From e989fb5ecf2b73ca7d6d3d7f5125b687b3fb2fea Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone <exarkun@twistedmatrix.com> Date: Mon, 1 Jun 2020 10:05:25 -0400 Subject: [PATCH] Allow incidents to remain for 29 days and then delete them. --- nixos/modules/private-storage.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/nixos/modules/private-storage.nix b/nixos/modules/private-storage.nix index d144fba9..ee68ce54 100644 --- a/nixos/modules/private-storage.nix +++ b/nixos/modules/private-storage.nix @@ -5,6 +5,9 @@ let pspkgs = pkgs.callPackage ./pspkgs.nix { }; # Grab the configuration for this module for convenient access below. cfg = config.services.private-storage; + storage-node-name = "storage"; + # TODO: This path copied from tahoe.nix. + tahoe-base = "/var/db/tahoe-lafs"; in { # Upstream tahoe-lafs module conflicts with ours (since ours is a @@ -75,7 +78,7 @@ in # Define configuration based on values given for our options - starting with # the option that says whether this is even turned on. config = lib.mkIf cfg.enable - { services.tahoe.nodes."storage" = + { services.tahoe.nodes."${storage-node-name}" = { package = config.services.private-storage.tahoe.package; # Each attribute in this set corresponds to a section in the tahoe.cfg # file. Attributes on those sets correspond to individual assignments @@ -89,7 +92,7 @@ in }; node = # XXX Should try to name that is unique across the grid. - { nickname = "storage"; + { nickname = "${storage-node-name}"; # We have the web port active because the CLI uses it. We may # eventually turn this off, or at least have it off by default (with # an option to turn it on). I don't know how much we'll use the CLI @@ -125,5 +128,11 @@ in # Let traffic destined for the storage node's Foolscap server through. networking.firewall.allowedTCPPorts = [ cfg.publicStoragePort ]; + systemd.tmpfiles.rules = + # Add a rule to prevent incident reports from accumulating indefinitely. + # See tmpfiles.d(5). + [ "d ${tahoe-base}/${storage-node-name}/logs/incidents 0755 root root 29d -" + ]; + }; } -- GitLab