diff --git a/flake.nix b/flake.nix index d865005..9090ee7 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,9 @@ node2 = kclib.mkHost { name = "node2"; }; + node-nfs = kclib.mkHost { + name = "node-nfs"; + }; }; formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; devShells.x86_64-linux.default = diff --git a/hosts/base/default.nix b/hosts/base/default.nix index 33a6ac6..338d488 100644 --- a/hosts/base/default.nix +++ b/hosts/base/default.nix @@ -1,4 +1,5 @@ { + pkgs, ... }: { @@ -32,5 +33,9 @@ services.qemuGuest.enable = true; + environment.systemPackages = [ + pkgs.nfs-utils + ]; + system.stateVersion = "24.11"; } diff --git a/hosts/node-nfs/default.nix b/hosts/node-nfs/default.nix new file mode 100644 index 0000000..928cb6d --- /dev/null +++ b/hosts/node-nfs/default.nix @@ -0,0 +1,24 @@ +{ ... }: +{ + kropcloud = + let + serverIp = "192.168.1.180"; + in + { + drives.hasSecondDrive = true; + services = { + nfs = { + enable = true; + exportDirectory = "/mnt/nas"; + clusterWildcard = "192.168.1.0/24"; + }; + }; + networking = { + ipv4 = { + address = serverIp; + prefixLength = 24; + defaultGateway = "192.168.1.1"; + }; + }; + }; +} diff --git a/nixosModules/drives/default.nix b/nixosModules/drives/default.nix index 74ff51c..81596e2 100644 --- a/nixosModules/drives/default.nix +++ b/nixosModules/drives/default.nix @@ -45,6 +45,22 @@ in }; }; }; + secondary = lib.mkIf cfg.hasSecondDrive { + type = "disk"; + device = "/dev/sdb"; + content = { + type = "gpt"; + partitions = { + data = { + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/mnt/nas"; + }; + }; + }; + }; + }; }; }; }; diff --git a/nixosModules/networking/default.nix b/nixosModules/networking/default.nix index c015ff1..4a64cb5 100644 --- a/nixosModules/networking/default.nix +++ b/nixosModules/networking/default.nix @@ -52,25 +52,40 @@ in services.avahi = { enable = true; + openFirewall = true; }; networking = { nftables.enable = true; firewall = { checkReversePath = "loose"; - allowedUDPPorts = [] - ++ lib.optionals kc_cfg.services.k3s.enable - [ - 8472 - ]; - allowedTCPPorts = [] - ++ lib.optionals kc_cfg.services.k3s.enable - [ - 2379 - 2380 - 6443 - 10250 - ]; + allowedUDPPorts = + [ ] + ++ lib.optionals kc_cfg.services.k3s.enable [ + 8472 + ] + ++ lib.optionals kc_cfg.services.nfs.enable [ + 4000 + 4001 + 4002 + 2049 + 111 + ]; + allowedTCPPorts = + [ ] + ++ lib.optionals kc_cfg.services.k3s.enable [ + 2379 + 2380 + 6443 + 10250 + ] + ++ lib.optionals kc_cfg.services.nfs.enable [ + 4000 + 4001 + 4002 + 2049 + 111 + ]; }; interfaces = { ens18 = { diff --git a/nixosModules/services/k3s/default.nix b/nixosModules/services/k3s/default.nix index 24b16b0..f630fdb 100644 --- a/nixosModules/services/k3s/default.nix +++ b/nixosModules/services/k3s/default.nix @@ -44,10 +44,7 @@ in "--disable local-storage" ] ++ ( - if (!cfg.isMaster && cfg.master != null) then - [ "--server https://${cfg.master}:6443" ] - else - [ ] + if (!cfg.isMaster && cfg.master != null) then [ "--server https://${cfg.master}:6443" ] else [ ] ) ); clusterInit = cfg.isMaster; diff --git a/nixosModules/services/nfs/default.nix b/nixosModules/services/nfs/default.nix new file mode 100644 index 0000000..cd73db0 --- /dev/null +++ b/nixosModules/services/nfs/default.nix @@ -0,0 +1,35 @@ +{ + config, + lib, + ... +}: +let + cfg = config.kropcloud.services.nfs; + kc_cfg = config.kropcloud; +in +{ + options.kropcloud.services.nfs = { + enable = lib.mkEnableOption "Whence to enable nfs service."; + exportDirectory = lib.mkOption { + type = lib.types.str; + default = "/mnt/nas"; + description = "The directory to export."; + }; + clusterWildcard = lib.mkOption { + type = lib.types.str; + default = "*"; + description = "The wildcard to use for cluster."; + }; + }; + config = lib.mkIf cfg.enable { + services.nfs.server = { + enable = true; + exports = '' + ${cfg.exportDirectory} ${cfg.clusterWildcard}(rw,sync,no_wdelay,no_root_squash,insecure) + ''; + statdPort = 4000; + lockdPort = 4001; + mountdPort = 4002; + }; + }; +}