diff options
| -rw-r--r-- | nixos/serverModules/directories.nix | 90 | ||||
| -rw-r--r-- | nixos/serverModules/files.nix | 59 |
2 files changed, 90 insertions, 59 deletions
diff --git a/nixos/serverModules/directories.nix b/nixos/serverModules/directories.nix new file mode 100644 index 0000000..f5c769f --- /dev/null +++ b/nixos/serverModules/directories.nix @@ -0,0 +1,90 @@ +{ + config, + lib, + ... +}: +with lib; let + cfg = config.createPaths; + pathAttrsToListRec = pathsAttrSet: parentPath: parentConfig: + lib.flatten (lib.mapAttrsToList (path: config: let + filteredConfig = lib.filterAttrs (n: v: v != null) (builtins.removeAttrs config ["subPaths"]); + out = + { + path = + if parentPath == "" + then path + else parentPath + "/" + path; + } + // parentConfig // filteredConfig; + in + if config ? subPaths + then [out] ++ (pathAttrsToListRec config.subPaths path filteredConfig) + else [out]) + pathsAttrSet); + pathConfig = { + options = { + group = mkOption { + type = types.nullOr types.str; + default = null; + }; + owner = mkOption { + type = types.nullOr types.str; + default = null; + }; + permissions = mkOption { + type = types.nullOr types.str; + default = null; + }; + subPaths = mkOption { + type = types.attrsOf (types.submodule pathConfig); + default = {}; + }; + }; + }; + pathList = pathAttrsToListRec cfg "" {}; +in rec { + options = { + createPaths = mkOption { + type = types.attrsOf (types.submodule { + options = { + group = mkOption { + type = types.nullOr types.str; + default = null; + }; + owner = mkOption { + type = types.nullOr types.str; + default = null; + }; + permissions = mkOption { + type = types.nullOr types.str; + default = null; + }; + subPaths = mkOption { + type = types.attrsOf (types.submodule pathConfig); + default = {}; + description = '' + SubPaths to create using systemd tmpfiles. + ''; + }; + }; + }); + default = {}; + description = '' + Paths to create using systemd tmpfiles. + ''; + }; + }; + + config = mkIf (cfg != {}) { + systemd.tmpfiles.rules = + map + (dir: "d ${dir.path} ${dir.permissions} ${dir.owner} ${dir.group}") + pathList; + + users = let + extraGroups = map (path: path.group) pathList; + in { + groups = genAttrs extraGroups (group: {}); + }; + }; +} diff --git a/nixos/serverModules/files.nix b/nixos/serverModules/files.nix deleted file mode 100644 index 037d149..0000000 --- a/nixos/serverModules/files.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.filesDir; -in -{ - options = { - filesDir = { - enable = mkEnableOption "Enable the creation of a main files directory and nfs binds for it."; - mainDir = mkOption { - type = types.str; - default = "/srv/files"; - description = '' - The main file dir. - ''; - }; - subPaths = mkOption { - type = types.listOf (types.submodule { - options = { - path = mkOption { - type = types.str; - }; - - group = mkOption { - type = types.str; - }; - }; - }); - default = []; - description = '' - Subpaths to create under the files dir. - ''; - }; - }; - }; - - config = mkIf cfg.enable { - systemd.tmpfiles.rules = [ - "d ${cfg.mainDir} 0770 files files" - ] ++ (map (dir: "d ${cfg.mainDir}/${dir.path} 0770 files ${dir.group}") cfg.subPaths); - - users = - let - extraGroups = (map (dir: dir.group) cfg.subPaths); - in { - groups = { - files = {}; - } // genAttrs extraGroups (group: {}); - - users.files = { - isNormalUser = true; - group = "files"; - home = cfg.mainDir; - homeMode = "770"; - inherit extraGroups; - }; - }; - }; -} |