diff options
author | tv <tv@krebsco.de> | 2019-04-19 16:39:05 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2019-04-19 16:39:05 +0200 |
commit | d825d2db8796a0d19f22eba240a2e49213cf01e2 (patch) | |
tree | b7104f1b790ae0446fd44b1aad4c22f1c425af6d /lass/3modules/ensure-permissions.nix | |
parent | 5fbe320b9173b1ef0725a79548f34f967ad16130 (diff) | |
parent | 6c719f03c1a5533b43957d3039b4aed5f5bd8b42 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/3modules/ensure-permissions.nix')
-rw-r--r-- | lass/3modules/ensure-permissions.nix | 66 |
1 files changed, 0 insertions, 66 deletions
diff --git a/lass/3modules/ensure-permissions.nix b/lass/3modules/ensure-permissions.nix deleted file mode 100644 index 36edc1127..000000000 --- a/lass/3modules/ensure-permissions.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, pkgs, ... }: with import <stockholm/lib>; - -let - - cfg = config.lass.ensure-permissions; - -in - -{ - options.lass.ensure-permissions = mkOption { - default = []; - type = types.listOf (types.submodule ({ - options = { - - folder = mkOption { - type = types.absolute-pathname; - }; - - owner = mkOption { - # TODO user type - type = types.str; - default = "root"; - }; - - group = mkOption { - # TODO group type - type = types.str; - default = "root"; - }; - - permission = mkOption { - # TODO permission type - type = types.str; - default = "u+rw,g+rw"; - }; - - }; - })); - }; - - config = mkIf (cfg != []) { - - system.activationScripts.ensure-permissions = concatMapStringsSep "\n" (plan: '' - ${pkgs.coreutils}/bin/mkdir -p ${plan.folder} - ${pkgs.coreutils}/bin/chmod -R ${plan.permission} ${plan.folder} - ${pkgs.coreutils}/bin/chown -R ${plan.owner}:${plan.group} ${plan.folder} - '') cfg; - systemd.services = - listToAttrs (map (plan: nameValuePair "ensure-permisson.${replaceStrings ["/"] ["_"] plan.folder}" { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Restart = "always"; - RestartSec = 10; - ExecStart = pkgs.writeDash "ensure-perms" '' - ${pkgs.inotifyTools}/bin/inotifywait -mrq -e CREATE --format %w%f ${plan.folder} \ - | while IFS= read -r FILE; do - ${pkgs.coreutils}/bin/chmod -R ${plan.permission} "$FILE" 2>/dev/null - ${pkgs.coreutils}/bin/chown -R ${plan.owner}:${plan.group} "$FILE" 2>/dev/null - done - ''; - }; - }) cfg) - ; - - }; -} |