{ config, pkgs, lib, ... }: { # https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/index.html # https://nixos.org/manual/nixos/stable/#sec-linux-zfs # https://nixos.wiki/wiki/ZFS # https://search.nixos.org/options?query=services.zfs boot.kernelPackages = lib.mkForce pkgs.zfs.latestCompatibleLinuxPackages; boot.supportedFilesystems = [ "zfs" ]; boot.zfs.forceImportRoot = false; # must be set per host # head -c4 /dev/urandom | od -A none -t x4 # consider the one automatically generated by systemd: # head -c 8 /etc/machine-id #networking.hostId = "12345678"; # Only datasets with the com.sun:auto-snapshot property set to true will be snapshotted. # zfs set com.sun:auto-snapshot=true DATASET services.zfs.autoSnapshot.enable = true; # simply runs zfstools # default args, can be overriden per-dataset # zfs set com.sun:auto-snapshot:weekly=false DATASET services.zfs.autoSnapshot.frequent = 4; # 15 min services.zfs.autoSnapshot.hourly = 24; services.zfs.autoSnapshot.daily = 7; services.zfs.autoSnapshot.weekly = 4; services.zfs.autoSnapshot.monthly = 5; #services.zfs.autoReplication.enable #services.zfs.autoScrub.enable = true; #services.zfs.trim.enable = true; # the `sharenfs` property generates /etc/exports.d/zfs.exports file, automatically processed by NFS # https://man.archlinux.org/man/core/nfs-utils/exports.5.en # # zfs set sharenfs="-maproot=0:0 -network=192.168.1.0/24" Reidun/shared # # zfs set sharenfs="-maproot=0:0 -network=192.168.1.0/24" Freon/Music # # zfs set sharenfs="ro=192.168.1.0/24,all_squash,anonuid=70,anongid=70" Meconium # # zfs set sharenfs="rw=@192.168.1.0/24" Meconium # # zfs set sharenfs="rw=@100.64.0.0/10" Meconium services.nfs.server.enable = lib.mkDefault true; # https://wiki.nixos.org/wiki/NFS # TODO: move to common-nfs-server.nix services.nfs.server = { # fixed rpc.statd port; for firewall lockdPort = 4001; mountdPort = 4002; statdPort = 4000; extraNfsdConfig = ''''; }; networking.firewall = lib.mkIf config.services.nfs.server.enable { # for NFSv3; view with `rpcinfo -p` allowedTCPPorts = [ 111 2049 4000 4001 4002 ]; # 20048 allowedUDPPorts = [ 111 2049 4000 4001 4002 ]; # 20048 }; }