public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nfsd service: use upstream systemd units

Browse Source 
* Use /etc/nfs.conf as the recommended upstream way to configure services.
* Move server options to nfsd module.
This commit is contained in:
Nikolay Amiantov 2017-01-29 21:11:50 +03:00
parent 58d6b40893
commit e0e9fddf56
3 changed files with 84 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nixos/modules/rename.nix
View File

@ -172,6 +172,10 @@ with lib;
(mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ]) (mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ])
(mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths" ) (mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths" )
# nfs
(mkRenamedOptionModule [ "services" "nfs" "lockdPort" ] [ "services" "nfs" "server" "lockdPort" ])
(mkRenamedOptionModule [ "services" "nfs" "statdPort" ] [ "services" "nfs" "server" "statdPort" ])
# Options that are obsolete and have no replacement. # Options that are obsolete and have no replacement.
(mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "") (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "")
(mkRemovedOptionModule [ "programs" "bash" "enable" ] "") (mkRemovedOptionModule [ "programs" "bash" "enable" ] "")

101
nixos/modules/services/network-filesystems/nfsd.nix
View File

@ -20,6 +20,7 @@ in
server = { server = {
enable = mkOption { enable = mkOption {
type = types.bool;
default = false; default = false;
description = '' description = ''
Whether to enable the kernel's NFS server. Whether to enable the kernel's NFS server.
@ -27,6 +28,7 @@ in
}; };
exports = mkOption { exports = mkOption {
type = types.lines;
default = ""; default = "";
description = '' description = ''
Contents of the /etc/exports file. See Contents of the /etc/exports file. See
@ -36,6 +38,7 @@ in
}; };
hostName = mkOption { hostName = mkOption {
type = types.nullOr types.str;
default = null; default = null;
description = '' description = ''
Hostname or address on which NFS requests will be accepted. Hostname or address on which NFS requests will be accepted.
@ -46,6 +49,7 @@ in
}; };
nproc = mkOption { nproc = mkOption {
type = types.int;
default = 8; default = 8;
description = '' description = ''
Number of NFS server threads. Defaults to the recommended value of 8. Number of NFS server threads. Defaults to the recommended value of 8.
@ -53,11 +57,13 @@ in
}; };
createMountPoints = mkOption { createMountPoints = mkOption {
type = types.bool;
default = false; default = false;
description = "Whether to create the mount points in the exports file at startup time."; description = "Whether to create the mount points in the exports file at startup time.";
}; };
mountdPort = mkOption { mountdPort = mkOption {
type = types.nullOr types.int;
default = null; default = null;
example = 4002; example = 4002;
description = '' description = ''
@ -66,11 +72,26 @@ in
}; };
lockdPort = mkOption { lockdPort = mkOption {
default = 0; type = types.nullOr types.int;
default = null;
example = 4001;
description = '' description = ''
Fix the lockd port number. This can help setting firewall rules for NFS. Use a fixed port for the NFS lock manager kernel module
(<literal>lockd/nlockmgr</literal>). This is useful if the
NFS server is behind a firewall.
''; '';
}; };
statdPort = mkOption {
type = types.nullOr types.int;
default = null;
example = 4000;
description = ''
Use a fixed port for <command>rpc.statd</command>. This is
useful if the NFS server is behind a firewall.
'';
};
}; };
}; };
@ -82,61 +103,42 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.nfs.extraConfig = ''
[nfsd]
threads=${toString cfg.nproc}
${optionalString (cfg.hostName != null) "host=${cfg.hostName}"}
[mountd]
${optionalString (cfg.mountdPort != null) "port=${toString cfg.mountdPort}"}
[statd]
${optionalString (cfg.statdPort != null) "port=${toString cfg.statdPort}"}
[lockd]
${optionalString (cfg.lockdPort != null) ''
port=${toString cfg.lockdPort}
udp-port=${toString cfg.lockdPort}
''}
'';
services.rpcbind.enable = true; services.rpcbind.enable = true;
boot.supportedFilesystems = [ "nfs" ]; # needed for statd and idmapd boot.supportedFilesystems = [ "nfs" ]; # needed for statd and idmapd
environment.systemPackages = [ pkgs.nfs-utils ];
environment.etc.exports.source = exports; environment.etc.exports.source = exports;
boot.kernelModules = [ "nfsd" ]; systemd.services.nfs-server =
{ enable = true;
systemd.services.nfsd =
{ description = "NFS Server";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "rpcbind.service" "mountd.service" ];
after = [ "rpcbind.service" "mountd.service" "idmapd.service" ];
before = [ "statd.service" ];
path = [ pkgs.nfs-utils ];
script =
''
# Create a state directory required by NFSv4.
mkdir -p /var/lib/nfs/v4recovery
${pkgs.procps}/sbin/sysctl -w fs.nfs.nlm_tcpport=${builtins.toString cfg.lockdPort}
${pkgs.procps}/sbin/sysctl -w fs.nfs.nlm_udpport=${builtins.toString cfg.lockdPort}
rpc.nfsd \
${if cfg.hostName != null then "-H ${cfg.hostName}" else ""} \
${builtins.toString cfg.nproc}
'';
postStop = "rpc.nfsd 0";
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
}; };
systemd.services.mountd = systemd.services.nfs-mountd =
{ description = "NFSv3 Mount Daemon"; { enable = true;
path = [ pkgs.nfs-utils ];
requires = [ "rpcbind.service" ]; restartTriggers = [ exports ];
after = [ "rpcbind.service" "local-fs.target" ];
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
preStart = preStart =
'' ''
mkdir -p /var/lib/nfs
touch /var/lib/nfs/rmtab
mountpoint -q /proc/fs/nfsd || mount -t nfsd none /proc/fs/nfsd
${optionalString cfg.createMountPoints ${optionalString cfg.createMountPoints
'' ''
# create export directories: # create export directories:
@ -149,15 +151,6 @@ in
exportfs -rav exportfs -rav
''; '';
restartTriggers = [ exports ];
serviceConfig.Type = "forking";
serviceConfig.ExecStart = ''
@${pkgs.nfs-utils}/sbin/rpc.mountd rpc.mountd \
${if cfg.mountdPort != null then "-p ${toString cfg.mountdPort}" else ""}
'';
serviceConfig.Restart = "always";
}; };
}; };

