From f30748a7cdbf0890c7b16e20e89ede9c0a69f4ca Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Sun, 7 Dec 2014 15:42:22 -0500 Subject: [PATCH] nixos: configure samba and rsync shares with sets --- .../services/network-filesystems/rsyncd.nix | 129 +++++++----------- .../services/network-filesystems/samba.nix | 27 ++++ 2 files changed, 75 insertions(+), 81 deletions(-) diff --git a/nixos/modules/services/network-filesystems/rsyncd.nix b/nixos/modules/services/network-filesystems/rsyncd.nix index 19aa7efd2ff..2018bfa14a5 100644 --- a/nixos/modules/services/network-filesystems/rsyncd.nix +++ b/nixos/modules/services/network-filesystems/rsyncd.nix @@ -6,113 +6,84 @@ let cfg = config.services.rsyncd; - motdFile = pkgs.writeText "rsyncd-motd" cfg.motd; + motdFile = builtins.toFile "rsyncd-motd" cfg.motd; - rsyncdCfg = "" - + optionalString (cfg.motd != "") "motd file = ${motdFile}\n" - + optionalString (cfg.address != "") "address = ${cfg.address}\n" - + optionalString (cfg.port != 873) "port = ${toString cfg.port}\n" - + cfg.extraConfig - + "\n" - + flip concatMapStrings cfg.modules (m: "[${m.name}]\n\tpath = ${m.path}\n" - + optionalString (m.comment != "") "\tcomment = ${m.comment}\n" - + m.extraConfig - + "\n" - ); - - rsyncdCfgFile = pkgs.writeText "rsyncd.conf" rsyncdCfg; + moduleConfig = name: + let module = getAttr name cfg.modules; in + "[${name}]\n " + (toString ( + map + (key: "${key} = ${toString (getAttr key module)}\n") + (attrNames module) + )); + cfgFile = builtins.toFile "rsyncd.conf" + '' + ${optionalString (cfg.motd != "") "motd file = ${motdFile}"} + ${optionalString (cfg.address != "") "address = ${cfg.address}"} + ${optionalString (cfg.port != 873) "port = ${toString cfg.port}"} + ${cfg.extraConfig} + ${toString (map moduleConfig (attrNames cfg.modules))} + ''; in { options = { - services.rsyncd = { enable = mkOption { default = false; - description = "Whether to enable the rsync daemon."; + description = "Whether to enable the rsync daemon."; }; motd = mkOption { type = types.string; default = ""; - description = '' - Message of the day to display to clients on each connect. - This usually contains site information and any legal notices. - ''; + description = '' + Message of the day to display to clients on each connect. + This usually contains site information and any legal notices. + ''; }; port = mkOption { default = 873; - type = types.int; - description = "TCP port the daemon will listen on."; + type = types.int; + description = "TCP port the daemon will listen on."; }; address = mkOption { default = ""; - example = "192.168.1.2"; - description = '' - IP address the daemon will listen on; rsyncd will listen on - all addresses if this is not specified. - ''; + example = "192.168.1.2"; + description = '' + IP address the daemon will listen on; rsyncd will listen on + all addresses if this is not specified. + ''; }; extraConfig = mkOption { type = types.lines; - default = ""; - description = '' - Lines of configuration to add to rsyncd globally. - See man rsyncd.conf for more options. - ''; + default = ""; + description = '' + Lines of configuration to add to rsyncd globally. + See man rsyncd.conf for options. + ''; }; modules = mkOption { - default = [ ]; - example = [ - { name = "ftp"; - path = "/home/ftp"; - comment = "ftp export area"; - extraConfig = '' - secrets file = /etc/rsyncd.secrets - ''; - } - ]; - description = "The list of file paths to export."; - type = types.listOf types.optionSet; - - options = { - - name = mkOption { - example = "ftp"; - type = types.string; - description = "Name of export module."; - }; - - comment = mkOption { - default = ""; - description = '' - Description string that is displayed next to the module name - when clients obtain a list of available modules. - ''; - }; - - path = mkOption { - example = "/home/ftp"; - type = types.string; - description = "Directory to make available in this module."; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - description = '' - Lines of configuration to add to this module. - See man rsyncd.conf for more options. - ''; + default = {}; + description = '' + A set describing exported directories. + See man rsyncd.conf for options. + ''; + type = types.attrsOf (types.attrsOf types.str); + example = + { srv = + { path = "/srv"; + "read only" = "yes"; + comment = "Public rsync share."; + }; }; - }; }; + }; }; @@ -120,20 +91,16 @@ in config = mkIf cfg.enable { - environment.etc = singleton - { source = rsyncdCfgFile; + environment.etc = singleton { + source = cfgFile; target = "rsyncd.conf"; }; systemd.services.rsyncd = { description = "Rsync daemon"; wantedBy = [ "multi-user.target" ]; - - path = [ pkgs.rsync ]; - serviceConfig.ExecStart = "${pkgs.rsync}/bin/rsync --daemon --no-detach"; }; - networking.firewall.allowedTCPPorts = [ cfg.port ]; }; } diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix index fd1e83d9f3e..1199fa316f9 100644 --- a/nixos/modules/services/network-filesystems/samba.nix +++ b/nixos/modules/services/network-filesystems/samba.nix @@ -27,6 +27,14 @@ let mkdir -p ${privateDir} ''; + shareConfig = name: + let share = getAttr name cfg.shares; in + "[${name}]\n " + (toString ( + map + (key: "${key} = ${toString (getAttr key share)}\n") + (attrNames share) + )); + configFile = pkgs.writeText "smb.conf" (if cfg.configText != null then cfg.configText else '' @@ -36,6 +44,8 @@ let ${optionalString cfg.syncPasswordsByPam "pam password change = true"} ${cfg.extraConfig} + + ${toString (map shareConfig (attrNames cfg.shares))} ''); # This may include nss_ldap, needed for samba if it has to use ldap. @@ -159,6 +169,23 @@ in ''; }; + shares = mkOption { + default = {}; + description = + '' + A set describing shared resources. + See man smb.conf for options. + ''; + type = types.attrsOf (types.attrsOf types.str); + example = + { srv = + { path = "/srv"; + "read only" = "yes"; + comment = "Public samba share."; + }; + }; + }; + }; };