From 365e4c69c9b2b9e553dd99bd122df0181abf405e Mon Sep 17 00:00:00 2001 From: Max Date: Wed, 23 Aug 2023 00:56:27 +0200 Subject: [PATCH] cluster/services/storage: mount heresy via external-storage --- cluster/services/storage/heresy.nix | 109 +++------------------------- 1 file changed, 12 insertions(+), 97 deletions(-) diff --git a/cluster/services/storage/heresy.nix b/cluster/services/storage/heresy.nix index fbd73cc..a0b5158 100644 --- a/cluster/services/storage/heresy.nix +++ b/cluster/services/storage/heresy.nix @@ -1,101 +1,16 @@ -{ config, lib, pkgs, ... }: - -let - s3qlWithSystemd = pkgs.s3ql.overrideAttrs (old: { - propagatedBuildInputs = old.propagatedBuildInputs ++ [ - pkgs.python3Packages.systemd - ]; - }); - - dirs = { - cache = "/srv/storage/private/s3ql-cache"; - underlay = "/mnt/heresy"; - mount = "/srv/heresy"; - }; -in - { - age.secrets = { - storageBoxCredentials.file = ./secrets/storage-box-credentials.age; - heresyEncryptionKey.file = ./secrets/heresy-encryption-key.age; - }; - - boot.supportedFilesystems = [ "cifs" ]; - - fileSystems."${dirs.underlay}" = { - fsType = "cifs"; - device = "//u357754.your-storagebox.de/u357754-sub1/fs/heresy"; - options = [ - "credentials=${config.age.secrets.storageBoxCredentials.path}" - "dir_mode=0700" - "file_mode=0600" - "_netdev" - "x-systemd.automount" - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d '${dirs.cache}' 0700 root root - -" - ]; - services.heresy = { - description = "Heresy Filesystem"; - wantedBy = [ "multi-user.target" ]; - requires = [ "mnt-heresy.mount" ]; - wants = [ "remote-fs.target" ]; - after = [ "mnt-heresy.mount" ]; - before = [ "remote-fs.target" ]; - - # used by umount.s3ql - path = with pkgs; [ - psmisc - util-linux - ]; - - serviceConfig = let - commonOptions = [ - "--compress" "none" - "--cachedir" dirs.cache - "--authfile" config.age.secrets.heresyEncryptionKey.path - ]; - in { - Type = "notify"; - - ExecStartPre = map lib.escapeShellArgs [ - [ - "${pkgs.coreutils}/bin/install" "-dm755" dirs.mount - ] - ([ - "${s3qlWithSystemd}/bin/fsck.s3ql" - "local://${dirs.underlay}" - ] ++ commonOptions) - ]; - ExecStart = lib.escapeShellArgs ([ - "${s3qlWithSystemd}/bin/mount.s3ql" - "local://${dirs.underlay}" - dirs.mount - "--fs-name" "heresy" - "--allow-other" - "--systemd" "--fg" - "--log" "none" - ] ++ commonOptions); - - ExecStop = lib.escapeShellArgs [ - "${s3qlWithSystemd}/bin/umount.s3ql" - "--log" "none" - dirs.mount - ]; - - # fsck and unmounting might take a while - TimeoutStartSec = "600s"; - TimeoutStopSec = "600s"; - - # s3ql only handles SIGINT - KillSignal = "SIGINT"; - - Restart = "on-failure"; - RestartSec = "10s"; - }; + services.external-storage = { + underlays.heresy = { + subUser = "sub1"; + credentialsFile = ./secrets/storage-box-credentials.age; + path = "/fs/heresy"; + }; + fileSystems.heresy = { + mountpoint = "/srv/heresy"; + unitName = "heresy"; + unitDescription = "Heresy Filesystem"; + encryptionKeyFile = ./secrets/heresy-encryption-key.age; + underlay = "heresy"; }; }; }