ZFS: Difference between revisions

(7 intermediate revisions by 3 users not shown)

Line 323:

</syntaxhighlight>

You can confirm whether any specified configuration/tuning got applied via commands like <code>~~arc_summary~~</code> and <code>~~arcstat~~ -a -s " "</code>.

You can confirm whether any specified configuration/tuning got applied via commands like <code>zarcsummary</code> and <code>zarcstat -a -s " "</code>.

== Automatic scrubbing ==

Line 336:

=== Unlock encrypted ZFS via SSH on boot ===

{{note|As of 22.05, rebuilding your config with the below directions may result in a situation where, if you want to revert the changes, you may need to do some pretty hairy nix-store manipulation to be able to successfully rebuild, see https://github.com/NixOS/nixpkgs/issues/101462#issuecomment-1172926129}}

Line 419:

Line 420:

== Take snapshots automatically ==

See {{nixos:option|services.sanoid}} section in <code>man configuration.nix</code>.

See {{nixos:option|services.zfs.autoSnapshot}} or {{nixos:option|services.sanoid}} section in <code>man configuration.nix</code>.

== NFS share ==

Line 436:

Line 437:

{{warning|<code>zfs share</code> or <code>sharenfs</code> does not work if the <code>mountpoint</code> is set to <code>legacy</code> (or <code>none</code>, of course). I was unable to find a source for this behaviour, but I was stuck on the problem for days, until I realized the problem. ::Reply: sharenfs controlls what

is written into /etc/exports. If ZFS does not know the mountpoint, as is the case in

is written into <code>/etc/exports</code>. If ZFS does not know the mountpoint, as is the case in

mountpoint=legacy or none, the contents of /etc/exports would be wrong}}

mountpoint legacy or none, the contents of <code>/etc/exports</code> would be wrong}}

Then, set <code>sharenfs</code> property:

Line 450:

Line 451:

ZFS Event Daemon (zed) monitors events generated by the ZFS Kernel module and runs configured tasks. It can be configured to send an email when a pool scrub is finished or a disk has failed. [https://search.nixos.org/options?query=services.zfs.zed zed options]

~~=== Option A: enable mail notifications without re-compliation ===~~

First, we need to configure a mail transfer agent, the program that sends email:

{

age.secrets.msmtp = {

file = "${inputs.self.outPath}/secrets/msmtp.age";

};

# for zed enableMail, enable sendmailSetuidWrapper

services.mail.sendmailSetuidWrapper.enable = true;

programs.msmtp = {

enable = true;

Line 461:

Line 467:

defaults = {

aliases = "/etc/aliases";

port = ~~465~~;

port = 587;

~~tls_trust_file~~ = "~~/etc/ssl/certs/ca-certificates.crt~~";

auth = "plain";

tls = "on";

~~auth = "plain";~~

tls_starttls = "on";

tls_starttls = "~~off~~";

};

accounts = {

default = {

host = "mail.example.com";

host = "smtp.mail.example.com";

passwordeval = "cat ~~/etc/emailpass~~.~~txt~~";

passwordeval = "cat ${config.age.secrets.msmtp.path}";

user = "~~user~~@example.com";

user = "myname@example.com";

from = "~~user~~@example.com";

from = "myname@example.com";

};

Line 484:

Line 489:

{

environment.etc.aliases.text = ''

root: ~~you~~@example.com

root: admin@example.com

'';

}

</syntaxhighlight>

Finally, ~~override default~~ zed ~~settings with a custom one~~:

Finally, enable zed mail notification:

{

services.zfs.zed~~.settings~~ = {

services.zfs.zed = {

~~ZED_DEBUG_LOG~~ = ~~"/tmp/zed.debug.log"~~;

enableMail = true;

ZED_EMAIL_ADDR = [ "root" ];

settings = {

~~ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";~~

ZED_EMAIL_ADDR = [ "root" ];

~~ZED_EMAIL_OPTS = "@ADDRESS@";~~

# send notification if scrub succeeds

ZED_NOTIFY_VERBOSE = true;

~~ZED_NOTIFY_INTERVAL_SECS = 3600;~~

};

ZED_NOTIFY_VERBOSE = true;

~~ZED_USE_ENCLOSURE_LEDS = true;~~

~~ZED_SCRUB_AFTER_RESILVER = true~~;

};

~~# this option does not work; will return error~~

~~services.zfs.zed.enableMail = false;~~

}

</syntaxhighlight>

Line 514:

Line 513:

</syntaxhighlight>

~~=== Option B: Rebuild ZFS with mail support ===~~

The <code>zfs</code> package can be rebuilt with mail features. However, please note that this will cause Nix to recompile the entire ZFS package on the computer, and on every Kernel update, which could be very time-consuming on lower-end NAS systems.

