How to translate rsyncd.conf into services.rsyncd.settings?

bgibson · June 24, 2021, 8:16pm

Hello, I’m trying to set up rsyncd in my configuration.nix. Typically you configure the service with the file /etc/rsyncd.conf, whereas NixOS has a set of configuration options for it [1]:

services.rsyncd.settings

I can’t find much documentation on this, but the few examples I’ve found [1] [2] are throwing errors in nixos-rebuild:

while evaluating ‘isFunction’ at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/trivial.nix:342:16, called from /nix/var/nix/profiles/per-user/root/channels/nixos/lib/modules.nix:288:68:
syntax error, unexpected ID, expecting ‘.’ or ‘=’, at /etc/nixos/configuration.nix:803:11

That error is just due to spaces in option names, which can be solved by enclosing the option names in double quotes:

services.rsyncd = {
  enable = true;
  settings = {
    home = {
      "auth users" = [ "bgibson" ];
      path = "/home/bgibson";
      comment = "My NAS";
      "read only" = "no";
      list = "yes";
      "use chroot" = false;
      "secrets file" = "/persist/etc/rsyncd.secrets";
    };
  };
};

But then another error occurs:

while evaluating the attribute 'value' at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/modules.nix:570:27:  A definition for option `services.rsyncd.settings.home.auth users' is not of type `INI atom (null, bool, int, float or string)'. Definition values:
- In `/etc/nixos/configuration.nix':
    [
      "bgibson"
    ]

As far as I know, that definition looks like a string, which should be accepted. Anyone know what the problem is here?

bgibson · July 3, 2021, 8:29pm

Update: for a single user, remove the brackets:

"auth users" = "bgibson"

xdej · November 25, 2022, 1:53pm

Thanks for the update.

Can you share some more information about format of file /persist/etc/rsyncd.secrets ?

I tried these two lines without sucess:
xdej:passwordinclear
home:passwordinclear

I got the very dangerous passwordless rsyncd working, using:

 services.rsyncd = {
   enable = true;
   settings = {
     home = {
       "uid=nobody";
       "gid=nobody";
       path = "/tmp";
       comment = "https://discourse.nixos.org/t/how-to-translate-rsyncd-conf-into-services-rsyncd-settings/13783 https://unix.stackexchange.com/questions/120679/configuring-anonymous-rsync-daemon";
       "read only" = "no";
       list = "yes";
       "use chroot" = false;
       "secrets file" = "/etc/rsyncd.secrets";
     };
   };
 };

But then I stopped using /etc/nixos/configuration.nix for that, and switched for my one-time use to the following command line

rsync --no-detach --daemon -vvvvvvvv --log-file=/tmp/rsync

with /etc/rsyncd.conf containing:

[global]
port=873
log file = /var/log/rsync.log

[home]
max verbosity=5
comment=https://discourse.nixos.org/t/how-to-translate-rsyncd-conf-into-services-rsyncd-settings/13783 https://unix.stackexchange.com/questions/120679/configuring-anonymous-rsync-daemon
list=yes
path=/tmp
read only=no
use chroot=false
uid = nobody
gid = nobody

bgibson · December 21, 2022, 1:47am

I’m actually not using rsyncd.secrets, it’s commented out in my config:

  services.rsyncd = {
    enable = true;
    settings = {
      zdata1 = {
        "auth users" = "bgibson";
        path = "/zdata/";
        comment = "sharing /zdata/";
        "read only" = "no";
        list = "yes";
        "use chroot" = false;
        #"secrets file" = "/etc/rsyncd.secrets";
      };
    };
  };

I’ve just been manually logging in when using rsync.