···
lib.mapAttrsToList (key: val: "${key} = ${valueToString val}") value ));
29
+
# Manual initialization tool
initTool = pkgs.writeShellScriptBin "mfsmaster-init" ''
if [ ! -e ${cfg.master.settings.DATA_PATH}/metadata.mfs ]; then
cp ${pkgs.moosefs}/var/mfs/metadata.mfs.empty ${cfg.master.settings.DATA_PATH}
···
40
-
# master config file
41
-
masterCfg = settingsFormat.generate
42
-
"mfsmaster.cfg" cfg.master.settings;
44
-
# metalogger config file
45
-
metaloggerCfg = settingsFormat.generate
46
-
"mfsmetalogger.cfg" cfg.metalogger.settings;
40
+
masterCfg = settingsFormat.generate "mfsmaster.cfg" cfg.master.settings;
41
+
metaloggerCfg = settingsFormat.generate "mfsmetalogger.cfg" cfg.metalogger.settings;
42
+
chunkserverCfg = settingsFormat.generate "mfschunkserver.cfg" cfg.chunkserver.settings;
48
-
# chunkserver config file
49
-
chunkserverCfg = settingsFormat.generate
50
-
"mfschunkserver.cfg" cfg.chunkserver.settings;
52
-
# generic template for all daemons
systemdService = name: extraConfig: configFile: {
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
···
masterHost = lib.mkOption {
75
-
description = "IP or DNS name of master host.";
65
+
description = "IP or DNS name of the MooseFS master server.";
runAsUser = lib.mkOption {
82
-
description = "Run daemons as user moosefs instead of root.";
72
+
description = "Run daemons as moosefs user instead of root for better security.";
85
-
client.enable = lib.mkEnableOption "Moosefs client";
75
+
client.enable = lib.mkEnableOption "MooseFS client";
91
-
Enable Moosefs master daemon.
93
-
You need to run `mfsmaster-init` on a freshly installed master server to
94
-
initialize the `DATA_PATH` directory.
81
+
Enable MooseFS master daemon.
82
+
The master server coordinates all MooseFS operations and stores metadata.
87
+
autoInit = lib.mkOption {
88
+
type = lib.types.bool;
90
+
description = "Whether to automatically initialize the master's metadata directory on first run. Use with caution.";
type = with lib.types; listOf str;
102
-
description = "Paths to export (see mfsexports.cfg).";
96
+
description = "Export definitions for MooseFS (see mfsexports.cfg).";
"* / rw,alldirs,admin,maproot=0:0"
···
openFirewall = lib.mkOption {
111
-
description = "Whether to automatically open the necessary ports in the firewall.";
105
+
description = "Whether to automatically open required firewall ports for master service.";
···
options.DATA_PATH = lib.mkOption {
default = "/var/lib/mfs";
122
-
description = "Data storage directory.";
116
+
description = "Directory for storing master metadata.";
126
-
description = "Contents of config file (mfsmaster.cfg).";
119
+
description = "Master configuration options (mfsmaster.cfg).";
131
-
enable = lib.mkEnableOption "Moosefs metalogger daemon";
124
+
enable = lib.mkEnableOption "MooseFS metalogger daemon that maintains a backup copy of the master's metadata";
settings = lib.mkOption {
type = lib.types.submodule {
···
options.DATA_PATH = lib.mkOption {
default = "/var/lib/mfs";
140
-
description = "Data storage directory";
133
+
description = "Directory for storing metalogger data.";
144
-
description = "Contents of metalogger config file (mfsmetalogger.cfg).";
136
+
description = "Metalogger configuration options (mfsmetalogger.cfg).";
149
-
enable = lib.mkEnableOption "Moosefs chunkserver daemon";
141
+
enable = lib.mkEnableOption "MooseFS chunkserver daemon that stores file data";
openFirewall = lib.mkOption {
153
-
description = "Whether to automatically open the necessary ports in the firewall.";
145
+
description = "Whether to automatically open required firewall ports for chunkserver service.";
type = with lib.types; listOf str;
160
-
description = "Mount points to be used by chunkserver for storage (see mfshdd.cfg).";
161
-
example = [ "/mnt/hdd1" ];
152
+
description = "Mount points used by chunkserver for data storage (see mfshdd.cfg).";
153
+
example = [ "/mnt/hdd1" "/mnt/hdd2" ];
settings = lib.mkOption {
···
options.DATA_PATH = lib.mkOption {
default = "/var/lib/mfs";
171
-
description = "Directory for lock file.";
163
+
description = "Directory for lock files and other runtime data.";
166
+
description = "Chunkserver configuration options (mfschunkserver.cfg).";
175
-
description = "Contents of chunkserver config file (mfschunkserver.cfg).";
171
+
enable = lib.mkEnableOption ''
172
+
MooseFS CGI server for web interface.
