Do we curently have a way of forcing using NFSv4?
Archwiki says that systemd has the option of running NFSv4 only, so I suppose that it is somewhere (not on the NixOS Wiki.
Do any of you know about this option?
Not sure if it is NFS4 only but I use:
fileSystems.“/mnt/nfs/share” = {
device = “server.domain:/file/store/stuff”;
fsType = “nfs4”;
};
Are you trying to prevent a fallback? I’ve not seen it happen, but could just be my setup…
I’d be interested in the answer too if I am misunderstanding!
1 Like
Just to be clear, I have a NFS server on NixOS and I want the files to be avalible only for nfs4 clients.
I have added the fsType to my bind mount:
fileSystems.${nfsDir} = { # see hardware-config.nix
device = "/mnt/${discDir}";
options = [ "bind" ];
fsType = "nfs4";
};
However, I do not think that this changes the nfs version avalibility:
user@notNix ~ $ rpcinfo -p 192.168.1.124 | grep nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
Could you please provide the output of this command?
Are you trying to prevent a fallback?
Not really. I am trying to limit resource usage and improve security.
And of course play around with NixOS.
You can turn NFSv3 off on the server by using extraNfsdConfig:
services.nfs.server.extraNfsdConfig = ''
UDP=off
vers2=off
vers3=off
'';
It writes the options for nfs.conf (see man pages for nfs.conf, rpc.nfsd)
1 Like
Thanks!
I have managed to set this config:
services.nfs.server = { enable=true;
exports = "${exportFileContents}";
extraNfsdConfig =''
rdma = true # Remote Direct Memory Access
vers3 = false
vers4 = true
vers4.0 = false
vers4.1 = false
vers4.2 = true
'';
};
1 Like
This woked great. However extraNnfsdConfig got deprecated and now I cannot specify the “vers4.X” as nix recognizes it as a float.
Does anyone know how to do this?
Where is that deprecation?
I got a message when nixos-rebuilding saying that I should switch to the newer way.
Please post the entire error message verbatim without paraphrasing. I don’t see a deprecation warning in Nixpkgs on that option.
sorry, I was not at the PC at that moment. Here it is:
# nixos-rebuild test
building Nix...
building the system configuration...
trace: warning: `services.nfs.server.extraNfsdConfig` is deprecated. Use `services.nfs.settings` instead.
these 19 derivations will be built:
[...]
Also if I try to use both I get
error:
Failed assertions:
- `services.nfs.settings` cannot be used together with `services.nfs.extraConfig` and `services.nfs.server.extraNfsdConfig`.
No problem, the deprecation warning was in a place where I didn’t expect it. Having the error message makes it easier to locate.
Looks like you can just use something like:
services.nfs.settings = {
nfsd = {
rdma = true;
vers2 = false;
vers4 = true;
[... and so on ...]
};
};
In general, this will build the .ini file for NFS. The top-level attributes (in this case nfsd) will be turned into sections, and the key-value-pairs below will be turned into, well, key=value properly formatted for INI files.
And if you have a key that’d otherwise be nix syntax, you can quote it like this:
"vers4.2" = true;
2 Likes
This is what I was missing!
This is my config as of right now:
settings = {
nfsd.udp = false;
nfsd.vers3 = false;
nfsd.vers4 = true;
nfsd."vers4.0" = false;
nfsd."vers4.1" = false;
nfsd."vers4.2" = true;
};