Add jupiter storage

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

hosts/jupiter/users/nick/default.nix

@@ -50,7 +50,10 @@ in
     fullName = "Nikolaos Karaolidis";
     description = "Nikolaos Karaolidis";
     hashedPasswordFile = config.sops.secrets."${user}-password".path;
-    extraGroups = [ "wheel" ];
+    extraGroups = [
+      "wheel"
+      "storage"
+    ];
     linger = true;
     uid = lib.strings.toInt (builtins.readFile ./uid);
     openssh.authorizedKeys.keys = [
@@ -62,4 +65,8 @@ in
     username = user;
     homeDirectory = home;
   };
+
+  systemd.tmpfiles.rules = [
+    "d /mnt/storage/private/${user} 0700 ${user} ${config.users.users.${user}.group}"
+  ];
 }

hosts/jupiter/users/storm/configs/console/podman/default.nix

@@ -28,9 +28,11 @@ in
   };
 
   home-manager.users.${user} = {
-    virtualisation.quadlet = {
-      autoUpdate.enable = true;
-    };
+    virtualisation.quadlet.autoUpdate.enable = true;
+
+    systemd.user.tmpfiles.rules = [
+      "d /mnt/storage/private/storm/containers/storage/volumes 700 storm storm"
+    ];
 
     sops = {
       secrets."registry/docker.io".sopsFile = ../../../../../../../secrets/personal/secrets.yaml;

hosts/jupiter/users/storm/default.nix

@@ -33,7 +33,10 @@ in
       createHome = true;
       description = "Container Runner";
       hashedPasswordFile = config.sops.secrets."${user}-password".path;
-      extraGroups = [ "wheel" ];
+      extraGroups = [
+        "wheel"
+        "storage"
+      ];
       linger = true;
       uid = lib.strings.toInt (builtins.readFile ./uid);
       group = user;
@@ -51,4 +54,8 @@ in
     username = user;
     homeDirectory = home;
   };
+
+  systemd.tmpfiles.rules = [
+    "d /mnt/storage/private/${user} 0700 ${user} ${config.users.users.${user}.group}"
+  ];
 }