pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / network-filesystems / xtreemfs.nix
at release-16.03-start 18 kB view raw
1{ config, lib, pkgs, ... }: 2 3with lib; 4 5let 6 7 cfg = config.services.xtreemfs; 8 9 xtreemfs = pkgs.xtreemfs; 10 11 home = cfg.homeDir; 12 13 startupScript = class: configPath: pkgs.writeScript "xtreemfs-osd.sh" '' 14 #! ${pkgs.stdenv.shell} 15 JAVA_HOME="${pkgs.jdk}" 16 JAVADIR="${xtreemfs}/share/java" 17 JAVA_CALL="$JAVA_HOME/bin/java -ea -cp $JAVADIR/XtreemFS.jar:$JAVADIR/BabuDB.jar:$JAVADIR/Flease.jar:$JAVADIR/protobuf-java-2.5.0.jar:$JAVADIR/Foundation.jar:$JAVADIR/jdmkrt.jar:$JAVADIR/jdmktk.jar:$JAVADIR/commons-codec-1.3.jar" 18 $JAVA_CALL ${class} ${configPath} 19 ''; 20 21 dirReplicationConfig = pkgs.writeText "xtreemfs-dir-replication-plugin.properties" '' 22 babudb.repl.backupDir = ${home}/server-repl-dir 23 plugin.jar = ${xtreemfs}/share/java/BabuDB_replication_plugin.jar 24 babudb.repl.dependency.0 = ${xtreemfs}/share/java/Flease.jar 25 26 ${cfg.dir.replication.extraConfig} 27 ''; 28 29 dirConfig = pkgs.writeText "xtreemfs-dir-config.properties" '' 30 uuid = ${cfg.dir.uuid} 31 listen.port = ${toString cfg.dir.port} 32 ${optionalString (cfg.dir.address != "") "listen.address = ${cfg.dir.address}"} 33 http_port = ${toString cfg.dir.httpPort} 34 babudb.baseDir = ${home}/dir/database 35 babudb.logDir = ${home}/dir/db-log 36 babudb.sync = ${if cfg.dir.replication.enable then "FDATASYNC" else cfg.dir.syncMode} 37 38 ${optionalString cfg.dir.replication.enable "babudb.plugin.0 = ${dirReplicationConfig}"} 39 40 ${cfg.dir.extraConfig} 41 ''; 42 43 mrcReplicationConfig = pkgs.writeText "xtreemfs-mrc-replication-plugin.properties" '' 44 babudb.repl.backupDir = ${home}/server-repl-mrc 45 plugin.jar = ${xtreemfs}/share/java/BabuDB_replication_plugin.jar 46 babudb.repl.dependency.0 = ${xtreemfs}/share/java/Flease.jar 47 48 ${cfg.mrc.replication.extraConfig} 49 ''; 50 51 mrcConfig = pkgs.writeText "xtreemfs-mrc-config.properties" '' 52 uuid = ${cfg.mrc.uuid} 53 listen.port = ${toString cfg.mrc.port} 54 ${optionalString (cfg.mrc.address != "") "listen.address = ${cfg.mrc.address}"} 55 http_port = ${toString cfg.mrc.httpPort} 56 babudb.baseDir = ${home}/mrc/database 57 babudb.logDir = ${home}/mrc/db-log 58 babudb.sync = ${if cfg.mrc.replication.enable then "FDATASYNC" else cfg.mrc.syncMode} 59 60 ${optionalString cfg.mrc.replication.enable "babudb.plugin.0 = ${mrcReplicationConfig}"} 61 62 ${cfg.mrc.extraConfig} 63 ''; 64 65 osdConfig = pkgs.writeText "xtreemfs-osd-config.properties" '' 66 uuid = ${cfg.osd.uuid} 67 listen.port = ${toString cfg.osd.port} 68 ${optionalString (cfg.osd.address != "") "listen.address = ${cfg.osd.address}"} 69 http_port = ${toString cfg.osd.httpPort} 70 object_dir = ${home}/osd/ 71 72 ${cfg.osd.extraConfig} 73 ''; 74 75 optionalDir = optionals cfg.dir.enable ["xtreemfs-dir.service"]; 76 77 systemdOptionalDependencies = { 78 after = [ "network.target" ] ++ optionalDir; 79 wantedBy = [ "multi-user.target" ] ++ optionalDir; 80 }; 81 82in 83 84{ 85 86 ###### interface 87 88 options = { 89 90 services.xtreemfs = { 91 92 enable = mkEnableOption "XtreemFS"; 93 94 homeDir = mkOption { 95 default = "/var/lib/xtreemfs"; 96 description = '' 97 XtreemFS home dir for the xtreemfs user. 98 ''; 99 }; 100 101 dir = { 102 enable = mkOption { 103 default = true; 104 description = '' 105 Whether to enable XtreemFS DIR service. 106 ''; 107 }; 108 uuid = mkOption { 109 example = "eacb6bab-f444-4ebf-a06a-3f72d7465e40"; 110 description = '' 111 Must be set to a unique identifier, preferably a UUID according to 112 RFC 4122. UUIDs can be generated with `uuidgen` command, found in 113 the `utillinux` package. 114 ''; 115 }; 116 port = mkOption { 117 default = 32638; 118 description = '' 119 The port to listen on for incoming connections (TCP). 120 ''; 121 }; 122 address = mkOption { 123 example = "127.0.0.1"; 124 default = ""; 125 description = '' 126 If specified, it defines the interface to listen on. If not 127 specified, the service will listen on all interfaces (any). 