krebs.setuid: disambiguate config

This commit is contained in:
tv 2021-02-05 17:43:24 +01:00
parent 9c2d517c49
commit bbbd3d6cd8

View File

@ -1,11 +1,9 @@
{ config, pkgs, lib, ... }:
with import <stockholm/lib>; with import <stockholm/lib>;
let { config, pkgs, ... }: let
cfg = config.krebs.setuid;
out = { out = {
options.krebs.setuid = api; options.krebs.setuid = api;
config = mkIf (cfg != {}) imp; config = mkIf (config.krebs.setuid != {}) imp;
}; };
api = mkOption { api = mkOption {
@ -14,11 +12,11 @@ let
# TODO make wrapperDir configurable # TODO make wrapperDir configurable
inherit (config.security) wrapperDir; inherit (config.security) wrapperDir;
inherit (config.users) groups users; inherit (config.users) groups users;
in types.attrsOf (types.submodule ({ config, ... }: { in types.attrsOf (types.submodule (self: let cfg = self.config; in {
options = { options = {
name = mkOption { name = mkOption {
type = types.filename; type = types.filename;
default = config._module.args.name; default = cfg._module.args.name;
}; };
envp = mkOption { envp = mkOption {
type = types.nullOr (types.attrsOf types.str); type = types.nullOr (types.attrsOf types.str);
@ -58,21 +56,21 @@ let
}; };
}; };
config.activate = let config.activate = let
src = pkgs.exec config.name { src = pkgs.exec cfg.name {
inherit (config) envp filename; inherit (cfg) envp filename;
}; };
dst = "${wrapperDir}/${config.name}"; dst = "${wrapperDir}/${cfg.name}";
in '' in ''
cp ${src} ${dst} cp ${src} ${dst}
chown ${config.owner}.${config.group} ${dst} chown ${cfg.owner}.${cfg.group} ${dst}
chmod ${config.mode} ${dst} chmod ${cfg.mode} ${dst}
''; '';
})); }));
}; };
imp = { imp = {
system.activationScripts."krebs.setuid" = stringAfter [ "wrappers" ] system.activationScripts."krebs.setuid" = stringAfter [ "wrappers" ]
(concatMapStringsSep "\n" (getAttr "activate") (attrValues cfg)); (concatMapStringsSep "\n" (getAttr "activate") (attrValues config.krebs.setuid));
}; };
in out in out