diff options
| author | Michael Raitza <michael.raitza@tu-dresden.de> | 2023-03-09 19:00:21 +0100 |
|---|---|---|
| committer | Anderson Torres <torres.anderson.85@protonmail.com> | 2023-04-11 08:30:56 -0300 |
| commit | 9f0e1b6047166ff331bea1d7f498794a15833c6d (patch) | |
| tree | dfec6d024b000226c2a539b9089147e7d0f437d1 /nixos/modules/services/network-filesystems | |
| parent | e86e7eb495bae5c482d204e2a15a09da94075e22 (diff) | |
| download | nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.tar nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.tar.gz nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.tar.bz2 nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.tar.lz nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.tar.xz nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.tar.zst nixpkgs-9f0e1b6047166ff331bea1d7f498794a15833c6d.zip | |
modules.openafsServer: Add FABS backup server
Diffstat (limited to 'nixos/modules/services/network-filesystems')
| -rw-r--r-- | nixos/modules/services/network-filesystems/openafs/server.nix | 86 |
1 files changed, 68 insertions, 18 deletions
diff --git a/nixos/modules/services/network-filesystems/openafs/server.nix b/nixos/modules/services/network-filesystems/openafs/server.nix index 1c615d3bfb6..ad0fd783567 100644 --- a/nixos/modules/services/network-filesystems/openafs/server.nix +++ b/nixos/modules/services/network-filesystems/openafs/server.nix @@ -4,7 +4,8 @@ with import ./lib.nix { inherit config lib pkgs; }; let - inherit (lib) concatStringsSep literalExpression mkIf mkOption optionalString types; + inherit (lib) concatStringsSep literalExpression mkIf mkOption mkEnableOption + optionalString types; bosConfig = pkgs.writeText "BosConfig" ('' restrictmode 1 @@ -24,9 +25,15 @@ let parm ${openafsSrv}/libexec/openafs/salvageserver ${cfg.roles.fileserver.salvageserverArgs} parm ${openafsSrv}/libexec/openafs/dasalvager ${cfg.roles.fileserver.salvagerArgs} end - '') + (optionalString (cfg.roles.database.enable && cfg.roles.backup.enable) '' + '') + (optionalString (cfg.roles.database.enable && cfg.roles.backup.enable && (!cfg.roles.backup.enableFabs)) '' bnode simple buserver 1 - parm ${openafsSrv}/libexec/openafs/buserver ${cfg.roles.backup.buserverArgs} ${optionalString (cfg.roles.backup.cellServDB != []) "-cellservdb /etc/openafs/backup/"} + parm ${openafsSrv}/libexec/openafs/buserver ${cfg.roles.backup.buserverArgs} ${optionalString useBuCellServDB "-cellservdb /etc/openafs/backup/"} + end + '') + (optionalString (cfg.roles.database.enable && + cfg.roles.backup.enable && + cfg.roles.backup.enableFabs) '' + bnode simple buserver 1 + parm ${lib.getBin pkgs.fabs}/bin/fabsys server --config ${fabsConfFile} ${cfg.roles.backup.fabsArgs} end '')); @@ -34,12 +41,27 @@ let pkgs.writeText "NetInfo" ((concatStringsSep "\nf " cfg.advertisedAddresses) + "\n") else null; - buCellServDB = pkgs.writeText "backup-cellServDB-${cfg.cellName}" (mkCellServDB cfg.cellName cfg.roles.backup.cellServDB); + buCellServDB = pkgs.writeText "backup-cellServDB-${cfg.cellName}" + (mkCellServDB cfg.cellName cfg.roles.backup.cellServDB); + + useBuCellServDB = (cfg.roles.backup.cellServDB != []) && (!cfg.roles.backup.enableFabs); cfg = config.services.openafsServer; udpSizeStr = toString cfg.udpPacketSize; + fabsConfFile = pkgs.writeText "fabs.yaml" (builtins.toJSON ({ + afs = { + aklog = cfg.package + "/bin/aklog"; + cell = cfg.cellName; + dumpscan = cfg.package + "/bin/afsdump_scan"; + fs = cfg.package + "/bin/fs"; + pts = cfg.package + "/bin/pts"; + vos = cfg.package + "/bin/vos"; + }; + k5start.command = (lib.getBin pkgs.kstart) + "/bin/k5start"; + } // cfg.roles.backup.fabsExtraConfig)); + in { options = { @@ -80,8 +102,8 @@ in { }; package = mkOption { - default = pkgs.openafs.server or pkgs.openafs; - defaultText = literalExpression "pkgs.openafs.server or pkgs.openafs"; + default = pkgs.openafs; + defaultText = literalExpression "pkgs.openafs"; type = types.package; description = lib.mdDoc "OpenAFS package for the server binaries"; }; @@ -154,16 +176,20 @@ in { }; backup = { - enable = mkOption { - default = false; - type = types.bool; - description = lib.mdDoc '' - Backup server role. Use in conjunction with the - `database` role to maintain the Backup - Database. Normally only used in conjunction with tape storage - or IBM's Tivoli Storage Manager. - ''; - }; + enable = mkEnableOption (lib.mdDoc '' + Backup server role. When using OpenAFS built-in buserver, use in conjunction with the + `database` role to maintain the Backup + Database. Normally only used in conjunction with tape storage + or IBM's Tivoli Storage Manager. + + For a modern backup server, enable this role and see + {option}`enableFabs`. + ''); + + enableFabs = mkEnableOption (lib.mdDoc '' + FABS, the flexible AFS backup system. It stores volumes as dump files, relying on other + pre-existing backup solutions for handling them. + ''); buserverArgs = mkOption { default = ""; @@ -181,6 +207,30 @@ in { other database server machines. ''; }; + + fabsArgs = mkOption { + default = ""; + type = types.str; + description = lib.mdDoc '' + Arguments to the fabsys process. See + {manpage}`fabsys_server(1)` and + {manpage}`fabsys_config(1)`. + ''; + }; + + fabsExtraConfig = mkOption { + default = {}; + type = types.attrs; + description = lib.mdDoc '' + Additional configuration parameters for the FABS backup server. + ''; + example = literalExpression '' + { + afs.localauth = true; + afs.keytab = config.sops.secrets.fabsKeytab.path; + } + ''; + }; }; }; @@ -239,7 +289,7 @@ in { mode = "0644"; }; buCellServDB = { - enable = (cfg.roles.backup.cellServDB != []); + enable = useBuCellServDB; text = mkCellServDB cfg.cellName cfg.roles.backup.cellServDB; target = "openafs/backup/CellServDB"; }; @@ -257,7 +307,7 @@ in { preStart = '' mkdir -m 0755 -p /var/openafs ${optionalString (netInfo != null) "cp ${netInfo} /var/openafs/netInfo"} - ${optionalString (cfg.roles.backup.cellServDB != []) "cp ${buCellServDB}"} + ${optionalString useBuCellServDB "cp ${buCellServDB}"} ''; serviceConfig = { ExecStart = "${openafsBin}/bin/bosserver -nofork"; |