Update k0 to new-style nix modules

2021-01-09 13:19:45 +01:00
parent 58dd6e717a
commit ffb2021c85
14 changed files with 112 additions and 41 deletions
--- a/modules.bak/fs.nix
+++ b/modules.bak/fs.nix
@@ -0,0 +1,67 @@
+{ pkgs, lib, config, ... }:
+with lib;
+let
+  cfg = config.cluster.fs;
+
+  cert = cfg.cert;
+
+  pki = import ./pki.nix { inherit pkgs; ca = cfg.initca; };
+
+  common = {
+    boot.kernelModules = [
+      "dm_snapshot"
+      "dm_mirror"
+      "dm_thin_pool"
+    ];
+
+    networking = {
+      firewall.allowedTCPPortRanges = [ { from = 5000; to = 50000; } ];
+      firewall.allowedTCPPorts = [ 111 2049 ];
+      firewall.allowedUDPPorts = [ 111 2049 24007 24008 ];
+    };
+
+    environment.systemPackages = [ pkgs.lvm2 ];
+  };
+
+  glusterfs = {
+    services.glusterfs = {
+      enable = true;
+      tlsSettings = {
+        caCert = pki.ca.cert;
+        tlsKeyPath = cert.key;
+        tlsPem = cert.cert;
+      };
+    };
+  };
+
+  nfs = {
+    services.nfs.server = {
+      enable = true;
+      exports = cfg.nfs.exports;
+    };
+  };
+in {
+  options.cluster.fs = {
+    enable = mkEnableOption "Enable nfs fileserver";
+
+    nfs = {
+      enable = mkEnableOption "Enable nfs fileserver";
+      exports = mkOption {
+        type = types.str;
+        default = "";
+      };
+    };
+
+    glusterfs.enable = mkEnableOption "Enable glusterfs fileserver";
+  };
+
+  config = mkIf cfg.enable (
+    mkMerge [
+      common
+      (mkIf cfg.nfs.enable nfs)
+      (mkIf cfg.glusterfs.enable glusterfs)
+    ]
+  );
+
+  imports = [ ./os.nix ];
+}