summary refs log tree commit diff
path: root/nixos/modules/tasks/filesystems/nfs.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/tasks/filesystems/nfs.nix')
-rw-r--r--nixos/modules/tasks/filesystems/nfs.nix51
1 files changed, 41 insertions, 10 deletions
diff --git a/nixos/modules/tasks/filesystems/nfs.nix b/nixos/modules/tasks/filesystems/nfs.nix
index e8c3d8ab56d..79de6556f25 100644
--- a/nixos/modules/tasks/filesystems/nfs.nix
+++ b/nixos/modules/tasks/filesystems/nfs.nix
@@ -13,7 +13,7 @@ let
   idmapdConfFile = pkgs.writeText "idmapd.conf" ''
     [General]
     Pipefs-Directory = ${rpcMountpoint}
-    ${optionalString (config.networking.domain != "")
+    ${optionalString (config.networking.domain != null)
       "Domain = ${config.networking.domain}"}
 
     [Mapping]
@@ -24,9 +24,33 @@ let
     Method = nsswitch
   '';
 
+  cfg = config.services.nfs;
+
 in
 
 {
+  ###### interface
+
+  options = {
+
+    services.nfs = {
+      statdPort = mkOption {
+        default = null;
+        example = 4000;
+        description = ''
+          Use fixed port for rpc.statd, useful if NFS server is behind firewall.
+        '';
+      };
+      lockdPort = mkOption {
+        default = null;
+        example = 4001;
+        description = ''
+          Use fixed port for NFS lock manager kernel module (lockd/nlockmgr),
+          useful if NFS server is behind firewall.
+        '';
+      };
+    };
+  };
 
   ###### implementation
 
@@ -34,7 +58,11 @@ in
 
     services.rpcbind.enable = true;
 
-    system.fsPackages = [ pkgs.nfsUtils ];
+    system.fsPackages = [ pkgs.nfs-utils ];
+
+    boot.extraModprobeConfig = mkIf (cfg.lockdPort != null) ''
+      options lockd nlm_udpport=${toString cfg.lockdPort} nlm_tcpport=${toString cfg.lockdPort}
+    '';
 
     boot.kernelModules = [ "sunrpc" ];
 
@@ -43,12 +71,12 @@ in
     systemd.services.statd =
       { description = "NFSv3 Network Status Monitor";
 
-        path = [ pkgs.nfsUtils pkgs.sysvtools pkgs.utillinux ];
+        path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
 
-        wantedBy = [ "network-online.target" "multi-user.target" ];
-        before = [ "network-online.target" ];
+        wantedBy = [ "remote-fs-pre.target" ];
+        before = [ "remote-fs-pre.target" ];
         requires = [ "basic.target" "rpcbind.service" ];
-        after = [ "basic.target" "rpcbind.service" "network.target" ];
+        after = [ "basic.target" "rpcbind.service" ];
 
         unitConfig.DefaultDependencies = false; # don't stop during shutdown
 
@@ -60,7 +88,10 @@ in
           '';
 
         serviceConfig.Type = "forking";
-        serviceConfig.ExecStart = "@${pkgs.nfsUtils}/sbin/rpc.statd rpc.statd --no-notify";
+        serviceConfig.ExecStart = ''
+          @${pkgs.nfs-utils}/sbin/rpc.statd rpc.statd --no-notify \
+              ${if cfg.statdPort != null then "-p ${toString statdPort}" else ""}
+        '';
         serviceConfig.Restart = "always";
       };
 
@@ -69,8 +100,8 @@ in
 
         path = [ pkgs.sysvtools pkgs.utillinux ];
 
-        wantedBy = [ "network-online.target" "multi-user.target" ];
-        before = [ "network-online.target" ];
+        wantedBy = [ "remote-fs-pre.target" ];
+        before = [ "remote-fs-pre.target" ];
         requires = [ "rpcbind.service" ];
         after = [ "rpcbind.service" ];
 
@@ -86,7 +117,7 @@ in
           '';
 
         serviceConfig.Type = "forking";
-        serviceConfig.ExecStart = "@${pkgs.nfsUtils}/sbin/rpc.idmapd rpc.idmapd -c ${idmapdConfFile}";
+        serviceConfig.ExecStart = "@${pkgs.nfs-utils}/sbin/rpc.idmapd rpc.idmapd -c ${idmapdConfFile}";
         serviceConfig.Restart = "always";
       };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-30 01:00:17 +0000