2016-03-22 23:40:35 -07:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
let
|
|
|
|
|
cfg = config.services.tahoe;
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
options.services.tahoe = {
|
|
|
|
|
introducers = mkOption {
|
|
|
|
|
default = {};
|
2016-11-16 16:31:05 +09:00
|
|
|
type = with types; attrsOf (submodule {
|
2016-09-11 18:02:15 +09:00
|
|
|
options = {
|
|
|
|
|
nickname = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The nickname of this Tahoe introducer.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
tub.port = mkOption {
|
|
|
|
|
default = 3458;
|
|
|
|
|
type = types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The port on which the introducer will listen.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
tub.location = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The external location that the introducer should listen on.
|
|
|
|
|
|
|
|
|
|
If specified, the port should be included.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
package = mkOption {
|
|
|
|
|
default = pkgs.tahoelafs;
|
|
|
|
|
defaultText = "pkgs.tahoelafs";
|
|
|
|
|
type = types.package;
|
|
|
|
|
example = literalExample "pkgs.tahoelafs";
|
|
|
|
|
description = ''
|
|
|
|
|
The package to use for the Tahoe LAFS daemon.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
});
|
2016-03-22 23:40:35 -07:00
|
|
|
description = ''
|
|
|
|
|
The Tahoe introducers.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
nodes = mkOption {
|
|
|
|
|
default = {};
|
2016-11-16 16:31:05 +09:00
|
|
|
type = with types; attrsOf (submodule {
|
2016-09-11 18:02:15 +09:00
|
|
|
options = {
|
|
|
|
|
nickname = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The nickname of this Tahoe node.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
tub.port = mkOption {
|
|
|
|
|
default = 3457;
|
|
|
|
|
type = types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The port on which the tub will listen.
|
2016-03-22 23:40:35 -07:00
|
|
|
|
2016-09-11 18:02:15 +09:00
|
|
|
This is the correct setting to tweak if you want Tahoe's storage
|
|
|
|
|
system to listen on a different port.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
tub.location = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The external location that the node should listen on.
|
2016-04-02 11:34:49 -07:00
|
|
|
|
2016-09-11 18:02:15 +09:00
|
|
|
This is the setting to tweak if there are multiple interfaces
|
|
|
|
|
and you want to alter which interface Tahoe is advertising.
|
2016-04-02 11:34:49 -07:00
|
|
|
|
2016-09-11 18:02:15 +09:00
|
|
|
If specified, the port should be included.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
web.port = mkOption {
|
|
|
|
|
default = 3456;
|
|
|
|
|
type = types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The port on which the Web server will listen.
|
2016-03-22 23:40:35 -07:00
|
|
|
|
2016-09-11 18:02:15 +09:00
|
|
|
This is the correct setting to tweak if you want Tahoe's WUI to
|
|
|
|
|
listen on a different port.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
client.introducer = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The furl for a Tahoe introducer node.
|
2016-03-22 23:40:35 -07:00
|
|
|
|
2016-09-11 18:02:15 +09:00
|
|
|
Like all furls, keep this safe and don't share it.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
client.helper = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The furl for a Tahoe helper node.
|
2016-03-22 23:40:35 -07:00
|
|
|
|
2016-09-11 18:02:15 +09:00
|
|
|
Like all furls, keep this safe and don't share it.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
client.shares.needed = mkOption {
|
|
|
|
|
default = 3;
|
|
|
|
|
type = types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The number of shares required to reconstitute a file.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
client.shares.happy = mkOption {
|
|
|
|
|
default = 7;
|
|
|
|
|
type = types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The number of distinct storage nodes required to store
|
|
|
|
|
a file.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
client.shares.total = mkOption {
|
|
|
|
|
default = 10;
|
|
|
|
|
type = types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The number of shares required to store a file.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
storage.enable = mkEnableOption "storage service";
|
|
|
|
|
storage.reservedSpace = mkOption {
|
|
|
|
|
default = "1G";
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The amount of filesystem space to not use for storage.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
helper.enable = mkEnableOption "helper service";
|
2016-10-28 22:23:53 -07:00
|
|
|
sftpd.enable = mkEnableOption "SFTP service";
|
|
|
|
|
sftpd.port = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.int;
|
|
|
|
|
description = ''
|
|
|
|
|
The port on which the SFTP server will listen.