128 ''; 129 }; 130 httpPort = mkOption { 131 default = 30638; 132 description = '' 133 Specifies the listen port for the HTTP service that returns the 134 status page. 135 ''; 136 }; 137 syncMode = mkOption { 138 default = "FSYNC"; 139 example = "FDATASYNC"; 140 description = '' 141 The sync mode influences how operations are committed to the disk 142 log before the operation is acknowledged to the caller. 143 144 -ASYNC mode the writes to the disk log are buffered in memory by the operating system. This is the fastest mode but will lead to data loss in case of a crash, kernel panic or power failure. 145 -SYNC_WRITE_METADATA opens the file with O_SYNC, the system will not buffer any writes. The operation will be acknowledged when data has been safely written to disk. This mode is slow but offers maximum data safety. However, BabuDB cannot influence the disk drive caches, this depends on the OS and hard disk model. 146 -SYNC_WRITE similar to SYNC_WRITE_METADATA but opens file with O_DSYNC which means that only the data is commit to disk. This can lead to some data loss depending on the implementation of the underlying file system. Linux does not implement this mode. 147 -FDATASYNC is similar to SYNC_WRITE but opens the file in asynchronous mode and calls fdatasync() after writing the data to disk. 148 -FSYNC is similar to SYNC_WRITE_METADATA but opens the file in asynchronous mode and calls fsync() after writing the data to disk. 149 150 For best throughput use ASYNC, for maximum data safety use FSYNC. 151 152 (If xtreemfs.dir.replication.enable is true then FDATASYNC is forced) 153 ''; 154 }; 155 extraConfig = mkOption { 156 default = ""; 157 example = '' 158 # specify whether SSL is required 159 ssl.enabled = true 160 ssl.service_creds.pw = passphrase 161 ssl.service_creds.container = pkcs12 162 ssl.service_creds = /etc/xos/xtreemfs/truststore/certs/dir.p12 163 ssl.trusted_certs = /etc/xos/xtreemfs/truststore/certs/trusted.jks 164 ssl.trusted_certs.pw = jks_passphrase 165 ssl.trusted_certs.container = jks 166 ''; 167 description = '' 168 Configuration of XtreemFS DIR service. 169 WARNING: configuration is saved as plaintext inside nix store. 170 For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html 171 ''; 172 }; 173 replication = { 174 enable = mkEnableOption "XtreemFS DIR replication plugin"; 175 extraConfig = mkOption { 176 example = '' 177 # participants of the replication including this replica 178 babudb.repl.participant.0 = 192.168.0.10 179 babudb.repl.participant.0.port = 35676 180 babudb.repl.participant.1 = 192.168.0.11 181 babudb.repl.participant.1.port = 35676 182 babudb.repl.participant.2 = 192.168.0.12 183 babudb.repl.participant.2.port = 35676 184 185 # number of servers that at least have to be up to date 186 # To have a fault-tolerant system, this value has to be set to the 187 # majority of nodes i.e., if you have three replicas, set this to 2 188 # Please note that a setup with two nodes provides no fault-tolerance. 189 babudb.repl.sync.n = 2 190 191 # specify whether SSL is required 192 babudb.ssl.enabled = true 193 194 babudb.ssl.protocol = tlsv12 195 196 # server credentials for SSL handshakes 197 babudb.ssl.service_creds = /etc/xos/xtreemfs/truststore/certs/osd.p12 198 babudb.ssl.service_creds.pw = passphrase 199 babudb.ssl.service_creds.container = pkcs12 200 201 # trusted certificates for SSL handshakes 202 babudb.ssl.trusted_certs = /etc/xos/xtreemfs/truststore/certs/trusted.jks 203 babudb.ssl.trusted_certs.pw = jks_passphrase 204 babudb.ssl.trusted_certs.container = jks 205 206 babudb.ssl.authenticationWithoutEncryption = false 207 ''; 208 description = '' 209 Configuration of XtreemFS DIR replication plugin. 210 WARNING: configuration is saved as plaintext inside nix store. 211 For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html 212 ''; 213 }; 214 }; 215 }; 216 217 mrc = { 218 enable = mkOption { 219 default = true; 220 description = '' 221 Whether to enable XtreemFS MRC service. 