nfs: set up request-key for id mapping

A patch is necessary upstream to support multiple configs via symlinks
in /etc/request-key.d

Once that is done, we can add support for CIFS as well
This commit is contained in:
Kai Wohlfahrt 2019-11-27 21:01:34 +00:00
parent 0dce66a6ec
commit b1c10bc8b2
2 changed files with 8 additions and 9 deletions

View File

@ -25,6 +25,9 @@ let
'';
nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
requestKeyConfFile = pkgs.writeText "request-key.conf" ''
create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
'';
cfg = config.services.nfs;
@ -57,9 +60,12 @@ in
systemd.packages = [ pkgs.nfs-utils ];
environment.systemPackages = [ pkgs.keyutils ];
environment.etc = {
"idmapd.conf".source = idmapdConfFile;
"nfs.conf".source = nfsConfFile;
"request-key.conf".source = requestKeyConfFile;
};
systemd.services.nfs-blkmap =

View File

@ -27,13 +27,6 @@ let
};
};
environment = {
etc."request-key.conf".text = ''
create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
'';
systemPackages = with pkgs; [ keyutils ];
};
in
{
@ -41,7 +34,7 @@ in
nodes = {
client = { lib, ... }:
{ inherit krb5 users environment;
{ inherit krb5 users;
networking.extraHosts = hosts;
networking.domain = "nfs.test";
@ -57,7 +50,7 @@ in
};
server = { lib, ...}:
{ inherit krb5 users environment;
{ inherit krb5 users;
networking.extraHosts = hosts;
networking.domain = "nfs.test";