gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore(nfs): clean up kyuuto fs exports

Browse source
This commit is contained in:
arcnmx 2024-11-24 13:23:15 -08:00
parent 2bb878be1d
commit 64efbaf503
5 changed files with 94 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/extern/nixos/kyuuto.nix vendored
View file

@ -104,13 +104,19 @@
]; ];
nfs.fstabOptions = [ nfs.fstabOptions = [
"noauto" "noauto"
"lazytime" "noatime"
#"nfsvers=4" #"nfsvers=4"
"soft" "soft"
"nocto"
"retrans=2" "retrans=2"
"timeo=60" "timeo=60"
"actimeo=300"
"acregmin=60"
"acdirmin=60"
]; ];
smb.fstabOptions = [ smb.fstabOptions = [
"noauto" "noauto"
"lazytime" "noatime"
(mkIf (config.smb.user != null) "user=${config.smb.user}") (mkIf (config.smb.user != null) "user=${config.smb.user}")
]; ];
automount.fstabOptions = [ automount.fstabOptions = [

170
nixos/kyuuto/nfs.nix
View file

@ -3,7 +3,9 @@
lib, lib,
... ...
}: let }: let
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf mkMerge;
inherit (lib.attrsets) mapAttrs' mapAttrsToList nameValuePair;
inherit (lib.lists) concatLists;
inherit (config) kyuuto; inherit (config) kyuuto;
inherit (config.services.nfs.export) flagSets; inherit (config.services.nfs.export) flagSets;
nfsRoot = { nfsRoot = {
@ -12,14 +14,53 @@
media = "${nfsRoot}/kyuuto/media"; media = "${nfsRoot}/kyuuto/media";
data = "${nfsRoot}/kyuuto/data"; data = "${nfsRoot}/kyuuto/data";
systems = "${nfsRoot}/kyuuto/systems"; systems = "${nfsRoot}/kyuuto/systems";
gengetsu = "${nfsRoot.systems}/gengetsu"; };
mugetsu = "${nfsRoot.systems}/mugetsu"; mkSystemExport = { name, fsid, machine, flags ? ["async"], machineFlags ? flagSets.metal }: {
goliath = "${nfsRoot.systems}/goliath"; flags = flagSets.common ++ ["fsid=${toString fsid}"] ++ flags;
clients = {
${name} = {
inherit machine;
flags = machineFlags;
};
admin = {
machine = flagSets.adminClients;
flags = machineFlags;
};
};
};
mkSystemExports = name: { machine, fileSystems }: let
systemRoot = "${nfsRoot.systems}/${name}";
mapSystemExport = fsName: fs: nameValuePair "${systemRoot}/${fsName}" (mkSystemExport ({
inherit name machine;
} // fs));
in mapAttrs' mapSystemExport fileSystems;
exportedSystems = {
gengetsu = {
machine = flagSets.gengetsuClients;
fileSystems = {
root.fsid = 162;
boot.fsid = 163;
};
};
mugetsu = {
machine = flagSets.mugetsuClients;
fileSystems = {
root.fsid = 170;
boot.fsid = 171;
};
};
goliath = {
machine = flagSets.goliathClients;
fileSystems = {
root.fsid = 172;
boot.fsid = 173;
};
};
}; };
in { in {
services.nfs = { services.nfs = {
export = { export = let
paths = { exportPaths = {
${nfsRoot.media} = { ${nfsRoot.media} = {
flags = flagSets.common ++ ["fsid=128"] ++ flagSets.secip ++ ["rw"] ++ flagSets.anon_ro; flags = flagSets.common ++ ["fsid=128"] ++ flagSets.secip ++ ["rw"] ++ flagSets.anon_ro;
clients = { clients = {
@ -47,61 +88,13 @@ in {
}; };
}; };
}; };
"${nfsRoot.gengetsu}/root" = {
flags = flagSets.common ++ ["fsid=162"] ++ ["async"];
clients = {
gengetsu = {
machine = flagSets.gengetsuClients;
flags = flagSets.metal;
};
};
};
"${nfsRoot.gengetsu}/boot" = {
