krebs.permown: listOf -> attrsOf
This commit is contained in:
parent
ffd36f5554
commit
520c9ef692
@ -2,8 +2,8 @@ with import <stockholm/lib>;
|
|||||||
{ config, pkgs, ... }: {
|
{ config, pkgs, ... }: {
|
||||||
|
|
||||||
options.krebs.permown = mkOption {
|
options.krebs.permown = mkOption {
|
||||||
default = [];
|
default = {};
|
||||||
type = types.listOf (types.submodule {
|
type = types.attrsOf (types.submodule ({ config, ... }: {
|
||||||
options = {
|
options = {
|
||||||
directory-mode = mkOption {
|
directory-mode = mkOption {
|
||||||
default = "=rwx";
|
default = "=rwx";
|
||||||
@ -22,6 +22,7 @@ with import <stockholm/lib>;
|
|||||||
type = types.username;
|
type = types.username;
|
||||||
};
|
};
|
||||||
path = mkOption {
|
path = mkOption {
|
||||||
|
default = config._module.args.name;
|
||||||
type = types.absolute-pathname;
|
type = types.absolute-pathname;
|
||||||
};
|
};
|
||||||
umask = mkOption {
|
umask = mkOption {
|
||||||
@ -29,46 +30,52 @@ with import <stockholm/lib>;
|
|||||||
type = types.file-mode;
|
type = types.file-mode;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
});
|
}));
|
||||||
};
|
};
|
||||||
|
|
||||||
config.systemd.services = genAttrs' config.krebs.permown (plan: {
|
config = let
|
||||||
name = "permown.${replaceStrings ["/"] ["_"] plan.path}";
|
plans = attrValues config.krebs.permown;
|
||||||
value = {
|
in mkIf (plans != []) {
|
||||||
environment = {
|
|
||||||
DIR_MODE = plan.directory-mode;
|
|
||||||
FILE_MODE = plan.file-mode;
|
|
||||||
OWNER_GROUP = "${plan.owner}:${plan.group}";
|
|
||||||
ROOT_PATH = plan.path;
|
|
||||||
};
|
|
||||||
path = [
|
|
||||||
pkgs.coreutils
|
|
||||||
pkgs.findutils
|
|
||||||
pkgs.inotifyTools
|
|
||||||
];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = pkgs.writeDash "permown" ''
|
|
||||||
set -efu
|
|
||||||
|
|
||||||
find "$ROOT_PATH" -exec chown "$OWNER_GROUP" {} +
|
systemd.services = genAttrs' plans (plan: {
|
||||||
find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} +
|
name = "permown.${replaceStrings ["/"] ["_"] plan.path}";
|
||||||
find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} +
|
value = {
|
||||||
|
environment = {
|
||||||
|
DIR_MODE = plan.directory-mode;
|
||||||
|
FILE_MODE = plan.file-mode;
|
||||||
|
OWNER_GROUP = "${plan.owner}:${plan.group}";
|
||||||
|
ROOT_PATH = plan.path;
|
||||||
|
};
|
||||||
|
path = [
|
||||||
|
pkgs.coreutils
|
||||||
|
pkgs.findutils
|
||||||
|
pkgs.inotifyTools
|
||||||
|
];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = pkgs.writeDash "permown" ''
|
||||||
|
set -efu
|
||||||
|
|
||||||
inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" |
|
find "$ROOT_PATH" -exec chown "$OWNER_GROUP" {} +
|
||||||
while read -r path; do
|
find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} +
|
||||||
if test -d "$path"; then
|
find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} +
|
||||||
exec "$0" "$@"
|
|
||||||
fi
|
inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" |
|
||||||
chown "$OWNER_GROUP" "$path"
|
while read -r path; do
|
||||||
chmod "$FILE_MODE" "$path"
|
if test -d "$path"; then
|
||||||
done
|
exec "$0" "$@"
|
||||||
'';
|
fi
|
||||||
Restart = "always";
|
chown "$OWNER_GROUP" "$path"
|
||||||
RestartSec = 10;
|
chmod "$FILE_MODE" "$path"
|
||||||
UMask = plan.umask;
|
done
|
||||||
|
'';
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = 10;
|
||||||
|
UMask = plan.umask;
|
||||||
|
};
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
};
|
};
|
||||||
wantedBy = [ "multi-user.target" ];
|
});
|
||||||
};
|
|
||||||
});
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user