105 lines
No EOL
2.1 KiB
Nix
105 lines
No EOL
2.1 KiB
Nix
{ ... }:
|
|
let
|
|
# ports
|
|
nfs3 = [
|
|
111
|
|
4000
|
|
4001
|
|
4002
|
|
20048
|
|
];
|
|
|
|
nfs4 = [
|
|
2049
|
|
];
|
|
|
|
iscsi = [
|
|
3260
|
|
];
|
|
|
|
tcpPorts = nfs3 ++ nfs4 ++ iscsi;
|
|
udpPorts = nfs3;
|
|
# ---
|
|
|
|
# iscsi info
|
|
nasBase = "iqn.2026-01.dev.nyxerinys:poseidon";
|
|
|
|
initiators = map ( name: {
|
|
node_wwn = "iqn.2026-01.dev.nyxerinys:${name}";
|
|
mapped_luns = [
|
|
{
|
|
index = 0;
|
|
tpg_lun = 0;
|
|
write_protect = false;
|
|
}
|
|
];
|
|
}) [
|
|
"gamma"
|
|
"delta"
|
|
"epsilon"
|
|
];
|
|
|
|
# initiators = [
|
|
# { node_wwn = "iqn.2026-01.dev.nyxerinys:gamma"; }
|
|
# { node_wwn = "iqn.2026-01.dev.nyxerinys:delta"; }
|
|
# { node_wwn = "iqn.2026-01.dev.nyxerinys:epsilon"; }
|
|
# ];
|
|
|
|
targets = [
|
|
{ name = "authentik"; zvol = "Velaris/Containers/Authentik"; lun = 0; }
|
|
];
|
|
|
|
in {
|
|
networking.firewall.allowedTCPPorts = tcpPorts;
|
|
networking.firewall.allowedUDPPorts = udpPorts;
|
|
fileSystems."/export/containers" = {
|
|
device = "/Velaris/Containers";
|
|
options = [ "bind" ];
|
|
};
|
|
services = {
|
|
nfs.server = {
|
|
enable = true;
|
|
createMountPoints = true;
|
|
lockdPort = 4001;
|
|
mountdPort = 4002;
|
|
statdPort = 4000;
|
|
exports = ''
|
|
/export 10.5.0.0/24(rw,fsid=0,no_subtree_check,no_root_squash)
|
|
/export/containers 10.5.0.0/24(rw,nohide,insecure,no_subtree_check,no_root_squash)
|
|
'';
|
|
};
|
|
target = {
|
|
enable = true;
|
|
config = {
|
|
storage_objects = map (t: {
|
|
dev = "/dev/zvol/${t.zvol}";
|
|
name = t.name;
|
|
plugin = "block";
|
|
wwn = "${nasBase}.${t.name}";
|
|
}) targets;
|
|
|
|
targets = map (t: {
|
|
fabric = "iscsi";
|
|
wwn = "${nasBase}.${t.name}";
|
|
tpgs = [{
|
|
enable = true;
|
|
portals = [
|
|
{
|
|
ip_address = "0.0.0.0";
|
|
port = 3260;
|
|
}
|
|
];
|
|
luns = [
|
|
{
|
|
index = t.lun;
|
|
plugin = "block";
|
|
name = t.name;
|
|
}
|
|
];
|
|
node_acls = initiators;
|
|
}];
|
|
}) targets;
|
|
};
|
|
};
|
|
};
|
|
} |