nfs: set up request-key for id mapping
A patch is necessary upstream to support multiple configs via symlinks in /etc/request-key.d Once that is done, we can add support for CIFS as well
This commit is contained in:
parent
0dce66a6ec
commit
b1c10bc8b2
@ -25,6 +25,9 @@ let
|
||||
'';
|
||||
|
||||
nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
|
||||
requestKeyConfFile = pkgs.writeText "request-key.conf" ''
|
||||
create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
|
||||
'';
|
||||
|
||||
cfg = config.services.nfs;
|
||||
|
||||
@ -57,9 +60,12 @@ in
|
||||
|
||||
systemd.packages = [ pkgs.nfs-utils ];
|
||||
|
||||
environment.systemPackages = [ pkgs.keyutils ];
|
||||
|
||||
environment.etc = {
|
||||
"idmapd.conf".source = idmapdConfFile;
|
||||
"nfs.conf".source = nfsConfFile;
|
||||
"request-key.conf".source = requestKeyConfFile;
|
||||
};
|
||||
|
||||
systemd.services.nfs-blkmap =
|
||||
|
@ -27,13 +27,6 @@ let
|
||||
};
|
||||
};
|
||||
|
||||
environment = {
|
||||
etc."request-key.conf".text = ''
|
||||
create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
|
||||
'';
|
||||
systemPackages = with pkgs; [ keyutils ];
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
@ -41,7 +34,7 @@ in
|
||||
|
||||
nodes = {
|
||||
client = { lib, ... }:
|
||||
{ inherit krb5 users environment;
|
||||
{ inherit krb5 users;
|
||||
|
||||
networking.extraHosts = hosts;
|
||||
networking.domain = "nfs.test";
|
||||
@ -57,7 +50,7 @@ in
|
||||
};
|
||||
|
||||
server = { lib, ...}:
|
||||
{ inherit krb5 users environment;
|
||||
{ inherit krb5 users;
|
||||
|
||||
networking.extraHosts = hosts;
|
||||
networking.domain = "nfs.test";
|
||||
|
Loading…
Reference in New Issue
Block a user