~~An alternative solution that does not involve recompliation can be found above.~~

~~The following override is needed as <code>zfs</code>is implicitly used in partition mounting:~~

~~<syntaxhighlight lang="nix">~~

~~nixpkgs.config.packageOverrides = pkgs: {~~

~~zfsStable = pkgs.zfsStable.override { enableMail = true; };~~

};

~~</syntaxhighlight>~~

~~A mail sender like [[msmtp]] or [[postfix]] is required.~~

~~A minimal, testable ZED configuration example:~~

~~<syntaxhighlight lang="nix">~~

~~services.zfs.zed.enableMail = true;~~

~~services.zfs.zed.settings = {~~

~~ZED_EMAIL_ADDR = [ "root" ];~~

~~ZED_NOTIFY_VERBOSE = true;~~

};

~~</syntaxhighlight>~~

Above, <code>ZED_EMAIL_ADDR</code> is set to <code>root</code>, which most people will have an alias for in their mailer. You can change it to directly mail you: <code>ZED_EMAIL_ADDR = [ "you@example.com" ];</code>

ZED pulls in <code>mailutils</code> and runs <code>mail</code> by default, but you can override it with <code>ZED_EMAIL_PROG</code>. If using msmtp, you may need <code>ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";</code>.

You can customize the mail command with <code>ZED_EMAIL_OPTS</code>. For example, if your upstream mail server requires a certain FROM address: <code>ZED_EMAIL_OPTS = "-r 'noreply@example.com' -s '@SUBJECT@' @ADDRESS@";</code>

[[Category:Guide]]