|
|
|
|
|
|
|
|
|
|
This is the correct setting to tweak if you want Tahoe's SFTP
|
|
|
|
|
daemon to listen on a different port.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
sftpd.hostPublicKeyFile = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.path;
|
|
|
|
|
description = ''
|
|
|
|
|
Path to the SSH host public key.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
sftpd.hostPrivateKeyFile = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.path;
|
|
|
|
|
description = ''
|
|
|
|
|
Path to the SSH host private key.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
sftpd.accounts.file = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.path;
|
|
|
|
|
description = ''
|
|
|
|
|
Path to the accounts file.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
sftpd.accounts.url = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
URL of the accounts server.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2016-09-11 18:02:15 +09:00
|
|
|
package = mkOption {
|
|
|
|
|
default = pkgs.tahoelafs;
|
|
|
|
|
defaultText = "pkgs.tahoelafs";
|
|
|
|
|
type = types.package;
|
|
|
|
|
example = literalExample "pkgs.tahoelafs";
|
|
|
|
|
description = ''
|
|
|
|
|
The package to use for the Tahoe LAFS daemon.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2016-03-22 23:40:35 -07:00
|
|
|
};
|
2016-09-11 18:02:15 +09:00
|
|
|
});
|
|
|
|
|
description = ''
|
|
|
|
|
The Tahoe nodes.
|
|
|
|
|
'';
|
2016-03-22 23:40:35 -07:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
config = mkMerge [
|
|
|
|
|
(mkIf (cfg.introducers != {}) {
|
|
|
|
|
environment = {
|
|
|
|
|
etc = flip mapAttrs' cfg.introducers (node: settings:
|
|
|
|
|
nameValuePair "tahoe-lafs/introducer-${node}.cfg" {
|
|
|
|
|
mode = "0444";
|
|
|
|
|
text = ''
|
|
|
|
|
# This configuration is generated by Nix. Edit at your own
|
|
|
|
|
# peril; here be dragons.
|
|
|
|
|
|
|
|
|
|
[node]
|
|
|
|
|
nickname = ${settings.nickname}
|
|
|
|
|
tub.port = ${toString settings.tub.port}
|
2016-04-02 11:34:49 -07:00
|
|
|
${optionalString (settings.tub.location != null)
|
|
|
|
|
"tub.location = ${settings.tub.location}"}
|
2016-03-22 23:40:35 -07:00
|
|
|
'';
|
|
|
|
|
});
|
|
|
|
|
# Actually require Tahoe, so that we will have it installed.
|
|
|
|
|
systemPackages = flip mapAttrsToList cfg.introducers (node: settings:
|
|
|
|
|
settings.package
|
|
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
# Open up the firewall.
|
|
|
|
|
# networking.firewall.allowedTCPPorts = flip mapAttrsToList cfg.introducers
|
|
|
|
|
# (node: settings: settings.tub.port);
|
|
|
|
|
systemd.services = flip mapAttrs' cfg.introducers (node: settings:
|
|
|
|
|
let
|
|
|
|
|
pidfile = "/run/tahoe.introducer-${node}.pid";
|
|
|
|
|
# This is a directory, but it has no trailing slash. Tahoe commands
|
|
|
|
|
# get antsy when there's a trailing slash.
|
|
|
|
|
nodedir = "/var/db/tahoe-lafs/introducer-${node}";
|
|
|
|
|
in nameValuePair "tahoe.introducer-${node}" {
|
|
|
|
|
description = "Tahoe LAFS node ${node}";
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
|
path = [ settings.package ];
|
|
|
|
|
restartTriggers = [
|
|
|
|
|
config.environment.etc."tahoe-lafs/introducer-${node}.cfg".source ];
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "simple";
|
|
|
|
|
PIDFile = pidfile;
