From e4744b723728293fda24fccd9180f9e0bbdd80e8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 18 Apr 2019 10:13:57 +0200 Subject: l: RIP ensure-permissions --- lass/3modules/default.nix | 1 - lass/3modules/ensure-permissions.nix | 66 ------------------------------------ 2 files changed, 67 deletions(-) delete mode 100644 lass/3modules/ensure-permissions.nix (limited to 'lass') diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 59043aeb..613c7c8a 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -3,7 +3,6 @@ _: imports = [ ./dnsmasq.nix ./ejabberd - ./ensure-permissions.nix ./folderPerms.nix ./hosts.nix ./mysql-backup.nix diff --git a/lass/3modules/ensure-permissions.nix b/lass/3modules/ensure-permissions.nix deleted file mode 100644 index 36edc112..00000000 --- a/lass/3modules/ensure-permissions.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, pkgs, ... }: with import ; - -let - - cfg = config.lass.ensure-permissions; - -in - -{ - options.lass.ensure-permissions = mkOption { - default = []; - type = types.listOf (types.submodule ({ - options = { - - folder = mkOption { - type = types.absolute-pathname; - }; - - owner = mkOption { - # TODO user type - type = types.str; - default = "root"; - }; - - group = mkOption { - # TODO group type - type = types.str; - default = "root"; - }; - - permission = mkOption { - # TODO permission type - type = types.str; - default = "u+rw,g+rw"; - }; - - }; - })); - }; - - config = mkIf (cfg != []) { - - system.activationScripts.ensure-permissions = concatMapStringsSep "\n" (plan: '' - ${pkgs.coreutils}/bin/mkdir -p ${plan.folder} - ${pkgs.coreutils}/bin/chmod -R ${plan.permission} ${plan.folder} - ${pkgs.coreutils}/bin/chown -R ${plan.owner}:${plan.group} ${plan.folder} - '') cfg; - systemd.services = - listToAttrs (map (plan: nameValuePair "ensure-permisson.${replaceStrings ["/"] ["_"] plan.folder}" { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Restart = "always"; - RestartSec = 10; - ExecStart = pkgs.writeDash "ensure-perms" '' - ${pkgs.inotifyTools}/bin/inotifywait -mrq -e CREATE --format %w%f ${plan.folder} \ - | while IFS= read -r FILE; do - ${pkgs.coreutils}/bin/chmod -R ${plan.permission} "$FILE" 2>/dev/null - ${pkgs.coreutils}/bin/chown -R ${plan.owner}:${plan.group} "$FILE" 2>/dev/null - done - ''; - }; - }) cfg) - ; - - }; -} -- cgit v1.2.3 From 2a89d6587d5ee5d3151b5e5be05e152a539e78d0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 18 Apr 2019 10:16:02 +0200 Subject: l syncs: use permown, use attrs --- lass/1systems/mors/config.nix | 15 +++++++++------ lass/2configs/green-host.nix | 13 ++++++------- lass/2configs/radio.nix | 15 +++++++++------ lass/2configs/sync/decsync.nix | 15 +++++++++------ lass/2configs/sync/weechat.nix | 12 ++++++------ lass/2configs/syncthing.nix | 20 ++++++++++---------- 6 files changed, 49 insertions(+), 41 deletions(-) (limited to 'lass') diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 7e183f40..f911b79d 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -49,12 +49,15 @@ with import ; ]; } { - krebs.syncthing.folders = [ - { id = "the_playlist"; path = "/home/lass/tmp/the_playlist"; peers = [ "mors" "phone" "prism" ]; } - ]; - lass.ensure-permissions = [ - { folder = "/home/lass/tmp/the_playlist"; owner = "lass"; group = "syncthing"; } - ]; + krebs.syncthing.folders."the_playlist" = { + path = "/home/lass/tmp/the_playlist"; + peers = [ "mors" "phone" "prism" ]; + }; + krebs.permown."/home/lass/tmp/the_playlist" = { + owner = "lass"; + group = "syncthing"; + umask = "0007"; + }; } { lass.umts = { diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 860d7c11..1421eede 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -20,13 +20,12 @@ with import ; } ]; - lass.ensure-permissions = [ - { folder = "/var/lib/sync-containers"; owner = "root"; group = "syncthing"; } - ]; - - krebs.syncthing.folders = [ - { path = "/var/lib/sync-containers"; peers = [ "icarus" "skynet" "littleT" "shodan" ]; } - ]; + krebs.syncthing.folders."/var/lib/sync-containers".peers = [ "icarus" "skynet" "littleT" "shodan" ]; + krebs.permown."