infrastructure/modules/system/exports/nfs.nix

{lib, gensokyo-zone, ...}: let
  inherit (gensokyo-zone.lib) mapAlmostOptionDefaults mkAlmostOptionDefault;
  inherit (lib.modules) mkIf;
  inherit (lib.attrsets) mapAttrs;
in {
  config.exports.services.nfs = { config, ... }: let
    mkAssertion = f: nixosConfig: let
      cfg = nixosConfig.services.nfs;
    in f nixosConfig cfg;
    mkAssertionPort = portName: mkAssertion (nixosConfig: cfg: let
      portAttr = "${portName}Port";
    in {
      assertion = mkAssertPort config.ports.${portName} cfg.server.${portAttr};
      message = "${portAttr} mismatch";
    });
    mkAssertPort = port: cfgPort: let
      cmpPort = if port.enable then port.port else null;
    in cfgPort == cmpPort;
  in {
    nixos = {
      serviceAttrPath = [ "services" "nfs" "server" ];
      assertions = mkIf config.enable [
        (mkAssertionPort "statd")
        (mkAssertionPort "lockd")
        (mkAssertionPort "mountd")
        (mkAssertion (nixosConfig: cfg: {
          assertion = nixosConfig.services.rpcbind.enable == config.ports.rpcbind.enable;
          message = "rpcbind enable mismatch";
        }))
      ];
    };
    # TODO: expose over wan
    defaults.port.listen = mkAlmostOptionDefault "lan";
    ports = mapAttrs (_: mapAlmostOptionDefaults) {
      default = {
        port = 2049;
        transport = "tcp";
      };
      udp = {
        port = config.ports.default.port;
        transport = "udp";
      };
      rpcbind = {
        port = 111;
        transport = "tcp";
      };
      rpcbind-udp = {
        port = config.ports.rpcbind.port;
        transport = "udp";
      };
      statd = {
        port = 4000;
        transport = "tcp";
      };
      statd-udp = {
        port = config.ports.statd.port;
        transport = "udp";
      };
      lockd = {
        port = 4001;
        transport = "tcp";
      };
      lockd-udp = {
        port = config.ports.lockd.port;
        transport = "udp";
      };
      mountd = {
        port = 4002;
        transport = "tcp";
      };
      mountd-udp = {
        port = config.ports.mountd.port;
        transport = "udp";
      };
    };
  };
}