Merge remote-tracking branch 'tv/master'

This commit is contained in:
makefu 2019-04-17 21:48:20 +02:00
commit 1314eb9284
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
3 changed files with 88 additions and 6 deletions

View File

@ -39,6 +39,7 @@ let
./nixpkgs.nix
./on-failure.nix
./os-release.nix
./permown.nix
./per-user.nix
./power-action.nix
./Reaktor.nix

View File

@ -0,0 +1,74 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: {
options.krebs.permown = mkOption {
default = [];
type = types.listOf (types.submodule {
options = {
directory-mode = mkOption {
default = "=rwx";
type = types.str; # TODO
};
file-mode = mkOption {
default = "=rw";
type = types.str; # TODO
};
group = mkOption {
apply = x: if x == null then "" else x;
default = null;
type = types.nullOr types.groupname;
};
owner = mkOption {
type = types.username;
};
path = mkOption {
type = types.absolute-pathname;
};
umask = mkOption {
default = "0027";
type = types.file-mode;
};
};
});
};
config.systemd.services = genAttrs' config.krebs.permown (plan: {
name = "permown.${replaceStrings ["/"] ["_"] plan.path}";
value = {
environment = {
DIR_MODE = plan.directory-mode;
FILE_MODE = plan.file-mode;
OWNER_GROUP = "${plan.owner}:${plan.group}";
ROOT_PATH = plan.path;
};
path = [
pkgs.coreutils
pkgs.findutils
pkgs.inotifyTools
];
serviceConfig = {
ExecStart = pkgs.writeDash "permown" ''
set -efu
find "$ROOT_PATH" -exec chown "$OWNER_GROUP" {} +
find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} +
find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} +
inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" |
while read -r path; do
if test -d "$path"; then
exec "$0" "$@"
fi
chown "$OWNER_GROUP" "$path"
chmod "$FILE_MODE" "$path"
done
'';
Restart = "always";
RestartSec = 10;
UMask = plan.umask;
};
wantedBy = [ "multi-user.target" ];
};
});
}

View File

@ -542,21 +542,28 @@ rec {
merge = mergeOneOption;
};
# POSIX.12013, 3.278 Portable Filename Character Set
# POSIX.12017, 3.190 Group Name
groupname = mkOptionType {
name = "POSIX group name";
check = filename.check;
merge = mergeOneOption;
};
# POSIX.12017, 3.281 Portable Filename
filename = mkOptionType {
name = "POSIX filename";
name = "POSIX portable filename";
check = test "[0-9A-Za-z._][0-9A-Za-z._-]*";
merge = mergeOneOption;
};
# POSIX.12013, 3.2 Absolute Pathname
# POSIX.12017, 3.2 Absolute Pathname
absolute-pathname = mkOptionType {
name = "POSIX absolute pathname";
check = x: isString x && substring 0 1 x == "/" && pathname.check x;
merge = mergeOneOption;
};
# POSIX.12013, 3.267 Pathname
# POSIX.1-2017, 3.271 Pathname
pathname = mkOptionType {
name = "POSIX pathname";
check = x:
@ -570,9 +577,9 @@ rec {
merge = mergeOneOption;
};
# POSIX.1-2013, 3.431 User Name
# POSIX.1-2017, 3.216 Login Name
username = mkOptionType {
name = "POSIX username";
name = "POSIX login name";
check = filename.check;
merge = mergeOneOption;
};