222 ''; 223 }; 224 uuid = mkOption { 225 example = "eacb6bab-f444-4ebf-a06a-3f72d7465e41"; 226 description = '' 227 Must be set to a unique identifier, preferably a UUID according to 228 RFC 4122. UUIDs can be generated with `uuidgen` command, found in 229 the `utillinux` package. 230 ''; 231 }; 232 port = mkOption { 233 default = 32636; 234 description = '' 235 The port to listen on for incoming connections (TCP). 236 ''; 237 }; 238 address = mkOption { 239 example = "127.0.0.1"; 240 default = ""; 241 description = '' 242 If specified, it defines the interface to listen on. If not 243 specified, the service will listen on all interfaces (any). 244 ''; 245 }; 246 httpPort = mkOption { 247 default = 30636; 248 description = '' 249 Specifies the listen port for the HTTP service that returns the 250 status page. 251 ''; 252 }; 253 syncMode = mkOption { 254 default = "FSYNC"; 255 example = "FDATASYNC"; 256 description = '' 257 The sync mode influences how operations are committed to the disk 258 log before the operation is acknowledged to the caller. 259 260 -ASYNC mode the writes to the disk log are buffered in memory by the operating system. This is the fastest mode but will lead to data loss in case of a crash, kernel panic or power failure. 261 -SYNC_WRITE_METADATA opens the file with O_SYNC, the system will not buffer any writes. The operation will be acknowledged when data has been safely written to disk. This mode is slow but offers maximum data safety. However, BabuDB cannot influence the disk drive caches, this depends on the OS and hard disk model. 262 -SYNC_WRITE similar to SYNC_WRITE_METADATA but opens file with O_DSYNC which means that only the data is commit to disk. This can lead to some data loss depending on the implementation of the underlying file system. Linux does not implement this mode. 263 -FDATASYNC is similar to SYNC_WRITE but opens the file in asynchronous mode and calls fdatasync() after writing the data to disk. 264 -FSYNC is similar to SYNC_WRITE_METADATA but opens the file in asynchronous mode and calls fsync() after writing the data to disk. 265 266 For best throughput use ASYNC, for maximum data safety use FSYNC. 267 268 (If xtreemfs.mrc.replication.enable is true then FDATASYNC is forced) 269 ''; 270 }; 271 extraConfig = mkOption { 272 example = '' 273 osd_check_interval = 300 274 no_atime = true 275 local_clock_renewal = 0 276 remote_time_sync = 30000 277 authentication_provider = org.xtreemfs.common.auth.NullAuthProvider 278 279 # shared secret between the MRC and all OSDs 280 capability_secret = iNG8UuQJrJ6XVDTe 281 282 dir_service.host = 192.168.0.10 283 dir_service.port = 32638 284 285 # if replication is enabled 286 dir_service.1.host = 192.168.0.11 287 dir_service.1.port = 32638 288 dir_service.2.host = 192.168.0.12 289 dir_service.2.port = 32638 290 291 # specify whether SSL is required 292 ssl.enabled = true 293 ssl.protocol = tlsv12 294 ssl.service_creds.pw = passphrase 295 ssl.service_creds.container = pkcs12 296 ssl.service_creds = /etc/xos/xtreemfs/truststore/certs/mrc.p12 297 ssl.trusted_certs = /etc/xos/xtreemfs/truststore/certs/trusted.jks 298 ssl.trusted_certs.pw = jks_passphrase 299 ssl.trusted_certs.container = jks 300 ''; 301 description = '' 302 Configuration of XtreemFS MRC service. 303 WARNING: configuration is saved as plaintext inside nix store. 304 For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html 305 ''; 306 }; 307 replication = { 308 enable = mkEnableOption "XtreemFS MRC replication plugin"; 309 extraConfig = mkOption { 310 example = '' 311 # participants of the replication including this replica 312 babudb.repl.participant.0 = 192.168.0.10 313 babudb.repl.participant.0.port = 35678 314 babudb.repl.participant.1 = 192.168.0.11 315 babudb.repl.participant.1.port = 35678 316 babudb.repl.participant.2 = 192.168.0.12 317 babudb.repl.participant.2.port = 35678 318 319 # number of servers that at least have to be up to date 320 # To have a fault-tolerant system, this value has to be set to the 321 # majority of nodes i.e., if you have three replicas, set this to 2 322 # Please note that a setup with two nodes provides no fault-tolerance. 