add NFS export on trenderhoof

[dotlambda]

This is supposed to recreate https://github.com/ocf/puppet/blob/master/modules/ocf_filehost/manifests/init.pp as a NixOS config, which (besides NTP and storage) is the only thing configured on dataloss: https://github.com/ocf/puppet/blob/master/hieradata/nodes/dataloss.yaml
This is what the file /etc/exports created by this config looks like:

/opt/homes \
  admin(rw fsid=0 no_subtree_check no_root_squash) \
  www(rw fsid=0 no_subtree_check no_root_squash) \
  ssh(rw fsid=0 no_subtree_check no_root_squash) \
  apphost(rw fsid=0 no_subtree_check no_root_squash) \
  adenine(rw fsid=0 no_subtree_check no_root_squash) \
  guanine(rw fsid=0 no_subtree_check no_root_squash) \
  cytosine(rw fsid=0 no_subtree_check no_root_squash) \
  thymine(rw fsid=0 no_subtree_check no_root_squash) \
  fluttershy(rw fsid=0 no_subtree_check no_root_squash) \
  rainbowdash(rw fsid=0 no_subtree_check no_root_squash)

That should hopefully be the exact same as the file on dataloss (please check if you have access).

fixes #68

[dotlambda]

These are the disks on dataloss:

$ lsblk -o +fstype
NAME      MAJ:MIN RM   SIZE RO TYPE   MOUNTPOINT FSTYPE
sda         8:0    0    59G  0 disk
├─sda1      8:1    0    58G  0 part   /          ext4
├─sda2      8:2    0     1K  0 part
└─sda5      8:5    0   975M  0 part   [SWAP]     swap
sdb         8:16   0 894.3G  0 disk
└─sdb1      8:17   0 894.3G  0 part              linux_raid_member
  └─md126   9:126  0   3.5T  0 raid10            ext4
sdc         8:32   0 894.3G  0 disk
└─sdc1      8:33   0 894.3G  0 part              linux_raid_member
  └─md126   9:126  0   3.5T  0 raid10            ext4
sdd         8:48   0 894.3G  0 disk
└─sdd1      8:49   0 894.3G  0 part              linux_raid_member
  └─md126   9:126  0   3.5T  0 raid10            ext4
sde         8:64   0 894.3G  0 disk
└─sde1      8:65   0 894.3G  0 part              linux_raid_member
  └─md126   9:126  0   3.5T  0 raid10            ext4
sdf         8:80   0 894.3G  0 disk
└─sdf1      8:81   0 894.3G  0 part              linux_raid_member
  └─md126   9:126  0   3.5T  0 raid10            ext4
sdg         8:96   0 894.3G  0 disk
└─sdg1      8:97   0 894.3G  0 part              linux_raid_member
  └─md126   9:126  0   3.5T  0 raid10            ext4
sdh         8:112  1  14.6G  0 disk              iso9660
├─sdh1      8:113  1   378M  0 part              iso9660
└─sdh2      8:114  1   2.5M  0 part              vfat
nvme1n1   259:0    0   7.3T  0 disk              linux_raid_member
└─md127     9:127  0   7.3T  0 raid1  /opt/homes ext4
nvme0n1   259:1    0   7.3T  0 disk              linux_raid_member
└─md127     9:127  0   7.3T  0 raid1  /opt/homes ext4

I'm not sure why the RAID 10 array called md126 is there. It doesn't seem to be mounted.
The home directories are stored on ext4 in a RAID 1 called md127.
We can either keep that setup (and thus won't have to copy the data to other disks) or build a new one. In the latter case, we'd probably use ZFS mirrors to replicate the current setup.

[dotlambda]

Do we want to replicate the SSH motd saying

Hi, I am dataloss, a physical server at 169.229.226.6.
NFS Host
  - Puppet classes: ocf_filehost
  - DNS names: filehost, homes, services

?

[dotlambda]

Not sure which email address this should be. It's where

alerts should be sent to when mdadm is running in --monitor mode (and was given the --scan option).¹

On dataloss, /etc/mdadm/mdadm.conf says

MAILADDR root

complete /etc/mdadm/mdadm.conf

# mdadm.conf
#
# !NB! Run update-initramfs -u after updating this file.
# !NB! This will ensure that initramfs has an uptodate copy.
#
# Please refer to mdadm.conf(5) for information about this file.
#

# by default (built-in), scan all partitions (/proc/partitions) and all
# containers for MD superblocks. alternatively, specify devices to scan, using
# wildcards if desired.
#DEVICE partitions containers

# automatically tag new arrays as belonging to the local system
HOMEHOST <system>

# instruct the monitoring daemon where to send mail alerts
MAILADDR root

# definitions of existing MD arrays
#ARRAY /dev/md/nfs  metadata=1.2 UUID=4239539d:502ce95e:eb4b4e88:2c55614a name=dataloss:nfs

# This configuration was auto-generated on Sat, 13 Nov 2021 15:07:16 -0800 by mkconf
#ARRAY /dev/md/nfs  metadata=1.2 UUID=4239539d:502ce95e:eb4b4e88:2c55614a name=dataloss:nfs
#ARRAY /dev/md/nfs  metadata=1.2 UUID=4239539d:502ce95e:eb4b4e88:2c55614a name=dataloss:nfs
ARRAY /dev/md/nfs  metadata=1.2 UUID=46b10914:9f84099b:dd54304a:917d7898 name=dataloss:nfs
#ARRAY /dev/md/nfs-old  metadata=1.2 UUID=4239539d:502ce95e:eb4b4e88:2c55614a name=dataloss:nfs-old

Footnotes

1. https://www.man7.org/linux/man-pages/man5/mdadm.conf.5.html ↩

[dotlambda]

This is less than what's opened in https://github.com/ocf/puppet/blob/master/modules/ocf/manifests/firewall/nfs.pp but it's sufficient for NFSv4 and we explicitly use NFSv4 in https://github.com/ocf/puppet/blob/master/modules/ocf/manifests/nfs.pp#L15-L26.