@@ Line 323: / Line 323: @@
 </syntaxhighlight>
-You can confirm whether any specified configuration/tuning got applied via commands like <code>arc_summary</code> and <code>arcstat -a -s " "</code>.
+You can confirm whether any specified configuration/tuning got applied via commands like <code>zarcsummary</code> and <code>zarcstat -a -s " "</code>.
 == Automatic scrubbing ==
@@ Line 336: / Line 336: @@
 === Unlock encrypted ZFS via SSH on boot ===
+{{merge|Remote_disk_unlocking}}
 {{note|As of 22.05, rebuilding your config with the below directions may result in a situation where, if you want to revert the changes, you may need to do some pretty hairy nix-store manipulation to be able to successfully rebuild, see https://github.com/NixOS/nixpkgs/issues/101462#issuecomment-1172926129}}
@@ Line 419: / Line 420: @@
 == Take snapshots automatically ==
-See {{nixos:option|services.sanoid}} section in <code>man configuration.nix</code>.
+See {{nixos:option|services.zfs.autoSnapshot}} or {{nixos:option|services.sanoid}} section in <code>man configuration.nix</code>.
 == NFS share ==
@@ Line 436: / Line 437: @@
 {{warning|<code>zfs share</code> or <code>sharenfs</code> does not work if the <code>mountpoint</code> is set to <code>legacy</code> (or <code>none</code>, of course). I was unable to find a source for this behaviour, but I was stuck on the problem for days, until I realized the problem.  ::Reply: sharenfs controlls what
-is written into /etc/exports.  If ZFS does not know the mountpoint, as is the case in
+is written into <code>/etc/exports</code>.  If ZFS does not know the mountpoint, as is the case in
-mountpoint=legacy or none, the contents of /etc/exports would be wrong}}
+mountpoint legacy or none, the contents of <code>/etc/exports</code> would be wrong}}
 Then, set <code>sharenfs</code> property:
@@ Line 450: / Line 451: @@
 ZFS Event Daemon (zed) monitors events generated by the ZFS Kernel module and runs configured tasks. It can be configured to send an email when a pool scrub is finished or a disk has failed. [https://search.nixos.org/options?query=services.zfs.zed zed options]
-=== Option A: enable mail notifications without re-compliation ===
 First, we need to configure a mail transfer agent, the program that sends email:
 <syntaxhighlight lang="nix">
 {
+  age.secrets.msmtp = {
+    file = "${inputs.self.outPath}/secrets/msmtp.age";
+  };
+  # for zed enableMail, enable sendmailSetuidWrapper
+  services.mail.sendmailSetuidWrapper.enable = true;
    programs.msmtp = {
      enable = true;
@@ Line 461: / Line 467: @@
      defaults = {
        aliases = "/etc/aliases";
-       port = 465;
+       port = 587;
-       tls_trust_file = "/etc/ssl/certs/ca-certificates.crt";
+       auth = "plain";
        tls = "on";
-      auth = "plain";
+       tls_starttls = "on";
-       tls_starttls = "off";
      };
      accounts = {
        default = {
-         host = "mail.example.com";
+         host = "smtp.mail.example.com";
-         passwordeval = "cat /etc/emailpass.txt";
+         passwordeval = "cat ${config.age.secrets.msmtp.path}";
-         user = "user@example.com";
+         user = "myname@example.com";
-         from = "user@example.com";
+         from = "myname@example.com";
        };
      };
@@ Line 484: / Line 489: @@
 {
    environment.etc.aliases.text = ''
-     root: you@example.com
+     root: admin@example.com
    '';
 }
 </syntaxhighlight>
-Finally, override default zed settings with a custom one:
+Finally, enable zed mail notification:
 <syntaxhighlight lang="nix">
 {
-   services.zfs.zed.settings = {
+   services.zfs.zed = {
-     ZED_DEBUG_LOG = "/tmp/zed.debug.log";
+     enableMail = true;
-     ZED_EMAIL_ADDR = [ "root" ];
+     settings = {
-    ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";
+      ZED_EMAIL_ADDR = [ "root" ];
-    ZED_EMAIL_OPTS = "@ADDRESS@";
+      # send notification if scrub succeeds
+      ZED_NOTIFY_VERBOSE = true;
-    ZED_NOTIFY_INTERVAL_SECS = 3600;
+     };
-    ZED_NOTIFY_VERBOSE = true;
-     ZED_USE_ENCLOSURE_LEDS = true;
-    ZED_SCRUB_AFTER_RESILVER = true;
    };
-  # this option does not work; will return error
-  services.zfs.zed.enableMail = false;
 }
 </syntaxhighlight>
@@ Line 514: / Line 513: @@
 </syntaxhighlight>
-=== Option B: Rebuild ZFS with mail support ===
-The <code>zfs</code> package can be rebuilt with mail features. However, please note that this will cause Nix to recompile the entire ZFS package on the computer, and on every Kernel update, which could be very time-consuming on lower-end NAS systems.
-An alternative solution that does not involve recompliation can be found above.
-The following override is needed as <code>zfs</code>is implicitly used in partition mounting:
-<syntaxhighlight lang="nix">
-nixpkgs.config.packageOverrides = pkgs: {
-  zfsStable = pkgs.zfsStable.override { enableMail = true; };
-};
-</syntaxhighlight>
-A mail sender like [[msmtp]] or [[postfix]] is required.
-A minimal, testable ZED configuration example:
-<syntaxhighlight lang="nix">
-services.zfs.zed.enableMail = true;
-services.zfs.zed.settings = {
-  ZED_EMAIL_ADDR = [ "root" ];
-  ZED_NOTIFY_VERBOSE = true;
-};
-</syntaxhighlight>
-Above, <code>ZED_EMAIL_ADDR</code> is set to <code>root</code>, which most people will have an alias for in their mailer. You can change it to directly mail you: <code>ZED_EMAIL_ADDR = [ "you@example.com" ];</code>
-ZED pulls in <code>mailutils</code> and runs <code>mail</code> by default, but you can override it with <code>ZED_EMAIL_PROG</code>. If using msmtp, you may need <code>ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";</code>.
-You can customize the mail command with <code>ZED_EMAIL_OPTS</code>. For example, if your upstream mail server requires a certain FROM address: <code>ZED_EMAIL_OPTS = "-r 'noreply@example.com' -s '@SUBJECT@' @ADDRESS@";</code>
 [[Category:Guide]]