|
2016-11-19 15:12:42 +01:00
|
|
|
# Believe it or not, Tahoe is very brittle about the order of
|
2019-02-19 10:23:47 -08:00
|
|
|
# arguments to $(tahoe run). The node directory must come first,
|
2016-11-19 15:12:42 +01:00
|
|
|
# and arguments which alter Twisted's behavior come afterwards.
|
|
|
|
|
ExecStart = ''
|
2019-02-19 10:23:47 -08:00
|
|
|
${settings.package}/bin/tahoe run ${lib.escapeShellArg nodedir} --pidfile=${lib.escapeShellArg pidfile}
|
2016-11-19 15:12:42 +01:00
|
|
|
'';
|
2016-03-22 23:40:35 -07:00
|
|
|
};
|
|
|
|
|
preStart = ''
|
2017-04-27 18:42:49 +02:00
|
|
|
if [ ! -d ${lib.escapeShellArg nodedir} ]; then
|
2016-03-22 23:40:35 -07:00
|
|
|
mkdir -p /var/db/tahoe-lafs
|
2019-02-19 09:55:23 -08:00
|
|
|
# See https://github.com/NixOS/nixpkgs/issues/25273
|
|
|
|
|
tahoe create-introducer \
|
|
|
|
|
--hostname="${config.networking.hostName}" \
|
|
|
|
|
${lib.escapeShellArg nodedir}
|
2016-03-22 23:40:35 -07:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Tahoe has created a predefined tahoe.cfg which we must now
|
|
|
|
|
# scribble over.
|
|
|
|
|
# XXX I thought that a symlink would work here, but it doesn't, so
|
|
|
|
|
# we must do this on every prestart. Fixes welcome.
|
|
|
|
|
# rm ${nodedir}/tahoe.cfg
|
|
|
|
|
# ln -s /etc/tahoe-lafs/introducer-${node}.cfg ${nodedir}/tahoe.cfg
|
2017-04-27 18:42:49 +02:00
|
|
|
cp /etc/tahoe-lafs/introducer-"${node}".cfg ${lib.escapeShellArg nodedir}/tahoe.cfg
|
2016-03-22 23:40:35 -07:00
|
|
|
'';
|
|
|
|
|
});
|
2018-06-30 01:58:35 +02:00
|
|
|
users.users = flip mapAttrs' cfg.introducers (node: _:
|
2016-03-22 23:40:35 -07:00
|
|
|
nameValuePair "tahoe.introducer-${node}" {
|
|
|
|
|
description = "Tahoe node user for introducer ${node}";
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
});
|
|
|
|
|
})
|
|
|
|
|
(mkIf (cfg.nodes != {}) {
|
|
|
|
|
environment = {
|
|
|
|
|
etc = flip mapAttrs' cfg.nodes (node: settings:
|
|
|
|
|
nameValuePair "tahoe-lafs/${node}.cfg" {
|
|
|
|
|
mode = "0444";
|
|
|
|
|
text = ''
|
|
|
|
|
# This configuration is generated by Nix. Edit at your own
|
|
|
|
|
# peril; here be dragons.
|
|
|
|
|
|
|
|
|
|
[node]
|
|
|
|
|
nickname = ${settings.nickname}
|
|
|
|
|
tub.port = ${toString settings.tub.port}
|
2016-04-02 11:34:49 -07:00
|
|
|
${optionalString (settings.tub.location != null)
|
|
|
|
|
"tub.location = ${settings.tub.location}"}
|
2016-03-22 23:40:35 -07:00
|
|
|
# This is a Twisted endpoint. Twisted Web doesn't work on
|
|
|
|
|
# non-TCP. ~ C.
|
|
|
|
|
web.port = tcp:${toString settings.web.port}
|
|
|
|
|
|
|
|
|
|
[client]
|
|
|
|
|
${optionalString (settings.client.introducer != null)
|
|
|
|
|
"introducer.furl = ${settings.client.introducer}"}
|
|
|
|
|
${optionalString (settings.client.helper != null)
|
|
|
|
|
"helper.furl = ${settings.client.helper}"}
|
|
|
|
|
|
|
|
|
|
shares.needed = ${toString settings.client.shares.needed}
|
|
|
|
|
shares.happy = ${toString settings.client.shares.happy}
|
|
|
|
|
shares.total = ${toString settings.client.shares.total}
|
|
|
|
|
|
|
|
|
|
[storage]
|
2017-04-11 18:08:51 +02:00
|
|
|
enabled = ${boolToString settings.storage.enable}
|
2016-03-22 23:40:35 -07:00
|
|
|
reserved_space = ${settings.storage.reservedSpace}
|
|
|
|
|
|
|
|
|
|
[helper]
|
2017-04-11 18:08:51 +02:00
|
|
|
enabled = ${boolToString settings.helper.enable}
|
2016-10-28 22:23:53 -07:00
|
|
|
|
|
|
|
|
[sftpd]
|
2017-04-11 18:08:51 +02:00
|
|
|
enabled = ${boolToString settings.sftpd.enable}
|
2016-10-28 22:23:53 -07:00
|
|
|
${optionalString (settings.sftpd.port != null)
|
|
|
|
|
"port = ${toString settings.sftpd.port}"}
|
|
|
|
|
${optionalString (settings.sftpd.hostPublicKeyFile != null)
|
|
|
|
|
"host_pubkey_file = ${settings.sftpd.hostPublicKeyFile}"}
|
|
|
|
|
${optionalString (settings.sftpd.hostPrivateKeyFile != null)
|
|
|
|
|
"host_privkey_file = ${settings.sftpd.hostPrivateKeyFile}"}
|
|
|
|
|
${optionalString (settings.sftpd.accounts.file != null)
|
|
|
|
|
"accounts.file = ${settings.sftpd.accounts.file}"}
|
|
|
|
|
${optionalString (settings.sftpd.accounts.url != null)
|
|
|
|
|
"accounts.url = ${settings.sftpd.accounts.url}"}
|
2016-03-22 23:40:35 -07:00
|
|
|
'';
|
|
|
|
|
});
