nixpkgs-suyu/nixos/modules/tasks/filesystems/nfs.nix
Ruben Maher 98a2316166 nfs-utils: set /etc/krb5.keytab as default path for rpc-gssd
Currently the `rpc-gssd.service` has a `ConditionPathExists` clause that can
never be met, because it's looking for stateful data inside `/nix/store`.

`auth-rpcgss-module.service` also only starts if this file exists.

Fixes NixOS/nixpkgs#29509.
2017-09-20 15:36:26 +01:00

108 lines
2.3 KiB
Nix

{ config, lib, pkgs, ... }:
with lib;
let
inInitrd = any (fs: fs == "nfs") config.boot.initrd.supportedFilesystems;
nfsStateDir = "/var/lib/nfs";
rpcMountpoint = "${nfsStateDir}/rpc_pipefs";
idmapdConfFile = pkgs.writeText "idmapd.conf" ''
[General]
Pipefs-Directory = ${rpcMountpoint}
${optionalString (config.networking.domain != null)
"Domain = ${config.networking.domain}"}
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
[Translation]
Method = nsswitch
'';
nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
cfg = config.services.nfs;
in
{
###### interface
options = {
services.nfs = {
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Extra nfs-utils configuration.
'';
};
};
};
###### implementation
config = mkIf (any (fs: fs == "nfs" || fs == "nfs4") config.boot.supportedFilesystems) {
services.rpcbind.enable = true;
system.fsPackages = [ pkgs.nfs-utils ];
boot.initrd.kernelModules = mkIf inInitrd [ "nfs" ];
systemd.packages = [ pkgs.nfs-utils ];
systemd.generator-packages = [ pkgs.nfs-utils ];
environment.etc = {
"idmapd.conf".source = idmapdConfFile;
"nfs.conf".source = nfsConfFile;
};
systemd.services.nfs-blkmap =
{ restartTriggers = [ nfsConfFile ];
};
systemd.targets.nfs-client =
{ wantedBy = [ "multi-user.target" "remote-fs.target" ];
};
systemd.services.nfs-idmapd =
{ restartTriggers = [ idmapdConfFile ];
};
systemd.services.nfs-mountd =
{ restartTriggers = [ nfsConfFile ];
enable = mkDefault false;
};
systemd.services.nfs-server =
{ restartTriggers = [ nfsConfFile ];
enable = mkDefault false;
};
systemd.services.auth-rpcgss-module =
{
unitConfig.ConditionPathExists = [ "" "/etc/krb5.keytab" ];
};
systemd.services.rpc-gssd =
{ restartTriggers = [ nfsConfFile ];
unitConfig.ConditionPathExists = [ "" "/etc/krb5.keytab" ];
};
systemd.services.rpc-statd =
{ restartTriggers = [ nfsConfFile ];
preStart =
''
mkdir -p /var/lib/nfs/{sm,sm.bak}
'';
};
};
}