Delay nix-gc until /home is mounted

Prevents starting the garbage collector before the remote FS are
mounted, in particular /home. Otherwise, all the gcroots which have
symlinks in /home will be considered stale and they will be removed.

See: #79
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>

m/common/base/nix.nix

@@ -32,6 +32,21 @@
     };
   };
 
+  # The nix-gc.service can begin its execution *before* /home is mounted,
+  # causing it to remove all gcroots considering them as stale, as it cannot
+  # access the symlink. To prevent this problem, we force the service to wait
+  # until /home is mounted as well as other remote FS like /ceph.
+  systemd.services.nix-gc = {
+    # Start remote-fs.target if not already being started and fail if it fails
+    # to start. It will also be stopped if the remote-fs.target fails after
+    # starting successfully.
+    bindsTo = [ "remote-fs.target" ];
+    # Wait until remote-fs.target fully starts before starting this one.
+    after = [ "remote-fs.target"];
+    # Ensure we can access a remote path inside /home
+    unitConfig.ConditionPathExists = "/home/Computational";
+  };
+
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave

m/common/base/users.nix

@@ -100,6 +100,19 @@
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGMwlUZRf9jfG666Qa5Sb+KtEhXqkiMlBV2su3x/dXHq victor@arch"
         ];
       };
+
+      dbautist = {
+        uid = 5649;
+        isNormalUser = true;
+        home = "/home/Computational/dbautist";
+        description = "Dylan Bautista Cases";
+        group = "Computational";
+        hosts = [ "hut" ];
+        hashedPassword = "$6$a2lpzMRVkG9nSgIm$12G6.ka0sFX1YimqJkBAjbvhRKZ.Hl090B27pdbnQOW0wzyxVWySWhyDDCILjQELky.HKYl9gqOeVXW49nW7q/";
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAb+EQBoS98zrCwnGKkHKwMLdYABMTqv7q9E0+T0QmkS dbautist@bsc-848818791"
+        ];
+      };
     };
 
     groups = {

m/hut/configuration.nix

@@ -17,19 +17,12 @@
     ./gitea.nix
     ./msmtp.nix
     ./postgresql.nix
-    ./nginx.nix
-    ./p.nix
     #./pxe.nix
   ];
 
   # Select the this using the ID to avoid mismatches
   boot.loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSC2BB240G7_PHDV6462004Y240AGN";
 
-  fileSystems."/nvme" = {
-    fsType = "ext4";
-    device = "/dev/disk/by-label/nvme";
-  };
-
   networking = {
     hostName = "hut";
     interfaces.eno1.ipv4.addresses = [ {

m/hut/nginx.nix

@@ -1,14 +0,0 @@
-{
-  services.nginx = {
-    enable = true;
-    virtualHosts."jungle.bsc.es" = {
-      listen = [
-        {
-          addr = "127.0.0.1";
-          port = 8123;
-        }
-      ];
-      locations."/p/".alias = "/ceph/p/";
-    };
-  };
-}

m/hut/p.nix

@@ -1,22 +0,0 @@
-{ pkgs, ... }:
-let
-  p = pkgs.writeShellScriptBin "p" ''
-    set -e
-    cd /ceph
-    pastedir="p/$USER"
-    mkdir -p "$pastedir"
-
-    if [ -n "$1" ]; then
-            out="$pastedir/$1"
-    else
-            out=$(mktemp "$pastedir/XXXXXXXX.txt")
-    fi
-
-    cat > "$out"
-    chmod go+r "$out"
-    echo "https://jungle.bsc.es/$out"
-  '';
-in
-{
-  environment.systemPackages = with pkgs; [ p ];
-}

m/module/ceph.nix

@@ -13,22 +13,10 @@
 
   age.secrets.cephUser.file = ../../secrets/ceph-user.age;
 
-  fileSystems."/ceph-slow" = {
-    fsType = "ceph";
-    device = "user@9c8d06e0-485f-4aaf-b16b-06d6daf1232b.cephfs=/";
-    options = [
-      "mon_addr=10.0.40.40"
-      "secretfile=${config.age.secrets.cephUser.path}"
-    ];
-  };
-
-  services.cachefilesd.enable = true;
-
   fileSystems."/ceph" = {
     fsType = "ceph";
     device = "user@9c8d06e0-485f-4aaf-b16b-06d6daf1232b.cephfs=/";
     options = [
-      "fsc"
       "mon_addr=10.0.40.40"
       "secretfile=${config.age.secrets.cephUser.path}"
     ];