flags = flagSets.common ++ ["fsid=163"] ++ ["async"];
clients = {
gengetsu = {
machine = flagSets.gengetsuClients;
flags = flagSets.metal;
};
};
};
"${nfsRoot.mugetsu}/root" = {
flags = flagSets.common ++ ["fsid=170"] ++ ["async"];
clients = {
mugetsu = {
machine = flagSets.mugetsuClients;
flags = flagSets.metal;
};
};
};
"${nfsRoot.mugetsu}/boot" = {
flags = flagSets.common ++ ["fsid=171"] ++ ["async"];
clients = {
mugetsu = {
machine = flagSets.mugetsuClients;
flags = flagSets.metal;
};
};
};
"${nfsRoot.goliath}/root" = {
flags = flagSets.common ++ ["fsid=172"] ++ ["async"];
clients = {
goliath = {
machine = flagSets.goliathClients;
flags = flagSets.metal;
};
};
};
"${nfsRoot.goliath}/boot" = {
flags = flagSets.common ++ ["fsid=173"] ++ ["async"];
clients = {
goliath = {
machine = flagSets.goliathClients;
flags = flagSets.metal;
};
};
};
}; };
systemPaths = mkMerge (mapAttrsToList mkSystemExports exportedSystems);
in {
paths = mkMerge [
exportPaths
systemPaths
];
}; };
}; };
systemd.mounts = let systemd.mounts = let
@ -112,52 +105,39 @@ in {
"nfs-mountd.service" "nfs-mountd.service"
]; ];
before = wantedBy; before = wantedBy;
in mkMount = { what, where, ... }@args: {
mkIf config.services.nfs.server.enable [
{
inherit type options wantedBy before; inherit type options wantedBy before;
} // args;
mkSystemMount = { name, fsName }: let
systemRoot = "${nfsRoot.systems}/${name}";
in mkMount {
what = "${kyuuto.dataDir}/systems/${name}/fs/${fsName}";
where = "${systemRoot}/${fsName}";
};
mapSystemMounts = name: { fileSystems, ... }: let
mapFileSystem = fsName: fs: mkSystemMount { inherit name fsName; };
in mapAttrsToList mapFileSystem fileSystems;
systemMounts = let
systemMounts = mapAttrsToList mapSystemMounts exportedSystems;
in concatLists systemMounts;
exportMounts = map mkMount [
{
what = kyuuto.mountDir; what = kyuuto.mountDir;
where = nfsRoot.media; where = nfsRoot.media;
} }
{ {
inherit type options wantedBy before;
what = kyuuto.dataDir; what = kyuuto.dataDir;
where = nfsRoot.data; where = nfsRoot.data;
} }
{ {
inherit type options wantedBy before;
what = kyuuto.transferDir; what = kyuuto.transferDir;
where = nfsRoot.transfer; where = nfsRoot.transfer;
} }
{
inherit type options wantedBy before;
what = "${kyuuto.dataDir}/systems/gengetsu/fs/root";
where = "${nfsRoot.gengetsu}/root";
}
{
inherit type options wantedBy before;
what = "${kyuuto.dataDir}/systems/gengetsu/fs/boot";
where = "${nfsRoot.gengetsu}/boot";
}
{
inherit type options wantedBy before;
what = "${kyuuto.dataDir}/systems/mugetsu/fs/root";
where = "${nfsRoot.mugetsu}/root";
}
{
inherit type options wantedBy before;
what = "${kyuuto.dataDir}/systems/mugetsu/fs/boot";
where = "${nfsRoot.mugetsu}/boot";
}
{
inherit type options wantedBy before;
what = "${kyuuto.dataDir}/systems/goliath/fs/root";
where = "${nfsRoot.goliath}/root";
}
{
inherit type options wantedBy before;
what = "${kyuuto.dataDir}/systems/goliath/fs/boot";
where = "${nfsRoot.goliath}/boot";
}
]; ];
pathMounts = mkMerge [
exportMounts
systemMounts
];
in
mkIf config.services.nfs.server.enable pathMounts;
} }