102
nixos/modules/tasks/filesystems/nfs.nix
View File

@ -24,6 +24,8 @@ let
Method = nsswitch Method = nsswitch
''; '';
nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
cfg = config.services.nfs; cfg = config.services.nfs;
in in
@ -32,23 +34,12 @@ in
###### interface ###### interface
options = { options = {
services.nfs = { services.nfs = {
statdPort = mkOption { extraConfig = mkOption {
default = null; type = types.lines;
example = 4000; default = "";
description = '' description = ''
Use a fixed port for <command>rpc.statd</command>. This is Extra nfs-utils configuration.
useful if the NFS server is behind a firewall.
'';
};
lockdPort = mkOption {
default = null;
example = 4001;
description = ''
Use a fixed port for the NFS lock manager kernel module
(<literal>lockd/nlockmgr</literal>). This is useful if the
NFS server is behind a firewall.
''; '';
}; };
}; };
@ -62,69 +53,44 @@ in
system.fsPackages = [ pkgs.nfs-utils ]; system.fsPackages = [ pkgs.nfs-utils ];
boot.extraModprobeConfig = mkIf (cfg.lockdPort != null) ''
options lockd nlm_udpport=${toString cfg.lockdPort} nlm_tcpport=${toString cfg.lockdPort}
'';
boot.kernelModules = [ "sunrpc" ];
boot.initrd.kernelModules = mkIf inInitrd [ "nfs" ]; boot.initrd.kernelModules = mkIf inInitrd [ "nfs" ];
# FIXME: should use upstream units from nfs-utils. systemd.packages = [ pkgs.nfs-utils ];
systemd.generator-packages = [ pkgs.nfs-utils ];
systemd.services.statd = environment.etc = {
{ description = "NFSv3 Network Status Monitor"; "idmapd.conf".source = idmapdConfFile;
"nfs.conf".source = nfsConfFile;
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
wants = [ "remote-fs-pre.target" ];
before = [ "remote-fs-pre.target" ];
wantedBy = [ "remote-fs.target" ];
requires = [ "basic.target" "rpcbind.service" ];
after = [ "basic.target" "rpcbind.service" ];
unitConfig.DefaultDependencies = false; # don't stop during shutdown
preStart =
''
mkdir -p ${nfsStateDir}/sm
mkdir -p ${nfsStateDir}/sm.bak
sm-notify -d
'';
serviceConfig.Type = "forking";
serviceConfig.ExecStart = ''
@${pkgs.nfs-utils}/sbin/rpc.statd rpc.statd --no-notify \
${if cfg.statdPort != null then "-p ${toString cfg.statdPort}" else ""}
'';
serviceConfig.Restart = "always";
}; };
systemd.services.idmapd = systemd.services.nfs-blkmap =
{ description = "NFSv4 ID Mapping Daemon"; { restartTriggers = [ nfsConfFile ];
};
path = [ pkgs.sysvtools pkgs.utillinux ]; systemd.targets.nfs-client =
{ wantedBy = [ "multi-user.target" "remote-fs.target" ];
};
wants = [ "remote-fs-pre.target" ]; systemd.services.nfs-idmapd =
before = [ "remote-fs-pre.target" ]; { restartTriggers = [ idmapdConfFile ];
wantedBy = [ "remote-fs.target" ]; };
requires = [ "rpcbind.service" ];
after = [ "rpcbind.service" ];
preStart = systemd.services.nfs-mountd =
'' { restartTriggers = [ nfsConfFile ];
mkdir -p ${rpcMountpoint} enable = mkDefault false;
mount -t rpc_pipefs rpc_pipefs ${rpcMountpoint} };
'';
postStop = systemd.services.nfs-server =
'' { restartTriggers = [ nfsConfFile ];
umount ${rpcMountpoint} enable = mkDefault false;
''; };
serviceConfig.Type = "forking"; systemd.services.rpc-gssd =
serviceConfig.ExecStart = "@${pkgs.nfs-utils}/sbin/rpc.idmapd rpc.idmapd -c ${idmapdConfFile}"; { restartTriggers = [ nfsConfFile ];
serviceConfig.Restart = "always"; };
systemd.services.rpc-statd =
{ restartTriggers = [ nfsConfFile ];
}; };
}; };