From 5aee8e032e56f89ad534449506c54f3c6af1ff6a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Krop=C3=A1=C4=8Dek?= <kropikuba@gmail.com>
Date: Thu, 16 Jan 2025 19:16:30 +0100
Subject: [PATCH] added nfs host
---
flake.nix | 3 ++
hosts/base/default.nix | 5 ++++
hosts/node-nfs/default.nix | 24 ++++++++++++++++
nixosModules/drives/default.nix | 16 +++++++++++
nixosModules/networking/default.nix | 41 ++++++++++++++++++---------
nixosModules/services/k3s/default.nix | 5 +---
nixosModules/services/nfs/default.nix | 35 +++++++++++++++++++++++
7 files changed, 112 insertions(+), 17 deletions(-)
create mode 100644 hosts/node-nfs/default.nix
create mode 100644 nixosModules/services/nfs/default.nix
diff --git a/flake.nix b/flake.nix
index d865005..9090ee7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -43,6 +43,9 @@
node2 = kclib.mkHost {
name = "node2";
};
+ node-nfs = kclib.mkHost {
+ name = "node-nfs";
+ };
};
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style;
devShells.x86_64-linux.default =
diff --git a/hosts/base/default.nix b/hosts/base/default.nix
index 33a6ac6..338d488 100644
--- a/hosts/base/default.nix
+++ b/hosts/base/default.nix
@@ -1,4 +1,5 @@
{
+ pkgs,
...
}:
{
@@ -32,5 +33,9 @@
services.qemuGuest.enable = true;
+ environment.systemPackages = [
+ pkgs.nfs-utils
+ ];
+
system.stateVersion = "24.11";
}
diff --git a/hosts/node-nfs/default.nix b/hosts/node-nfs/default.nix
new file mode 100644
index 0000000..928cb6d
--- /dev/null
+++ b/hosts/node-nfs/default.nix
@@ -0,0 +1,24 @@
+{ ... }:
+{
+ kropcloud =
+ let
+ serverIp = "192.168.1.180";
+ in
+ {
+ drives.hasSecondDrive = true;
+ services = {
+ nfs = {
+ enable = true;
+ exportDirectory = "/mnt/nas";
+ clusterWildcard = "192.168.1.0/24";
+ };
+ };
+ networking = {
+ ipv4 = {
+ address = serverIp;
+ prefixLength = 24;
+ defaultGateway = "192.168.1.1";
+ };
+ };
+ };
+}
diff --git a/nixosModules/drives/default.nix b/nixosModules/drives/default.nix
index 74ff51c..81596e2 100644
--- a/nixosModules/drives/default.nix
+++ b/nixosModules/drives/default.nix
@@ -45,6 +45,22 @@ in
};
};
};
+ secondary = lib.mkIf cfg.hasSecondDrive {
+ type = "disk";
+ device = "/dev/sdb";
+ content = {
+ type = "gpt";
+ partitions = {
+ data = {
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/mnt/nas";
+ };
+ };
+ };
+ };
+ };
};
};
};
diff --git a/nixosModules/networking/default.nix b/nixosModules/networking/default.nix
index c015ff1..4a64cb5 100644
--- a/nixosModules/networking/default.nix
+++ b/nixosModules/networking/default.nix
@@ -52,25 +52,40 @@ in
services.avahi = {
enable = true;
+ openFirewall = true;
};
networking = {
nftables.enable = true;
firewall = {
checkReversePath = "loose";
- allowedUDPPorts = []
- ++ lib.optionals kc_cfg.services.k3s.enable
- [
- 8472
- ];
- allowedTCPPorts = []
- ++ lib.optionals kc_cfg.services.k3s.enable
- [
- 2379
- 2380
- 6443
- 10250
- ];
+ allowedUDPPorts =
+ [ ]
+ ++ lib.optionals kc_cfg.services.k3s.enable [
+ 8472
+ ]
+ ++ lib.optionals kc_cfg.services.nfs.enable [
+ 4000
+ 4001
+ 4002
+ 2049
+ 111
+ ];
+ allowedTCPPorts =
+ [ ]
+ ++ lib.optionals kc_cfg.services.k3s.enable [
+ 2379
+ 2380
+ 6443
+ 10250
+ ]
+ ++ lib.optionals kc_cfg.services.nfs.enable [
+ 4000
+ 4001
+ 4002
+ 2049
+ 111
+ ];
};
interfaces = {
ens18 = {
diff --git a/nixosModules/services/k3s/default.nix b/nixosModules/services/k3s/default.nix
index 24b16b0..f630fdb 100644
--- a/nixosModules/services/k3s/default.nix
+++ b/nixosModules/services/k3s/default.nix
@@ -44,10 +44,7 @@ in
"--disable local-storage"
]
++ (
- if (!cfg.isMaster && cfg.master != null) then
- [ "--server https://${cfg.master}:6443" ]
- else
- [ ]
+ if (!cfg.isMaster && cfg.master != null) then [ "--server https://${cfg.master}:6443" ] else [ ]
)
);
clusterInit = cfg.isMaster;
diff --git a/nixosModules/services/nfs/default.nix b/nixosModules/services/nfs/default.nix
new file mode 100644
index 0000000..cd73db0
--- /dev/null
+++ b/nixosModules/services/nfs/default.nix
@@ -0,0 +1,35 @@
+{
+ config,
+ lib,
+ ...
+}:
+let
+ cfg = config.kropcloud.services.nfs;
+ kc_cfg = config.kropcloud;
+in
+{
+ options.kropcloud.services.nfs = {
+ enable = lib.mkEnableOption "Whence to enable nfs service.";
+ exportDirectory = lib.mkOption {
+ type = lib.types.str;
+ default = "/mnt/nas";
+ description = "The directory to export.";
+ };
+ clusterWildcard = lib.mkOption {
+ type = lib.types.str;
+ default = "*";
+ description = "The wildcard to use for cluster.";
+ };
+ };
+ config = lib.mkIf cfg.enable {
+ services.nfs.server = {
+ enable = true;
+ exports = ''
+ ${cfg.exportDirectory} ${cfg.clusterWildcard}(rw,sync,no_wdelay,no_root_squash,insecure)
+ '';
+ statdPort = 4000;
+ lockdPort = 4001;
+ mountdPort = 4002;
+ };
+ };
+}