-08-31T02:50:46Z"
+    mac: ENC[AES256_GCM,data:Gl7cLnEJ3TVL4gS4CAZQESJyzVWqm3aSLN/doLBHnAYL/Shu42ygJuuT+jKdFXo4tXKjYJuvw7gmuoVFx0L23lRpqUeU4b9fExmJX/ZVGZwJC3nreFCBqx8LWkF2cGtZJ1HObu97EzlKBxQ8c/QZZ/v3C4pAfwxNNiVavu8BUfg=,iv:qeKjETggLjtCNCyuM2z5WX4JGPcxcN99QBPQmK/a0NE=,tag:NwV56PeRGcxsdn46lre2Sg==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2