diff options
author | makefu <github@syntax-fehler.de> | 2019-04-26 20:35:52 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2019-04-26 20:35:52 +0200 |
commit | 2685464a60f32c75cf9198383ca10c3d6cf55572 (patch) | |
tree | 698bd32e2cc51be596771cc0e76ffd8521a64ff5 /krebs/3modules/permown.nix | |
parent | 95f6a06c5acfb6054236ea2f5aee42975dd909ec (diff) | |
parent | cd825d99342050bae35d5373e927ca999bae82cf (diff) |
Merge branch 'master' of prism:stockholm
Diffstat (limited to 'krebs/3modules/permown.nix')
-rw-r--r-- | krebs/3modules/permown.nix | 104 |
1 files changed, 66 insertions, 38 deletions
diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix index 7a86013e1..63adb2236 100644 --- a/krebs/3modules/permown.nix +++ b/krebs/3modules/permown.nix @@ -2,8 +2,8 @@ with import <stockholm/lib>; { config, pkgs, ... }: { options.krebs.permown = mkOption { - default = []; - type = types.listOf (types.submodule { + default = {}; + type = types.attrsOf (types.submodule ({ config, ... }: { options = { directory-mode = mkOption { default = "=rwx"; @@ -22,6 +22,7 @@ with import <stockholm/lib>; type = types.username; }; path = mkOption { + default = config._module.args.name; type = types.absolute-pathname; }; umask = mkOption { @@ -29,46 +30,73 @@ with import <stockholm/lib>; type = types.file-mode; }; }; - }); + })); }; - config.systemd.services = genAttrs' config.krebs.permown (plan: { - name = "permown.${replaceStrings ["/"] ["_"] plan.path}"; - value = { - environment = { - DIR_MODE = plan.directory-mode; - FILE_MODE = plan.file-mode; - OWNER_GROUP = "${plan.owner}:${plan.group}"; - ROOT_PATH = plan.path; - }; - path = [ - pkgs.coreutils - pkgs.findutils - pkgs.inotifyTools - ]; - serviceConfig = { - ExecStart = pkgs.writeDash "permown" '' - set -efu + config = let + plans = attrValues config.krebs.permown; + in mkIf (plans != []) { + + system.activationScripts.permown = let + mkdir = plan: /* sh */ '' + ${pkgs.coreutils}/bin/mkdir -p ${shell.escape plan.path} + ''; + in concatMapStrings mkdir plans; + + systemd.services = genAttrs' plans (plan: { + name = "permown.${replaceStrings ["/"] ["_"] plan.path}"; + value = { + environment = { + DIR_MODE = plan.directory-mode; + FILE_MODE = plan.file-mode; + OWNER_GROUP = "${plan.owner}:${plan.group}"; + ROOT_PATH = plan.path; + }; + path = [ + pkgs.coreutils + pkgs.findutils + pkgs.inotifyTools + ]; + serviceConfig = { + ExecStart = pkgs.writeDash "permown" '' + set -efu + + find "$ROOT_PATH" -exec chown -h "$OWNER_GROUP" {} + + find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} + + find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} + - find "$ROOT_PATH" -exec chown "$OWNER_GROUP" {} + - find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} + - find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} + + paths=/tmp/paths + rm -f "$paths" + mkfifo "$paths" - inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" | - while read -r path; do - if test -d "$path"; then - exec "$0" "$@" - fi - chown "$OWNER_GROUP" "$path" - chmod "$FILE_MODE" "$path" - done - ''; - Restart = "always"; - RestartSec = 10; - UMask = plan.umask; + inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" > "$paths" & + inotifywaitpid=$! + + trap cleanup EXIT + cleanup() { + kill "$inotifywaitpid" + } + + while read -r path; do + if test -d "$path"; then + cleanup + exec "$0" "$@" + fi + chown -h "$OWNER_GROUP" "$path" + if test -f "$path"; then + chmod "$FILE_MODE" "$path" + fi + done < "$paths" + ''; + PrivateTemp = true; + Restart = "always"; + RestartSec = 10; + UMask = plan.umask; + }; + wantedBy = [ "multi-user.target" ]; }; - wantedBy = [ "multi-user.target" ]; - }; - }); + }); + + }; } |