|
|
|
|
|
# Actually require Tahoe, so that we will have it installed.
|
|
|
|
|
systemPackages = flip mapAttrsToList cfg.nodes (node: settings:
|
|
|
|
|
settings.package
|
|
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
# Open up the firewall.
|
|
|
|
|
# networking.firewall.allowedTCPPorts = flip mapAttrsToList cfg.nodes
|
|
|
|
|
# (node: settings: settings.tub.port);
|
|
|
|
|
systemd.services = flip mapAttrs' cfg.nodes (node: settings:
|
|
|
|
|
let
|
|
|
|
|
pidfile = "/run/tahoe.${node}.pid";
|
|
|
|
|
# This is a directory, but it has no trailing slash. Tahoe commands
|
|
|
|
|
# get antsy when there's a trailing slash.
|
|
|
|
|
nodedir = "/var/db/tahoe-lafs/${node}";
|
|
|
|
|
in nameValuePair "tahoe.${node}" {
|
|
|
|
|
description = "Tahoe LAFS node ${node}";
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
|
path = [ settings.package ];
|
|
|
|
|
restartTriggers = [
|
|
|
|
|
config.environment.etc."tahoe-lafs/${node}.cfg".source ];
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "simple";
|
|
|
|
|
PIDFile = pidfile;
|
2016-11-19 15:12:42 +01:00
|
|
|
# Believe it or not, Tahoe is very brittle about the order of
|
2019-02-19 10:23:47 -08:00
|
|
|
# arguments to $(tahoe run). The node directory must come first,
|
2016-11-19 15:12:42 +01:00
|
|
|
# and arguments which alter Twisted's behavior come afterwards.
|
|
|
|
|
ExecStart = ''
|
2019-02-19 10:23:47 -08:00
|
|
|
${settings.package}/bin/tahoe run ${lib.escapeShellArg nodedir} --pidfile=${lib.escapeShellArg pidfile}
|
2016-11-19 15:12:42 +01:00
|
|
|
'';
|
2016-03-22 23:40:35 -07:00
|
|
|
};
|
|
|
|
|
preStart = ''
|
2017-04-27 18:42:49 +02:00
|
|
|
if [ ! -d ${lib.escapeShellArg nodedir} ]; then
|
2016-03-22 23:40:35 -07:00
|
|
|
mkdir -p /var/db/tahoe-lafs
|
2017-04-27 18:42:49 +02:00
|
|
|
tahoe create-node --hostname=localhost ${lib.escapeShellArg nodedir}
|
2016-03-22 23:40:35 -07:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Tahoe has created a predefined tahoe.cfg which we must now
|
|
|
|
|
# scribble over.
|
|
|
|
|
# XXX I thought that a symlink would work here, but it doesn't, so
|
|
|
|
|
# we must do this on every prestart. Fixes welcome.
|
|
|
|
|
# rm ${nodedir}/tahoe.cfg
|
2017-04-27 18:42:49 +02:00
|
|
|
# ln -s /etc/tahoe-lafs/${lib.escapeShellArg node}.cfg ${nodedir}/tahoe.cfg
|
|
|
|
|
cp /etc/tahoe-lafs/${lib.escapeShellArg node}.cfg ${lib.escapeShellArg nodedir}/tahoe.cfg
|
2016-03-22 23:40:35 -07:00
|
|
|
'';
|
|
|
|
|
});
|
2018-06-30 01:58:35 +02:00
|
|
|
users.users = flip mapAttrs' cfg.nodes (node: _:
|
2016-03-22 23:40:35 -07:00
|
|
|
nameValuePair "tahoe.${node}" {
|
|
|
|
|
description = "Tahoe node user for node ${node}";
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
});
|
|
|
|
|
})
|
|
|
|
|
];
|
|
|
|
|
}
|
