['systemd-socket-proxyd', '8', [], ''],
['systemd-soft-reboot.service', '8', [], ''],
['systemd-stdio-bridge', '1', [], ''],
+ ['systemd-storagetm.service', '8', ['systemd-storagetm'], 'ENABLE_STORAGETM'],
['systemd-stub',
'7',
['linuxaa64.efi.stub', 'linuxia32.efi.stub', 'linuxx64.efi.stub', 'sd-stub'],
--- /dev/null
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
+<refentry id="systemd-storagetm.service" conditional='ENABLE_STORAGETM'
+ xmlns:xi="http://www.w3.org/2001/XInclude">
+
+ <refentryinfo>
+ <title>systemd-storagetm.service</title>
+ <productname>systemd</productname>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>systemd-storagetm.service</refentrytitle>
+ <manvolnum>8</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>systemd-storagetm.service</refname>
+ <refname>systemd-storagetm</refname>
+ <refpurpose>Exposes all local block devices as NVMe-TCP mass storage devices</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para><filename>systemd-storagetm.service</filename></para>
+
+ <cmdsynopsis>
+ <command>/usr/lib/systemd/systemd-storagetm</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <arg choice="opt"><replaceable>DEVICE</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para><filename>systemd-storagetm.service</filename> is a service that exposes all local block devices as
+ NVMe-TCP mass storage devices. Its primary use-case is to be invoked by the
+ <filename>storage-target-mode.target</filename> unit that can be booted into.</para>
+
+ <para>Warning: the NVMe disks are currently exposed without authentication or encryption, in read/write
+ mode. This means network peers may read from and write to the device without any restrictions. This
+ functionality should hence only be used in a local setup.</para>
+
+ <para>Note that to function properly networking must be configured too. The recommended mechanism to boot
+ into a storage target mode is by adding <literal>rd.systemd.unit=storage-target-mode.target
+ ip=link-local</literal> on the kernel command line. Note that <literal>ip=link-local</literal> only
+ configures link-local IP, i.e. IPv4LL and IPv6LL, which means non-routable addresses. This is done for
+ security reasons, so that only systems on the local link can access the devices. Use
+ <literal>ip=dhcp</literal> to assign routable addresses too. For further details see
+ <citerefentry><refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <para>Unless the <option>--all</option> switch is used expects one or more block devices or regular files to expose
+ via NVMe-TCP as argument.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Options</title>
+
+ <para>The following options are understood:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>--nqn=</option></term>
+ <listitem><para>Takes a string. If specified configures the NVMe Qualified Name to use for the
+ exposed NVMe-TCP mass storage devices. The NQN should follow the syntax described in <ulink
+ url="https://nvmexpress.org/wp-content/uploads/NVM-Express-Base-Specification-2.0c-2022.10.04-Ratified.pdf">NVM
+ Express Base Specification 2.0c</ulink>, section 4.5 "NVMe Qualified Names". Note that the NQN
+ specified here will be suffixed with a dot and the the block device name before it is exposed on the
+ NVMe target. If not specified defaults to
+ <literal>nqn.2023-10.io.systemd:storagetm.<replaceable>ID</replaceable></literal>, where ID is
+ replaced by a 128bit ID derived from
+ <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v255"/></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--all</option></term>
+ <term><option>-a</option></term>
+
+ <listitem><para>If specified exposes all local block devices via NVMe-TCP, current and future
+ (i.e. it watches block devices come and go and updates the NVMe-TCP list as needed). Note that by
+ default any block devices that originate on the same block device as the block device backing the
+ current root file system are excluded. If the switch is specified twice this safety mechanism is
+ disabled.</para>
+
+ <xi:include href="version-info.xml" xpointer="v255"/></listitem>
+ </varlistentry>
+ <xi:include href="standard-options.xml" xpointer="help" />
+ <xi:include href="standard-options.xml" xpointer="version" />
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
<filename>sockets.target</filename>,
<filename>soft-reboot.target</filename>,
<filename>sound.target</filename>,
+ <filename>storage-target-mode.target</filename>,
<filename>suspend.target</filename>,
<filename>swap.target</filename>,
<filename>sysinit.target</filename>,
<xi:include href="version-info.xml" xpointer="v254"/>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><filename>storage-target-mode.target</filename></term>
+ <listitem>
+ <para>A special target unit that can be booted into that selects the "Storage Target Mode" for
+ the OS. In this mode all local storage disks are exposed to external systems as block
+ devices. This invokes
+ <citerefentry><refentrytitle>systemd-storagetm.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ which exposes all local disks as NVMe-TCP devices for access over the network. It might as well
+ invoke other services too that make local disks available via other mechanisms.</para>
+ <xi:include href="version-info.xml" xpointer="v255"/>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><filename>suspend.target</filename></term>
<listitem>
projects / thirdparty / systemd.git / commitdiff
