From eee4142d06f9d5c35af70a647af7fe71adefdaa2 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Thu, 13 Aug 2015 22:25:40 +0200
Subject: lass 3: add folderPerms.nix

---
 lass/3modules/folderPerms.nix | 107 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 107 insertions(+)
 create mode 100644 lass/3modules/folderPerms.nix

(limited to 'lass/3modules/folderPerms.nix')

diff --git a/lass/3modules/folderPerms.nix b/lass/3modules/folderPerms.nix
new file mode 100644
index 000000000..789fd48dc
--- /dev/null
+++ b/lass/3modules/folderPerms.nix
@@ -0,0 +1,107 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (pkgs)
+    writeScript
+  ;
+
+  inherit (lib)
+    concatMapStringsSep
+    concatStringsSep
+    mkEnableOption
+    mkIf
+    mkOption
+    types
+  ;
+
+  cfg = config.lass.folderPerms;
+
+  out = {
+    options.lass.folderPerms = api;
+    config = mkIf cfg.enable imp;
+  };
+
+  api = {
+    enable = mkEnableOption "folder permissions";
+    permissions = mkOption {
+      type = with types; listOf (submodule ({
+        options = {
+          path = mkOption {
+            type = str;
+          };
+          permission = mkOption {
+            type = nullOr str;
+            example = "755";
+            description = ''
+              basically anything that chmod takes as permission
+            '';
+            default = null;
+          };
+          owner = mkOption {
+            type = nullOr str;
+            example = "root:root";
+            description = ''
+              basically anything that chown takes as owner
+            '';
+            default = null;
+          };
+          recursive = mkOption {
+            type = bool;
+            default = false;
+          };
+        };
+      }));
+    };
+  };
+
+  imp = {
+    systemd.services.lass-folderPerms = {
+      description = "lass-folderPerms";
+      wantedBy = [ "multi-user.target" ];
+
+      path = with pkgs; [
+        coreutils
+      ];
+
+      restartIfChanged = true;
+
+      serviceConfig = {
+        type = "simple";
+        RemainAfterExit = true;
+        Restart = "always";
+        ExecStart = "@${startScript}";
+      };
+    };
+  };
+
+  startScript = writeScript "lass-folderPerms" ''
+    ${concatMapStringsSep "\n" writeCommand cfg.permissions}
+  '';
+
+  writeCommand = fperm:
+    concatStringsSep "\n" [
+      (buildPermission fperm)
+      (buildOwner fperm)
+    ];
+
+  buildPermission = perm:
+    if (perm.permission == null) then
+      ""
+    else
+      if perm.recursive then
+        "chmod -R ${perm.permission} ${perm.path}"
+      else
+        "chmod ${perm.permission} ${perm.path}"
+  ;
+
+  buildOwner = perm:
+    if (perm.owner == null) then
+      ""
+    else
+      if perm.recursive then
+        "chown -R ${perm.owner} ${perm.path}"
+      else
+        "chown ${perm.owner} ${perm.path}"
+  ;
+
+in out
-- 
cgit v1.2.3


From f36177cf91fa7db20f7e30e84910fb9efd82b975 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 14 Aug 2015 15:41:49 +0200
Subject: lass 3 folderPerms: remove recursive option

---
 lass/3modules/folderPerms.nix | 21 +++++++++------------
 1 file changed, 9 insertions(+), 12 deletions(-)

(limited to 'lass/3modules/folderPerms.nix')

diff --git a/lass/3modules/folderPerms.nix b/lass/3modules/folderPerms.nix
index 789fd48dc..bb0320327 100644
--- a/lass/3modules/folderPerms.nix
+++ b/lass/3modules/folderPerms.nix
@@ -1,5 +1,8 @@
 { config, lib, pkgs, ... }:
 
+#TODO: implement recursive mode maybe?
+# enable different mods for files and folders
+
 let
   inherit (pkgs)
     writeScript
@@ -45,10 +48,6 @@ let
             '';
             default = null;
           };
-          recursive = mkOption {
-            type = bool;
-            default = false;
-          };
         };
       }));
     };
@@ -85,23 +84,21 @@ let
     ];
 
   buildPermission = perm:
+    #TODO: create folder maybe
+    #TODO: check if permission is valid
     if (perm.permission == null) then
       ""
     else
-      if perm.recursive then
-        "chmod -R ${perm.permission} ${perm.path}"
-      else
-        "chmod ${perm.permission} ${perm.path}"
+      "chmod ${perm.permission} ${perm.path}"
   ;
 
   buildOwner = perm:
+    #TODO: create folder maybe
+    #TODO: check if owner/group valid
     if (perm.owner == null) then
       ""
     else
-      if perm.recursive then
-        "chown -R ${perm.owner} ${perm.path}"
-      else
-        "chown ${perm.owner} ${perm.path}"
+      "chown ${perm.owner} ${perm.path}"
   ;
 
 in out
-- 
cgit v1.2.3