7
nixos/netboot/kyuuto.nix
View file

@ -10,6 +10,8 @@
inherit (lib.modules) mkIf mkDefault mkMerge; inherit (lib.modules) mkIf mkDefault mkMerge;
cfg = config.gensokyo-zone.netboot; cfg = config.gensokyo-zone.netboot;
nfsEnabled = config.boot.initrd.supportedFilesystems.nfs or config.boot.initrd.supportedFilesystems.nfs4 or false; nfsEnabled = config.boot.initrd.supportedFilesystems.nfs or config.boot.initrd.supportedFilesystems.nfs4 or false;
defaultCacheTimeoutMax = 60 * 60; # 1h
defaultCacheTimeoutMin = 60; # 1m
in { in {
options.gensokyo-zone.netboot = with lib.types; { options.gensokyo-zone.netboot = with lib.types; {
# TODO: default = true; # TODO: default = true;
@ -26,6 +28,11 @@ in {
type = listOf str; type = listOf str;
default = [ default = [
"nolock" # required in order to mount in initrd when statd daemon isn't running "nolock" # required in order to mount in initrd when statd daemon isn't running
"nocto"
"lazytime" "noatime"
"actimeo=${toString defaultCacheTimeoutMax}"
"acregmin=${toString defaultCacheTimeoutMin}"
"acdirmin=${toString defaultCacheTimeoutMin}"
]; ];
}; };
}; };

4
nixos/nfs.nix
View file

@ -101,6 +101,10 @@ in {
trustedClients = [ trustedClients = [
"@trusted" "@trusted"
]; ];
adminClients = [
"@admin"
# XXX: include tailscale addresses of trusted machines here too?
];
tailClients = optionals config.services.tailscale.enable cidrForNetwork.tail.all; tailClients = optionals config.services.tailscale.enable cidrForNetwork.tail.all;
localClients = cidrForNetwork.allLan.all ++ flagSets.tailClients; localClients = cidrForNetwork.allLan.all ++ flagSets.tailClients;
allClients = flagSets.clientGroups ++ flagSets.trustedClients ++ flagSets.localClients; allClients = flagSets.clientGroups ++ flagSets.trustedClients ++ flagSets.localClients;

2
systems/reimu/lxc.json
View file

@ -3,8 +3,10 @@
"lxc.mount.entry": [ "lxc.mount.entry": [
"/mnt/kyuuto-media mnt/kyuuto-media none bind,optional,create=dir", "/mnt/kyuuto-media mnt/kyuuto-media none bind,optional,create=dir",
"/mnt/kyuuto-data/minecraft mnt/kyuuto-data/minecraft none bind,optional,create=dir", "/mnt/kyuuto-data/minecraft mnt/kyuuto-data/minecraft none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/gengetsu mnt/kyuuto-data/systems/gengetsu none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/gengetsu/fs/root mnt/kyuuto-data/systems/gengetsu/fs/root none bind,optional,create=dir", "/mnt/kyuuto-data/systems/gengetsu/fs/root mnt/kyuuto-data/systems/gengetsu/fs/root none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/gengetsu/fs/boot mnt/kyuuto-data/systems/gengetsu/fs/boot none bind,optional,create=dir", "/mnt/kyuuto-data/systems/gengetsu/fs/boot mnt/kyuuto-data/systems/gengetsu/fs/boot none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/mugetsu mnt/kyuuto-data/systems/mugetsu none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/mugetsu/fs/root mnt/kyuuto-data/systems/mugetsu/fs/root none bind,optional,create=dir", "/mnt/kyuuto-data/systems/mugetsu/fs/root mnt/kyuuto-data/systems/mugetsu/fs/root none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/mugetsu/fs/boot mnt/kyuuto-data/systems/mugetsu/fs/boot none bind,optional,create=dir", "/mnt/kyuuto-data/systems/mugetsu/fs/boot mnt/kyuuto-data/systems/mugetsu/fs/boot none bind,optional,create=dir",
"/mnt/kyuuto-data/systems/goliath mnt/kyuuto-data/systems/goliath none bind,optional,create=dir", "/mnt/kyuuto-data/systems/goliath mnt/kyuuto-data/systems/goliath none bind,optional,create=dir",