feat: ext4 quota + refacto

devthefuture-org · Jan 22, 2024 · 9d462ef · 9d462ef
1 parent 456f8fe
commit 9d462ef
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 31 deletions.
diff --git a/modules/metal-debian/metal-debian.yaml b/modules/metal-debian/metal-debian.yaml
@@ -76,6 +76,8 @@ packages:
     installer: apt
   quota:
     installer: apt
+  quotatool:
+    installer: apt
   sshd-config:
     installer: install
     version: "0.9.1"

diff --git a/plugins/linux/plays/services/disks/mount.js b/plugins/linux/plays/services/disks/mount.js
@@ -2,7 +2,13 @@ const { createPlay, $ } = require("@foundernetes/blueprint")
 
 module.exports = async () => {
   return createPlay(async (disk) => {
-    const { mountPath, device, auto = true, extraFlags = [] } = disk
+    const {
+      mountPath,
+      device,
+      auto = true,
+      extraFlags = [],
+      ensureUnmount = true,
+    } = disk
     return {
       async check() {
         const isUUID = device.startsWith("UUID=")
@@ -18,6 +24,9 @@ module.exports = async () => {
         return stdout.split("\n").includes(isUUID ? device.slice(5) : device)
       },
       async run() {
+        if (ensureUnmount) {
+          await $(`umount -l ${mountPath}`, { sudo: true })
+        }
         await $(`mkdir -p ${mountPath}`, { sudo: true })
         await $(
           `mount ${auto ? "-t auto" : ""} ${extraFlags.join(

diff --git a/plugins/linux/plays/services/lxd/index.js b/plugins/linux/plays/services/lxd/index.js
@@ -4,15 +4,10 @@ const yaml = require("@foundernetes/std/yaml")
 const deepmerge = require("@foundernetes/std/deepmerge")
 
 const { createComposer } = require("@foundernetes/blueprint")
-const ctx = require("@foundernetes/ctx")
 
-module.exports = async ({ children, plays }) =>
+module.exports = async ({ children }) =>
   createComposer(
     async (vars = {}) => {
-      const { storageDirs = ["/storage"] } = vars
-
-      const iterator = ctx.require("iterator")
-
       const { instances: userInstances = {} } = vars
       const defaultInstancesYaml = await fs.readFile(
         path.join(__dirname, "instances.yaml"),
@@ -21,25 +16,6 @@ module.exports = async ({ children, plays }) =>
       const defaultInstances = yaml.load(defaultInstancesYaml)
       const instances = deepmerge({}, defaultInstances, userInstances)
 
-      await iterator.each(storageDirs, async (storageDir) => {
-        await plays.std.ensureDir(
-          {
-            dir: `${storageDir}/shared`,
-            sudo: true,
-          },
-          { tags: ["lxd"] }
-        )
-        await iterator.eachOf(instances.nodes, async (_, name) => {
-          await plays.std.ensureDir(
-            {
-              dir: `${storageDir}/nodes/${name}`,
-              sudo: true,
-            },
-            { tags: ["lxd"] }
-          )
-        })
-      })
-
       await children.host({}, { tags: ["lxd"] })
       const { preseed } = vars
       await children.user({}, { tags: ["lxd"] })

diff --git a/plugins/linux/plays/services/lxd/instances.yaml b/plugins/linux/plays/services/lxd/instances.yaml
@@ -12,18 +12,19 @@ default:
         network: lxdbr0
         type: nic
     config:
+      # update manually using `lxc config set node1 raw.lxc "<put the config inlined here>"`
       raw.lxc: |
         lxc.apparmor.profile=unconfined
         lxc.cap.drop=
+        lxc.rootfs.options=quota,prjquota
         lxc.cgroup.devices.allow=a
         lxc.mount.auto=proc:rw sys:rw cgroup:rw
         lxc.seccomp.profile=
-        lxc.mount.entry=/storage/shared storage/shared none rw,bind,create=dir 0 0
-        lxc.mount.entry=/storage/nodes/node$${{ index }} storage/node none rw,bind,create=dir 0 0
-        lxc.mount.entry=/storage2/shared storage2/shared none rw,bind,create=dir 0 0
-        lxc.mount.entry=/storage2/nodes/node$${{ index }} storage2/node none rw,bind,create=dir 0 0
+        lxc.mount.entry=/data data none rw,bind,create=dir 0 0
+        lxc.mount.entry=/var data-basic none rw,bind,create=dir 0 0
+        # lxc.mount.entry=UID=xxx dev/nvme0n1p3 none bind,create=file 0 0
       # linux.kernel_modules: ip_tables,ip6_tables,netlink_diag,nf_nat,overlay,xt_conntrack
-      linux.kernel_modules: ip_tables,ip6_tables,netlink_diag,nf_nat,overlay
+      linux.kernel_modules: ip_tables,ip6_tables,netlink_diag,nf_nat,overlay,quota_v1,quota_v2
       security.privileged: "true"
       security.nesting: "true"
       cloud-init.user-data: