modules.openafsServer: Add FABS backup server

- `services.borgmatic` now allows for multiple configurations, placed in `/etc/borgmatic.d/`, you can define them with `services.borgmatic.configurations`.

- `service.openafsServer` features a new backup server `pkgs.fabs` as a

  replacement for openafs's own `buserver`. See

  [FABS](https://github.com/openafs-contrib/fabs) to check if this is an viable

  replacement. It stores backups as volume dump files and thus better integrates

  into contemporary backup solutions.

- The `dnsmasq` service now takes configuration via the

  `services.dnsmasq.settings` attribute set. The option

  `services.dnsmasq.extraConfig` will be deprecated when NixOS 22.11 reaches

with import ./lib.nix { inherit config lib pkgs; };

let

  inherit (lib) concatStringsSep literalExpression mkIf mkOption optionalString types;

  inherit (lib) concatStringsSep literalExpression mkIf mkOption mkEnableOption

  optionalString types;

  bosConfig = pkgs.writeText "BosConfig" (''

    restrictmode 1

    parm ${openafsSrv}/libexec/openafs/salvageserver ${cfg.roles.fileserver.salvageserverArgs}

    parm ${openafsSrv}/libexec/openafs/dasalvager ${cfg.roles.fileserver.salvagerArgs}

    end

  '') + (optionalString (cfg.roles.database.enable && cfg.roles.backup.enable) ''

  '') + (optionalString (cfg.roles.database.enable && cfg.roles.backup.enable && (!cfg.roles.backup.enableFabs)) ''

    bnode simple buserver 1

    parm ${openafsSrv}/libexec/openafs/buserver ${cfg.roles.backup.buserverArgs} ${optionalString (cfg.roles.backup.cellServDB != []) "-cellservdb /etc/openafs/backup/"}

    parm ${openafsSrv}/libexec/openafs/buserver ${cfg.roles.backup.buserverArgs} ${optionalString useBuCellServDB "-cellservdb /etc/openafs/backup/"}

    end

  '') + (optionalString (cfg.roles.database.enable &&

                         cfg.roles.backup.enable &&

                         cfg.roles.backup.enableFabs) ''

    bnode simple buserver 1

    parm ${lib.getBin pkgs.fabs}/bin/fabsys server --config ${fabsConfFile} ${cfg.roles.backup.fabsArgs}

    end

  ''));

    pkgs.writeText "NetInfo" ((concatStringsSep "\nf " cfg.advertisedAddresses) + "\n")

  else null;

  buCellServDB = pkgs.writeText "backup-cellServDB-${cfg.cellName}" (mkCellServDB cfg.cellName cfg.roles.backup.cellServDB);

  buCellServDB = pkgs.writeText "backup-cellServDB-${cfg.cellName}"

    (mkCellServDB cfg.cellName cfg.roles.backup.cellServDB);

  useBuCellServDB = (cfg.roles.backup.cellServDB != []) && (!cfg.roles.backup.enableFabs);

  cfg = config.services.openafsServer;

  udpSizeStr = toString cfg.udpPacketSize;

  fabsConfFile = pkgs.writeText "fabs.yaml" (builtins.toJSON ({

    afs = {

      aklog = cfg.package + "/bin/aklog";

      cell = cfg.cellName;

      dumpscan = cfg.package + "/bin/afsdump_scan";

      fs = cfg.package + "/bin/fs";

      pts = cfg.package + "/bin/pts";

      vos = cfg.package + "/bin/vos";

    };

    k5start.command = (lib.getBin pkgs.kstart) + "/bin/k5start";

  } // cfg.roles.backup.fabsExtraConfig));

in {

  options = {

      };

      package = mkOption {

        default = pkgs.openafs.server or pkgs.openafs;

        defaultText = literalExpression "pkgs.openafs.server or pkgs.openafs";

        default = pkgs.openafs;

        defaultText = literalExpression "pkgs.openafs";

        type = types.package;

        description = lib.mdDoc "OpenAFS package for the server binaries";

      };

        };

        backup = {

          enable = mkOption {

            default = false;

            type = types.bool;

            description = lib.mdDoc ''

              Backup server role. Use in conjunction with the

          enable = mkEnableOption (lib.mdDoc ''

            Backup server role. When using OpenAFS built-in buserver, use in conjunction with the

            `database` role to maintain the Backup

            Database. Normally only used in conjunction with tape storage

            or IBM's Tivoli Storage Manager.

            '';

          };

            For a modern backup server, enable this role and see

            {option}`enableFabs`.

          '');

          enableFabs = mkEnableOption (lib.mdDoc ''

            FABS, the flexible AFS backup system. It stores volumes as dump files, relying on other

            pre-existing backup solutions for handling them.

          '');

          buserverArgs = mkOption {

            default = "";

              other database server machines.

            '';

          };

          fabsArgs = mkOption {

            default = "";

            type = types.str;

            description = lib.mdDoc ''

              Arguments to the fabsys process. See

              {manpage}`fabsys_server(1)` and

              {manpage}`fabsys_config(1)`.

            '';

          };

          fabsExtraConfig = mkOption {

            default = {};

            type = types.attrs;

            description = lib.mdDoc ''

              Additional configuration parameters for the FABS backup server.

            '';

            example = literalExpression ''

            {

              afs.localauth = true;

              afs.keytab = config.sops.secrets.fabsKeytab.path;

            }

            '';

          };

        };

      };

        mode = "0644";

      };

      buCellServDB = {

        enable = (cfg.roles.backup.cellServDB != []);

        enable = useBuCellServDB;

        text = mkCellServDB cfg.cellName cfg.roles.backup.cellServDB;

        target = "openafs/backup/CellServDB";

      };

        preStart = ''

          mkdir -m 0755 -p /var/openafs

          ${optionalString (netInfo != null) "cp ${netInfo} /var/openafs/netInfo"}

          ${optionalString (cfg.roles.backup.cellServDB != []) "cp ${buCellServDB}"}

          ${optionalString useBuCellServDB "cp ${buCellServDB}"}

        '';

        serviceConfig = {

          ExecStart = "${openafsBin}/bin/bosserver -nofork";