diff options
| author | makefu <makefu@tsp> | 2015-08-14 14:00:18 +0000 |
|---|---|---|
| committer | makefu <makefu@tsp> | 2015-08-14 14:00:18 +0000 |
| commit | d35de37b0d2b9d5d567a530726aa01f2ec686bf3 (patch) | |
| tree | 8bcccdb27a1c0087668cd9d63bb294e71f4cb79a /lass/3modules | |
| parent | c36ea0e029772649e33a727a9be15986cbb1fed2 (diff) | |
| parent | b8b2575d8313cfd0696a121cee1b8738faff6638 (diff) | |
Merge remote-tracking branch 'cd/master'
Diffstat (limited to 'lass/3modules')
| -rw-r--r-- | lass/3modules/folderPerms.nix | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/lass/3modules/folderPerms.nix b/lass/3modules/folderPerms.nix new file mode 100644 index 000000000..bb0320327 --- /dev/null +++ b/lass/3modules/folderPerms.nix @@ -0,0 +1,104 @@ +{ config, lib, pkgs, ... }: + +#TODO: implement recursive mode maybe? +# enable different mods for files and folders + +let + inherit (pkgs) + writeScript + ; + + inherit (lib) + concatMapStringsSep + concatStringsSep + mkEnableOption + mkIf + mkOption + types + ; + + cfg = config.lass.folderPerms; + + out = { + options.lass.folderPerms = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "folder permissions"; + permissions = mkOption { + type = with types; listOf (submodule ({ + options = { + path = mkOption { + type = str; + }; + permission = mkOption { + type = nullOr str; + example = "755"; + description = '' + basically anything that chmod takes as permission + ''; + default = null; + }; + owner = mkOption { + type = nullOr str; + example = "root:root"; + description = '' + basically anything that chown takes as owner + ''; + default = null; + }; + }; + })); + }; + }; + + imp = { + systemd.services.lass-folderPerms = { + description = "lass-folderPerms"; + wantedBy = [ "multi-user.target" ]; + + path = with pkgs; [ + coreutils + ]; + + restartIfChanged = true; + + serviceConfig = { + type = "simple"; + RemainAfterExit = true; + Restart = "always"; + ExecStart = "@${startScript}"; + }; + }; + }; + + startScript = writeScript "lass-folderPerms" '' + ${concatMapStringsSep "\n" writeCommand cfg.permissions} + ''; + + writeCommand = fperm: + concatStringsSep "\n" [ + (buildPermission fperm) + (buildOwner fperm) + ]; + + buildPermission = perm: + #TODO: create folder maybe + #TODO: check if permission is valid + if (perm.permission == null) then + "" + else + "chmod ${perm.permission} ${perm.path}" + ; + + buildOwner = perm: + #TODO: create folder maybe + #TODO: check if owner/group valid + if (perm.owner == null) then + "" + else + "chown ${perm.owner} ${perm.path}" + ; + +in out |