/var/lib/sync-containers" = { + owner = "root"; + group = "syncthing"; + umask = "0007"; + }; system.activationScripts.containerPermissions = '' mkdir -p /var/lib/containers diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index d67d970f..521b3c05 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -248,10 +248,13 @@ in { alias ${html}; ''; }; - krebs.syncthing.folders = [ - { id = "the_playlist"; path = "/home/radio/music/the_playlist"; peers = [ "mors" "phone" "prism" ]; } - ]; - lass.ensure-permissions = [ - { folder = "/home/radio/music/the_playlist"; owner = "radio"; group = "syncthing"; } - ]; + krebs.syncthing.folders."the_playlist" = { + path = "/home/radio/music/the_playlist"; + peers = [ "mors" "phone" "prism" ]; + }; + krebs.permown."/home/radio/music/the_playlist" = { + owner = "radio"; + group = "syncthing"; + umask = "0007"; + }; } diff --git a/lass/2configs/sync/decsync.nix b/lass/2configs/sync/decsync.nix index 94569c94..c3f6511c 100644 --- a/lass/2configs/sync/decsync.nix +++ b/lass/2configs/sync/decsync.nix @@ -1,8 +1,11 @@ { - krebs.syncthing.folders = [ - { id = "decsync"; path = "/home/lass/decsync"; peers = [ "mors" "blue" "green" "phone" ]; } - ]; - lass.ensure-permissions = [ - { folder = "/home/lass/decsync"; owner = "lass"; group = "syncthing"; } - ]; + krebs.syncthing.folders.decsync = { + path = "/home/lass/decsync"; + peers = [ "mors" "blue" "green" "phone" ]; + }; + krebs.permown."/home/lass/decsync" = { + owner = "lass"; + group = "syncthing"; + umask = "0007"; + }; } diff --git a/lass/2configs/sync/weechat.nix b/lass/2configs/sync/weechat.nix index d10177b1..30c7b262 100644 --- a/lass/2configs/sync/weechat.nix +++ b/lass/2configs/sync/weechat.nix @@ -1,8 +1,8 @@ { - krebs.syncthing.folders = [ - { path = "/home/lass/.weechat"; peers = [ "blue" "green" "mors" ]; } - ]; - lass.ensure-permissions = [ - { folder = "/home/lass/.weechat"; owner = "lass"; group = "syncthing"; } - ]; + krebs.syncthing.folders."/home/lass/.weechat".peers = [ "blue" "green" "mors" ]; + krebs.permown."/home/lass/.weechat" = { + owner = "lass"; + group = "syncthing"; + umask = "0007"; + }; } diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index fc10b2cb..48f2625c 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -1,6 +1,6 @@ -{ config, pkgs, ... }: -with import ; -{ +{ config, pkgs, ... }: with import ; let + peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts); +in { services.syncthing = { enable = true; group = "syncthing"; @@ -14,17 +14,17 @@ with import ; enable = true; cert = toString ; key = toString ; - peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts); - folders = [ - { path = "/home/lass/sync"; peers = [ "icarus" "mors" "skynet" "blue" "green" "littleT" "prism" "shodan" ]; } - ]; + peers = peers; + folders."/home/lass/sync".peers = attrNames peers; }; system.activationScripts.syncthing-home = '' ${pkgs.coreutils}/bin/chmod a+x /home/lass ''; - lass.ensure-permissions = [ - { folder = "/home/lass/sync"; owner = "lass"; group = "syncthing"; } - ]; + krebs.permown."/home/lass/sync" = { + owner = "lass"; + group = "syncthing"; + umask = "0007"; + }; } -- cgit v1.2.3 From da336abf88d620648580a8e0a25e2b31c7d110ff Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 18 Apr 2019 13:39:00 +0200 Subject: l radio: set new music directory --- lass/2configs/radio.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 521b3c05..b26237c6 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -10,7 +10,7 @@ let source-password = import ; add_random = pkgs.writeDashBin "add_random" '' - ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.mpc_cli}/bin/mpc ls | shuf -n1)" + ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.mpc_cli}/bin/mpc ls the_playlist/music | grep '\.ogg$' | shuf -n1)" ''; skip_track = pkgs.writeDashBin "skip_track" '' @@ -57,7 +57,7 @@ in { services.mpd = { enable = true; group = "radio"; - musicDirectory = "/home/radio/the_playlist/music"; + musicDirectory = "/home/radio/music"; extraConfig = '' log_level "default" auto_update "yes" -- cgit v1.2.3 From 8b3030a08d69317404470b96f097635b39be2027 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 18 Apr 2019 13:39:54 +0200 Subject: l radio: grant mpd access to music dir --- lass/2configs/radio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index b26237c6..88899c55 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -255,6 +255,6 @@ in { krebs.permown."/home/radio/music/the_playlist" = { owner = "radio"; group = "syncthing"; - umask = "0007"; + umask = "0002"; }; } -- cgit v1.2.3