323 babudb.repl.sync.n = 2 324 325 # specify whether SSL is required 326 babudb.ssl.enabled = true 327 328 babudb.ssl.protocol = tlsv12 329 330 # server credentials for SSL handshakes 331 babudb.ssl.service_creds = /etc/xos/xtreemfs/truststore/certs/osd.p12 332 babudb.ssl.service_creds.pw = passphrase 333 babudb.ssl.service_creds.container = pkcs12 334 335 # trusted certificates for SSL handshakes 336 babudb.ssl.trusted_certs = /etc/xos/xtreemfs/truststore/certs/trusted.jks 337 babudb.ssl.trusted_certs.pw = jks_passphrase 338 babudb.ssl.trusted_certs.container = jks 339 340 babudb.ssl.authenticationWithoutEncryption = false 341 ''; 342 description = '' 343 Configuration of XtreemFS MRC replication plugin. 344 WARNING: configuration is saved as plaintext inside nix store. 345 For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html 346 ''; 347 }; 348 }; 349 }; 350 351 osd = { 352 enable = mkOption { 353 default = true; 354 description = '' 355 Whether to enable XtreemFS OSD service. 356 ''; 357 }; 358 uuid = mkOption { 359 example = "eacb6bab-f444-4ebf-a06a-3f72d7465e42"; 360 description = '' 361 Must be set to a unique identifier, preferably a UUID according to 362 RFC 4122. UUIDs can be generated with `uuidgen` command, found in 363 the `utillinux` package. 364 ''; 365 }; 366 port = mkOption { 367 default = 32640; 368 description = '' 369 The port to listen on for incoming connections (TCP and UDP). 370 ''; 371 }; 372 address = mkOption { 373 example = "127.0.0.1"; 374 default = ""; 375 description = '' 376 If specified, it defines the interface to listen on. If not 377 specified, the service will listen on all interfaces (any). 378 ''; 379 }; 380 httpPort = mkOption { 381 default = 30640; 382 description = '' 383 Specifies the listen port for the HTTP service that returns the 384 status page. 385 ''; 386 }; 387 extraConfig = mkOption { 388 example = '' 389 local_clock_renewal = 0 390 remote_time_sync = 30000 391 report_free_space = true 392 capability_secret = iNG8UuQJrJ6XVDTe 393 394 dir_service.host = 192.168.0.10 395 dir_service.port = 32638 396 397 # if replication is used 398 dir_service.1.host = 192.168.0.11 399 dir_service.1.port = 32638 400 dir_service.2.host = 192.168.0.12 401 dir_service.2.port = 32638 402 403 # specify whether SSL is required 404 ssl.enabled = true 405 ssl.service_creds.pw = passphrase 406 ssl.service_creds.container = pkcs12 407 ssl.service_creds = /etc/xos/xtreemfs/truststore/certs/osd.p12 408 ssl.trusted_certs = /etc/xos/xtreemfs/truststore/certs/trusted.jks 409 ssl.trusted_certs.pw = jks_passphrase 410 ssl.trusted_certs.container = jks 411 ''; 412 description = '' 413 Configuration of XtreemFS OSD service. 414 WARNING: configuration is saved as plaintext inside nix store. 415 For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html 416 ''; 417 }; 418 }; 419 }; 420 421 }; 422 423 424 ###### implementation 425 426 config = lib.mkIf cfg.enable { 427 428 environment.systemPackages = [ xtreemfs ]; 429 430 users.extraUsers.xtreemfs = 431 { uid = config.ids.uids.xtreemfs; 432 description = "XtreemFS user"; 433 createHome = true; 434 home = home; 435 }; 436 437 users.extraGroups.xtreemfs = 438 { gid = config.ids.gids.xtreemfs; 439 }; 440 441 systemd.services.xtreemfs-dir = mkIf cfg.dir.enable { 442 description = "XtreemFS-DIR Server"; 443 after = [ "network.target" ]; 444 wantedBy = [ "multi-user.target" ]; 445 serviceConfig = { 446 User = "xtreemfs"; 447 ExecStart = "${startupScript "org.xtreemfs.dir.DIR" dirConfig}"; 448 }; 449 }; 450 451 systemd.services.xtreemfs-mrc = mkIf cfg.mrc.enable ({ 452 description = "XtreemFS-MRC Server"; 453 serviceConfig = { 454 User = "xtreemfs"; 455 ExecStart = "${startupScript "org.xtreemfs.mrc.MRC" mrcConfig}"; 456 }; 457 } // systemdOptionalDependencies); 458 459 systemd.services.xtreemfs-osd = mkIf cfg.osd.enable ({ 460 description = "XtreemFS-OSD Server"; 461 serviceConfig = { 462 User = "xtreemfs"; 463 ExecStart = "${startupScript "org.xtreemfs.osd.OSD" osdConfig}"; 464 }; 465 } // systemdOptionalDependencies); 466 467 }; 468 469}