173
+
Warning: The CGI server interface should be properly secured from unauthorized access,
174
+
as it provides full control over your MooseFS installation.
177
+
openFirewall = lib.mkOption {
178
+
type = lib.types.bool;
179
+
description = "Whether to automatically open the web interface port.";
183
+
settings = lib.mkOption {
184
+
type = lib.types.submodule {
185
+
freeformType = settingsFormat.type;
187
+
BIND_HOST = lib.mkOption {
188
+
type = lib.types.str;
189
+
default = "0.0.0.0";
190
+
description = "IP address to bind CGI server to.";
193
+
PORT = lib.mkOption {
194
+
type = lib.types.port;
196
+
description = "Port for CGI server to listen on.";
201
+
description = "CGI server configuration options.";
183
-
config = lib.mkIf ( cfg.client.enable || cfg.master.enable || cfg.metalogger.enable || cfg.chunkserver.enable ) {
185
-
warnings = [ ( lib.mkIf (!cfg.runAsUser) "Running moosefs services as root is not recommended.") ];
208
+
config = lib.mkIf (cfg.client.enable || cfg.master.enable || cfg.metalogger.enable || cfg.chunkserver.enable || cfg.cgiserver.enable) {
209
+
warnings = [ ( lib.mkIf (!cfg.runAsUser) "Running MooseFS services as root is not recommended.") ];
189
-
master.settings = lib.mkIf cfg.master.enable {
190
-
WORKING_USER = mfsUser;
191
-
EXPORTS_FILENAME = toString ( pkgs.writeText "mfsexports.cfg"
192
-
(lib.concatStringsSep "\n" cfg.master.exports));
212
+
master.settings = lib.mkIf cfg.master.enable (lib.mkMerge [
214
+
WORKING_USER = mfsUser;
215
+
EXPORTS_FILENAME = toString ( pkgs.writeText "mfsexports.cfg"
216
+
(lib.concatStringsSep "\n" cfg.master.exports));
218
+
(lib.mkIf cfg.cgiserver.enable {
219
+
MFSCGISERV = toString cfg.cgiserver.settings.PORT;
metalogger.settings = lib.mkIf cfg.metalogger.enable {
···
208
-
# Create system user account for daemons
209
-
users = lib.mkIf ( cfg.runAsUser && ( cfg.master.enable || cfg.metalogger.enable || cfg.chunkserver.enable ) ) {
236
+
users = lib.mkIf ( cfg.runAsUser && ( cfg.master.enable || cfg.metalogger.enable || cfg.chunkserver.enable || cfg.cgiserver.enable ) ) {
212
-
description = "moosefs daemon user";
239
+
description = "MooseFS daemon user";
···
(lib.optional cfg.client.enable pkgs.moosefs) ++
(lib.optional cfg.master.enable initTool);
222
-
networking.firewall.allowedTCPPorts =
223
-
(lib.optionals cfg.master.openFirewall [ 9419 9420 9421 ]) ++
224
-
(lib.optional cfg.chunkserver.openFirewall 9422);
249
+
networking.firewall.allowedTCPPorts = lib.mkMerge [
250
+
(lib.optionals cfg.master.openFirewall [ 9419 9420 9421 ])
251
+
(lib.optional cfg.chunkserver.openFirewall 9422)
252
+
