Skip to content
Snippets Groups Projects
Unverified Commit e989fb5e authored by Jean-Paul Calderone's avatar Jean-Paul Calderone
Browse files

Allow incidents to remain for 29 days and then delete them.

parent a4ca8468
Branches
No related tags found
1 merge request!31Remove old Tahoe-LAFS incident reports
...@@ -5,6 +5,9 @@ let ...@@ -5,6 +5,9 @@ let
pspkgs = pkgs.callPackage ./pspkgs.nix { }; pspkgs = pkgs.callPackage ./pspkgs.nix { };
# Grab the configuration for this module for convenient access below. # Grab the configuration for this module for convenient access below.
cfg = config.services.private-storage; cfg = config.services.private-storage;
storage-node-name = "storage";
# TODO: This path copied from tahoe.nix.
tahoe-base = "/var/db/tahoe-lafs";
in in
{ {
# Upstream tahoe-lafs module conflicts with ours (since ours is a # Upstream tahoe-lafs module conflicts with ours (since ours is a
...@@ -75,7 +78,7 @@ in ...@@ -75,7 +78,7 @@ in
# Define configuration based on values given for our options - starting with # Define configuration based on values given for our options - starting with
# the option that says whether this is even turned on. # the option that says whether this is even turned on.
config = lib.mkIf cfg.enable config = lib.mkIf cfg.enable
{ services.tahoe.nodes."storage" = { services.tahoe.nodes."${storage-node-name}" =
{ package = config.services.private-storage.tahoe.package; { package = config.services.private-storage.tahoe.package;
# Each attribute in this set corresponds to a section in the tahoe.cfg # Each attribute in this set corresponds to a section in the tahoe.cfg
# file. Attributes on those sets correspond to individual assignments # file. Attributes on those sets correspond to individual assignments
...@@ -89,7 +92,7 @@ in ...@@ -89,7 +92,7 @@ in
}; };
node = node =
# XXX Should try to name that is unique across the grid. # XXX Should try to name that is unique across the grid.
{ nickname = "storage"; { nickname = "${storage-node-name}";
# We have the web port active because the CLI uses it. We may # We have the web port active because the CLI uses it. We may
# eventually turn this off, or at least have it off by default (with # eventually turn this off, or at least have it off by default (with
# an option to turn it on). I don't know how much we'll use the CLI # an option to turn it on). I don't know how much we'll use the CLI
...@@ -125,5 +128,11 @@ in ...@@ -125,5 +128,11 @@ in
# Let traffic destined for the storage node's Foolscap server through. # Let traffic destined for the storage node's Foolscap server through.
networking.firewall.allowedTCPPorts = [ cfg.publicStoragePort ]; networking.firewall.allowedTCPPorts = [ cfg.publicStoragePort ];
systemd.tmpfiles.rules =
# Add a rule to prevent incident reports from accumulating indefinitely.
# See tmpfiles.d(5).
[ "d ${tahoe-base}/${storage-node-name}/logs/incidents 0755 root root 29d -"
];
}; };
} }
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment