nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-10 15:04:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
3fb29fecd5
nixpkgs/nixos/modules/programs/tsm-client.nix
Yarny0 3fb29fecd5 nixos/tsm-client: use freeformType for server config 
`tsm-client` uses a global configuration
file that must contain coordinates for each
server that it is supposed to contact.
This configuration consists of text
lines with key-value pairs.

In the NixOS module, these servers may be declared
with an attribute set, where the attribute name
defines an alias for the server, and the value
is again an attribute set with the settings for
the respective server.
This is organized as an option of type `attrsOf submodule...`.

Before this commit:

Important settings have their own option within
the submodule.  For everything else, there is
the "catch-all" option `extraConfig` that may
be used to declare any key-value pairs.
There is also `text` that can be used to
add arbitrary text to each server's
section in the global config file.

After this commit:

`extraConfig` and `text` are gone,
the attribute names and values of each server's attribute
set are translated directly into key-value pairs,
with the following notable rules:

* Lists are translated into multiple lines
  with the same key, as such is permitted by
  the software for certain keys.
* `null` may be used to override/shadow a value that
  is defined elsewhere and hides the corresponding key.

Those "important settings" that have previously been
defined as dedicated options are still defined as such,
but they have been renamed to match their
corresponding key names in the configuration file.
There is a notable exception:
"Our" boolean option `genPasswd` influences the "real"
option `passwordaccess', but the latter one is
uncomfortable to use and might lead
to undesirable outcome if used the wrong way.
So it seems advisable to keep the boolean option
and the warning in its description.
To this end, the value of `getPasswd` itself is
later filtered out when the config file is generated.

The tsm-backup service module and the vm test are adapted.

Migration code will be added in a separate
commit to permit easy reversal later, when the
migration code is no longer deemed necessary.
2023-12-02 09:09:27 +01:00

253 lines
8.5 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
inherit (lib.attrsets) attrValues mapAttrsToList removeAttrs;
inherit (lib.lists) allUnique concatLists elem isList map;
inherit (lib.modules) mkDefault mkIf;
inherit (lib.options) mkEnableOption mkOption mkPackageOption;
inherit (lib.strings) concatLines optionalString toLower;
inherit (lib.trivial) isInt;
inherit (lib.types) addCheck attrsOf coercedTo either enum int lines listOf nonEmptyStr nullOr oneOf path port singleLineStr strMatching submodule;
scalarType =
# see the option's description below for the
# handling/transformation of each possible type
oneOf [ (enum [ true null ]) int path singleLineStr ];
# TSM rejects servername strings longer than 64 chars.
servernameType = strMatching "[^[:space:]]{1,64}";
serverOptions = { name, config, ... }: {
freeformType = attrsOf (either scalarType (listOf scalarType));
# Client system-options file directives are explained here:
# https://www.ibm.com/docs/en/storage-protect/8.1.20?topic=commands-processing-options
options.servername = mkOption {
type = servernameType;
default = name;
example = "mainTsmServer";
description = lib.mdDoc ''
Local name of the IBM TSM server,
must not contain space or more than 64 chars.
'';
};
options.tcpserveraddress = mkOption {
type = nonEmptyStr;
example = "tsmserver.company.com";
description = lib.mdDoc ''
Host/domain name or IP address of the IBM TSM server.
'';
};
options.tcpport = mkOption {
type = addCheck port (p: p<=32767);
default = 1500; # official default
description = lib.mdDoc ''
TCP port of the IBM TSM server.
TSM does not support ports above 32767.
'';
};
options.nodename = mkOption {
type = nonEmptyStr;
example = "MY-TSM-NODE";
description = lib.mdDoc ''
Target node name on the IBM TSM server.
'';
};
options.genPasswd = mkEnableOption (lib.mdDoc ''
automatic client password generation.
This option does *not* cause a line in
{file}`dsm.sys` by itself, but generates a
corresponding `passwordaccess` directive.
The password will be stored in the directory
given by the option {option}`passworddir`.
*Caution*:
If this option is enabled and the server forces
to renew the password (e.g. on first connection),
a random password will be generated and stored
'');
options.passwordaccess = mkOption {
type = enum [ "generate" "prompt" ];
visible = false;
};
options.passworddir = mkOption {
type = nullOr path;
default = null;
example = "/home/alice/tsm-password";
description = lib.mdDoc ''
Directory that holds the TSM
node's password information.
'';
};
options.inclexcl = mkOption {
type = coercedTo lines
(pkgs.writeText "inclexcl.dsm.sys")
(nullOr path);
default = null;
example = ''
exclude.dir /nix/store
include.encrypt /home/.../*
'';
description = lib.mdDoc ''
Text lines with `include.*` and `exclude.*` directives
to be used when sending files to the IBM TSM server,
or an absolute path pointing to a file with such lines.
'';
};
config.commmethod = mkDefault "v6tcpip"; # uses v4 or v6, based on dns lookup result
config.passwordaccess = if config.genPasswd then "generate" else "prompt";
};
options.programs.tsmClient = {
enable = mkEnableOption (lib.mdDoc ''
IBM Storage Protect (Tivoli Storage Manager, TSM)
client command line applications with a
client system-options file "dsm.sys"
'');
servers = mkOption {
type = attrsOf (submodule serverOptions);
default = {};
example.mainTsmServer = {
tcpserveraddress = "tsmserver.company.com";
nodename = "MY-TSM-NODE";
compression = "yes";
};
description = lib.mdDoc ''
Server definitions ("stanzas")
for the client system-options file.
The name of each entry will be used for
the internal `servername` by default.
Each attribute will be transformed into a line
with a key-value pair within the server's stanza.
Integers as values will be
canonically turned into strings.
The boolean value `true` will be turned
into a line with just the attribute's name.
The value `null` will not generate a line.
A list as values generates an entry for
each value, according to the rules above.
'';
};
defaultServername = mkOption {
type = nullOr servernameType;
default = null;
example = "mainTsmServer";
description = lib.mdDoc ''
If multiple server stanzas are declared with
{option}`programs.tsmClient.servers`,
this option may be used to name a default
server stanza that IBM TSM uses in the absence of
a user-defined {file}`dsm.opt` file.
This option translates to a
`defaultserver` configuration line.
'';
};
dsmSysText = mkOption {
type = lines;
readOnly = true;
description = lib.mdDoc ''
This configuration key contains the effective text
of the client system-options file "dsm.sys".
It should not be changed, but may be
used to feed the configuration into other
TSM-depending packages used on the system.
'';
};
package = mkPackageOption pkgs "tsm-client" {
example = "tsm-client-withGui";
extraDescription = ''
It will be used with `.override`
to add paths to the client system-options file.
'';
};
wrappedPackage = mkPackageOption pkgs "tsm-client" {
default = null;
extraDescription = ''
This option is to provide the effective derivation,
wrapped with the path to the
client system-options file "dsm.sys".
It should not be changed, but exists
for other modules that want to call TSM executables.
'';
} // { readOnly = true; };
};
cfg = config.programs.tsmClient;
servernames = map (s: s.servername) (attrValues cfg.servers);
assertions =
[
{
assertion = allUnique (map toLower servernames);
message = ''
TSM server names
(option `programs.tsmClient.servers`)
contain duplicate name
(note that server names are case insensitive).
'';
}
{
assertion = (cfg.defaultServername!=null)->(elem cfg.defaultServername servernames);
message = ''
TSM default server name
`programs.tsmClient.defaultServername="${cfg.defaultServername}"`
not found in server names in
`programs.tsmClient.servers`.
'';
}
];
makeDsmSysLines = key: value:
# Turn a key-value pair from the server options attrset
# into zero (value==null), one (scalar value) or
# more (value is list) configuration stanza lines.
if isList value then map (makeDsmSysLines key) value else # recurse into list
if value == null then [ ] else # skip `null` value
[ (" ${key}${
if value == true then "" else # just output key if value is `true`
if isInt value then " ${builtins.toString value}" else
if path.check value then " \"${value}\"" else # enclose path in ".."
if singleLineStr.check value then " ${value}" else
throw "assertion failed: cannot convert type" # should never happen
}") ];
makeDsmSysStanza = {servername, ... }@serverCfg:
let
# drop special values that should not go into server config block
attrs = removeAttrs serverCfg [ "servername" "genPasswd" ];
in
''
servername ${servername}
${concatLines (concatLists (mapAttrsToList makeDsmSysLines attrs))}
'';
dsmSysText = ''
**** IBM Storage Protect (Tivoli Storage Manager)
**** client system-options file "dsm.sys".
**** Do not edit!
**** This file is generated by NixOS configuration.
${optionalString (cfg.defaultServername!=null) "defaultserver ${cfg.defaultServername}"}
${concatLines (map makeDsmSysStanza (attrValues cfg.servers))}
'';
in
{
inherit options;
config = mkIf cfg.enable {
inherit assertions;
programs.tsmClient.dsmSysText = dsmSysText;
programs.tsmClient.wrappedPackage = cfg.package.override rec {
dsmSysCli = pkgs.writeText "dsm.sys" cfg.dsmSysText;
dsmSysApi = dsmSysCli;
};
environment.systemPackages = [ cfg.wrappedPackage ];
};
meta.maintainers = [ lib.maintainers.yarny ];
}
Reference in New Issue View Git Blame Copy Permalink