movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

nixos/nfs: add idmapd.settings option

Browse source 
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
This commit is contained in:
Justin Lovinger 2020-10-20 21:21:37 -04:00
parent a920bf4308
commit 1168e13bb0
1 changed files with 35 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

48
nixos/modules/tasks/filesystems/nfs.nix
View file

@ -10,20 +10,9 @@ let
rpcMountpoint = "${nfsStateDir}/rpc_pipefs"; rpcMountpoint = "${nfsStateDir}/rpc_pipefs";
idmapdConfFile = pkgs.writeText "idmapd.conf" '' format = pkgs.formats.ini {};
[General]
Pipefs-Directory = ${rpcMountpoint}
${optionalString (config.networking.domain != null)
"Domain = ${config.networking.domain}"}
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
[Translation]
Method = nsswitch
'';
idmapdConfFile = format.generate "idmapd.conf" cfg.idmapd.settings;
nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig; nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
requestKeyConfFile = pkgs.writeText "request-key.conf" '' requestKeyConfFile = pkgs.writeText "request-key.conf" ''
create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
@ -38,6 +27,25 @@ in
options = { options = {
services.nfs = { services.nfs = {
idmapd.settings = mkOption {
type = format.type;
default = {};
description = ''
libnfsidmap configuration. Refer to
<link xlink:href="https://linux.die.net/man/5/idmapd.conf"/>
for details.
'';
example = literalExample ''
{
Translation = {
GSS-Methods = "static,nsswitch";
};
Static = {
"root/hostname.domain.com@REALM.COM" = "root";
};
}
'';
};
extraConfig = mkOption { extraConfig = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
@ -54,6 +62,20 @@ in
services.rpcbind.enable = true; services.rpcbind.enable = true;
services.nfs.idmapd.settings = {
General = mkMerge [
{ Pipefs-Directory = rpcMountpoint; }
(mkIf (config.networking.domain != null) { Domain = config.networking.domain; })
];
Mapping = {
Nobody-User = "nobody";
Nobody-Group = "nogroup";
};
Translation = {
Method = "nsswitch";
};
};
system.fsPackages = [ pkgs.nfs-utils ]; system.fsPackages = [ pkgs.nfs-utils ];
boot.initrd.kernelModules = mkIf inInitrd [ "nfs" ]; boot.initrd.kernelModules = mkIf inInitrd [ "nfs" ];