Skip to content
Snippets Groups Projects
Select Git revision
  • develop default protected
  • production protected
  • nixpkgs-upgrade-2024-12-23
  • 190-our-regular-updates-fill-up-the-servers-boot-partitions
  • nixpkgs-upgrade-2024-10-14
  • hro-cloud protected
  • 162.flexible-grafana-module
  • nixpkgs-upgrade-2024-05-13
  • nixpkgs-upgrade-2024-04-22
  • nixpkgs-upgrade-2024-03-25
  • nixpkgs-upgrade-2024-03-18
  • nixpkgs-upgrade-2024-03-11
  • nixpkgs-upgrade-2024-03-04
  • 163.jp-to-ben-for-prod
  • nixpkgs-upgrade-2024-02-26
  • 164.grafana-alert-rules
  • 157.authorize-new-hro-key
  • nixpkgs-upgrade-2024-02-19
  • nixpkgs-upgrade-2024-02-12
  • make-sure-we-run-a-openzfs-compatible-kernel
20 results
Blame Permalink
private-storage.nix 7.93 KiB 
# A NixOS module which can instantiate a Tahoe-LAFS storage server in the
# preferred configuration for the Private Storage grid.
{ pkgs, ourpkgs, lib, config, ... }:
let
  # Grab the configuration for this module for convenient access below.
  cfg = config.services.private-storage;
  storage-node-name = "storage";
  # TODO: This path copied from tahoe.nix.
  tahoe-base = "/var/db/tahoe-lafs";

  # The full path to the directory where the storage server will write
  # incident reports.
  incidents-dir = "${tahoe-base}/${storage-node-name}/logs/incidents";

  # The maximum age that will be allowed for incident reports.  See
  # tmpfiles.d(5) for the syntax.
  #
  # NOTE: This is promised by the service privacy policy.  It *may not* be
  # raised without following the process for updating the privacy policy.
  # Fallback to 29d if "monitoring" attribute is not available (currently
  # in the system tests)
  max-incident-age = toString(cfg.monitoring.policy.logRetentionSeconds or
                              (29 * (24 * 60 * 60))) + "s";

  fqdn = "${
    assert config.networking.hostName != null; config.networking.hostName
    }.${
    assert config.networking.domain != null; config.networking.domain
    }";
in
{
  imports = [
    # Load our tahoe-lafs module.  It is configurable in the way I want it to
    # be configurable.
    ./tahoe.nix
  ];

  options =
  { services.private-storage.enable = lib.mkEnableOption "private storage service";
    services.private-storage.tahoe.package = lib.mkOption
    { default = ourpkgs.privatestorage;
      type = lib.types.package;
      example = lib.literalExpression "pkgs.tahoelafs";
      description = ''
        The package to use for the Tahoe-LAFS daemon.
      '';
    };
    services.private-storage.publicAddress = lib.mkOption
    { default = "${fqdn}";
      type = lib.types.str;
      example = "storage.example.invalid";
      description = ''
        A publicly-visible address to use in Tahoe-LAFS advertisements for
        this storage service.
      '';
    };
    services.private-storage.introducerFURL = lib.mkOption
    { default = null;
      type = lib.types.nullOr lib.types.str;
      example = "pb://<tubid>@<location hint>/<swissnum>";
      description = ''
        A Tahoe-LAFS introducer node fURL at which this storage node should announce itself.
      '';
    };
    services.private-storage.publicStoragePort = lib.mkOption
    { default = 8898;
      type = lib.types.int;
      example = 8098;
      description = ''
        The port number on which to service storage clients.