(lib.optional (cfg.cgiserver.enable && cfg.cgiserver.openFirewall) cfg.cgiserver.settings.PORT)
226
-
# Ensure storage directories exist
227
-
systemd.tmpfiles.rules =
228
-
lib.optional cfg.master.enable "d ${cfg.master.settings.DATA_PATH} 0700 ${mfsUser} ${mfsUser}"
229
-
++ lib.optional cfg.metalogger.enable "d ${cfg.metalogger.settings.DATA_PATH} 0700 ${mfsUser} ${mfsUser}"
230
-
++ lib.optional cfg.chunkserver.enable "d ${cfg.chunkserver.settings.DATA_PATH} 0700 ${mfsUser} ${mfsUser}";
255
+
systemd.tmpfiles.rules = [
256
+
# Master directories
257
+
(lib.optionalString cfg.master.enable
258
+
"d ${cfg.master.settings.DATA_PATH} 0700 ${mfsUser} ${mfsUser} -")
232
-
# Service definitions
233
-
systemd.services.mfs-master = lib.mkIf cfg.master.enable
234
-
( systemdService "master" {
235
-
TimeoutStartSec = 1800;
236
-
TimeoutStopSec = 1800;
260
+
# Metalogger directories
261
+
(lib.optionalString cfg.metalogger.enable
262
+
"d ${cfg.metalogger.settings.DATA_PATH} 0700 ${mfsUser} ${mfsUser} -")
240
-
systemd.services.mfs-metalogger = lib.mkIf cfg.metalogger.enable
241
-
( systemdService "metalogger" { Restart = "on-abnormal"; } metaloggerCfg );
264
+
# Chunkserver directories
265
+
(lib.optionalString cfg.chunkserver.enable
266
+
"d ${cfg.chunkserver.settings.DATA_PATH} 0700 ${mfsUser} ${mfsUser} -")
267
+
] ++ lib.optionals (cfg.chunkserver.enable && cfg.chunkserver.hdds != null)
268
+
(map (dir: "d ${dir} 0755 ${mfsUser} ${mfsUser} -") cfg.chunkserver.hdds);
243
-
systemd.services.mfs-chunkserver = lib.mkIf cfg.chunkserver.enable
244
-
( systemdService "chunkserver" { Restart = "on-abnormal"; } chunkserverCfg );
270
+
systemd.services = lib.mkMerge [
271
+
(lib.mkIf cfg.master.enable {
272
+
mfs-master = (lib.mkMerge [
273
+
(systemdService "master" {
274
+
TimeoutStartSec = 1800;
275
+
TimeoutStopSec = 1800;
276
+
Restart = "on-failure";
280
+
preStart = lib.mkIf cfg.master.autoInit "${initTool}/bin/mfsmaster-init";
285
+
(lib.mkIf cfg.metalogger.enable {
286
+
mfs-metalogger = systemdService "metalogger" {
287
+
Restart = "on-abnormal";
292
+
(lib.mkIf cfg.chunkserver.enable {
293
+
mfs-chunkserver = systemdService "chunkserver" {
294
+
Restart = "on-abnormal";
299
+
(lib.mkIf cfg.cgiserver.enable {
301
+
description = "MooseFS CGI Server";
302
+
wantedBy = [ "multi-user.target" ];
303
+
after = [ "mfs-master.service" ];
307
+
ExecStart = "${pkgs.moosefs}/bin/mfscgiserv -D /var/lib/mfs -f start";
308
+
ExecStop = "${pkgs.moosefs}/bin/mfscgiserv -D /var/lib/mfs stop";
309
+
Restart = "on-failure";
310
+
RestartSec = "30s";
313
+
WorkingDirectory = "/var/lib/mfs";
pyrox.dev