From 0bf05a02f4a1637a1b9a06ce886350e2ea9f2b96 Mon Sep 17 00:00:00 2001 From: Michael Fellinger Date: Wed, 3 Sep 2014 02:30:04 +0200 Subject: [PATCH 1/2] diod: add systemd service and config --- nixos/modules/module-list.nix | 1 + .../services/network-filesystems/diod.nix | 164 ++++++++++++++++++ 2 files changed, 165 insertions(+) create mode 100644 nixos/modules/services/network-filesystems/diod.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 76d1ed8a9d43..3604753c8804 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -192,6 +192,7 @@ ./services/network-filesystems/openafs-client/default.nix ./services/network-filesystems/rsyncd.nix ./services/network-filesystems/samba.nix + ./services/network-filesystems/diod.nix ./services/networking/amuled.nix ./services/networking/atftpd.nix ./services/networking/avahi-daemon.nix diff --git a/nixos/modules/services/network-filesystems/diod.nix b/nixos/modules/services/network-filesystems/diod.nix new file mode 100644 index 000000000000..efd8e1018f16 --- /dev/null +++ b/nixos/modules/services/network-filesystems/diod.nix @@ -0,0 +1,164 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.diod; + + diodBool = b: if b then "1" else "0"; + + diodConfig = pkgs.writeText "diod.conf" '' + allsquash = ${diodBool cfg.allsquash} + auth_required = ${diodBool cfg.authRequired} + exportall = ${diodBool cfg.exportall} + exportopts = "${concatStringsSep "," cfg.exportopts}" + exports = { ${concatStringsSep ", " (map (s: ''"${s}"'' ) cfg.exports)} } + listen = { ${concatStringsSep ", " (map (s: ''"${s}"'' ) cfg.listen)} } + logdest = "${cfg.logdest}" + nwthreads = ${toString cfg.nwthreads} + squashuser = "${cfg.squashuser}" + statfs_passthru = ${diodBool cfg.statfsPassthru} + userdb = ${diodBool cfg.userdb} + ${cfg.extraConfig} + ''; +in +{ + options = { + services.diod = { + enable = mkOption { + type = types.bool; + default = false; + description = "Whether to enable the diod 9P file server."; + }; + + listen = mkOption { + type = types.listOf types.str; + default = [ ]; + description = '' + [ "IP:PORT" [,"IP:PORT",...] ] + List the interfaces and ports that diod should listen on. + ''; + }; + + exports = mkOption { + type = types.listOf types.path; + default = []; + description = '' + List the file systems that clients will be allowed to mount. All paths should + be fully qualified. The exports table can include two types of element: + a string element (as above), + or an alternate table element form { path="/path", opts="ro" }. + In the alternate form, the (optional) opts attribute is a comma-separated list + of export options. The two table element forms can be mixed in the exports + table. Note that although diod will not traverse file system boundaries for a + given mount due to inode uniqueness constraints, subdirectories of a file + system can be separately exported. + ''; + }; + + exportall = mkOption { + type = types.bool; + default = true; + description = '' + Export all file systems listed in /proc/mounts. If new file systems are mounted + after diod has started, they will become immediately mountable. If there is a + duplicate entry for a file system in the exports list, any options listed in + the exports entry will apply. + ''; + }; + + exportopts = mkOption { + type = types.listOf types.str; + default = []; + description = '' + Establish a default set of export options. These are overridden, not appended + to, by opts attributes in an "exports" entry. + ''; + }; + + nwthreads = mkOption { + type = types.int; + default = 16; + description = '' + Sets the (fixed) number of worker threads created to handle 9P + requests for a unique aname. The default is 16 per aname. + ''; + }; + + authRequired = mkOption { + type = types.bool; + default = false; + description = '' + Allow clients to connect without authentication, i.e. without a valid MUNGE credential. + Default is false. + ''; + }; + + userdb = mkOption { + type = types.bool; + default = false; + description = '' + This option disables password/group lookups. It allows any uid to attach and + assumes gid=uid, and supplementary groups contain only the primary gid. + Default is false + ''; + }; + + allsquash = mkOption { + type = types.bool; + default = true; + description = '' + Remap all users to "nobody". The attaching user need not be present in the + password file. + Default is true + ''; + }; + + squashuser = mkOption { + type = types.str; + default = "nobody"; + description = '' + Change the squash user from the default of "nobody". The squash user must be + present in the password file. + ''; + }; + + logdest = mkOption { + type = types.str; + default = "syslog:daemon:err"; + description = '' + Set the destination for logging. + DEST is in the form of "syslog:facility:level" or "filename". + The default is "syslog:daemon:err". + ''; + }; + + + statfsPassthru = mkOption { + type = types.bool; + default = false; + description = '' + This option configures statfs to return the host file system's type + rather than V9FS_MAGIC. The default is false (return V9FS_MAGIC). + ''; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = "Extra configuration options for diod.conf."; + }; + }; + }; + + config = mkIf config.services.diod.enable { + environment.systemPackages = [ pkgs.diod ]; + + systemd.services.diod = { + description = "diod 9P file server"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + ExecStart = "${pkgs.diod}/sbin/diod -c ${diodConfig}"; + }; + }; + }; +} From e805c78ed3a19c362305a2c7633e0d718c4e2665 Mon Sep 17 00:00:00 2001 From: Michael Fellinger Date: Wed, 3 Sep 2014 02:55:00 +0200 Subject: [PATCH 2/2] diod: remove redundant default doc --- nixos/modules/services/network-filesystems/diod.nix | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/nixos/modules/services/network-filesystems/diod.nix b/nixos/modules/services/network-filesystems/diod.nix index efd8e1018f16..1ab5f52d438c 100644 --- a/nixos/modules/services/network-filesystems/diod.nix +++ b/nixos/modules/services/network-filesystems/diod.nix @@ -79,7 +79,7 @@ in default = 16; description = '' Sets the (fixed) number of worker threads created to handle 9P - requests for a unique aname. The default is 16 per aname. + requests for a unique aname. ''; }; @@ -88,7 +88,6 @@ in default = false; description = '' Allow clients to connect without authentication, i.e. without a valid MUNGE credential. - Default is false. ''; }; @@ -98,7 +97,6 @@ in description = '' This option disables password/group lookups. It allows any uid to attach and assumes gid=uid, and supplementary groups contain only the primary gid. - Default is false ''; }; @@ -108,7 +106,6 @@ in description = '' Remap all users to "nobody". The attaching user need not be present in the password file. - Default is true ''; }; @@ -116,8 +113,7 @@ in type = types.str; default = "nobody"; description = '' - Change the squash user from the default of "nobody". The squash user must be - present in the password file. + Change the squash user. The squash user must be present in the password file. ''; }; @@ -126,8 +122,7 @@ in default = "syslog:daemon:err"; description = '' Set the destination for logging. - DEST is in the form of "syslog:facility:level" or "filename". - The default is "syslog:daemon:err". + The value has the form of "syslog:facility:level" or "filename". ''; }; @@ -137,7 +132,7 @@ in default = false; description = '' This option configures statfs to return the host file system's type - rather than V9FS_MAGIC. The default is false (return V9FS_MAGIC). + rather than V9FS_MAGIC. ''; };