update permown
This commit is contained in:
parent
f05aa81847
commit
48a22d3999
1 changed files with 88 additions and 39 deletions
|
@ -3,8 +3,9 @@
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
cfg = config.system.permown;
|
cfg = config.system.permown;
|
||||||
nameGenerator = path: "permown.${replaceStrings [ "/" ] [ "_" ] path}";
|
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -27,6 +28,15 @@ in
|
||||||
default = null;
|
default = null;
|
||||||
type = types.nullOr types.str;
|
type = types.nullOr types.str;
|
||||||
};
|
};
|
||||||
|
keepGoing = mkOption {
|
||||||
|
default = false;
|
||||||
|
type = types.bool;
|
||||||
|
description = ''
|
||||||
|
Whether to keep going when chowning or chmodding fails.
|
||||||
|
If set to false, then errors will cause the service to restart
|
||||||
|
instead.
|
||||||
|
'';
|
||||||
|
};
|
||||||
owner = mkOption { type = types.str; };
|
owner = mkOption { type = types.str; };
|
||||||
path = mkOption {
|
path = mkOption {
|
||||||
default = config._module.args.name;
|
default = config._module.args.name;
|
||||||
|
@ -47,52 +57,91 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config =
|
config =
|
||||||
let plans = lib.attrValues cfg;
|
let
|
||||||
|
plans = attrValues cfg;
|
||||||
in mkIf (plans != [ ]) {
|
in
|
||||||
|
mkIf (plans != [ ]) {
|
||||||
system.activationScripts.permown =
|
system.activationScripts.permown =
|
||||||
let
|
let
|
||||||
mkdir = { path, ... }: ''
|
mkdir = { path, ... }: ''
|
||||||
${pkgs.coreutils}/bin/mkdir -p ${path}
|
${pkgs.coreutils}/bin/mkdir -p "${path}"
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
concatMapStrings mkdir plans;
|
concatMapStrings mkdir plans;
|
||||||
|
|
||||||
systemd.services = listToAttrs (flip map plans
|
systemd.services =
|
||||||
({ path, directory-mode, file-mode, owner, group, umask, ... }: {
|
let
|
||||||
name = nameGenerator path;
|
nameGenerator = { path, ... }:
|
||||||
value = {
|
"permown.${replaceStrings [ "/" ] [ "_" ] path}";
|
||||||
environment = {
|
serviceDefinition =
|
||||||
DIR_MODE = directory-mode;
|
{ path, directory-mode, file-mode, owner, group, umask, keepGoing, ... }:
|
||||||
FILE_MODE = file-mode;
|
{
|
||||||
OWNER_GROUP = "${owner}:${group}";
|
environment = {
|
||||||
ROOT_PATH = path;
|
DIR_MODE = directory-mode;
|
||||||
};
|
FILE_MODE = file-mode;
|
||||||
path = [ pkgs.coreutils pkgs.findutils pkgs.inotifyTools ];
|
OWNER_GROUP = "${owner}:${group}";
|
||||||
serviceConfig = {
|
ROOT_PATH = path;
|
||||||
ExecStart = pkgs.writers.writeDash "permown" ''
|
};
|
||||||
set -efu
|
path = [
|
||||||
find "$ROOT_PATH" -exec chown -h "$OWNER_GROUP" {} +
|
pkgs.coreutils
|
||||||
find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} +
|
pkgs.findutils
|
||||||
find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} +
|
pkgs.inotifyTools
|
||||||
'';
|
];
|
||||||
PrivateTmp = true;
|
serviceConfig = {
|
||||||
#Restart = "always";
|
ExecStart =
|
||||||
#RestartSec = 10;
|
let
|
||||||
UMask = umask;
|
continuable = command:
|
||||||
};
|
if keepGoing
|
||||||
wantedBy = [ "multi-user.target" ];
|
then "{ ${command}; } || :"
|
||||||
};
|
else command;
|
||||||
}));
|
in
|
||||||
|
pkgs.writers.writeDash "permown" ''
|
||||||
|
set -efu
|
||||||
|
|
||||||
|
find "$ROOT_PATH" -exec chown -h "$OWNER_GROUP" {} +
|
||||||
|
find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} +
|
||||||
|
find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} +
|
||||||
|
|
||||||
|
paths=/tmp/paths
|
||||||
|
rm -f "$paths"
|
||||||
|
mkfifo "$paths"
|
||||||
|
|
||||||
|
inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" > "$paths" &
|
||||||
|
inotifywaitpid=$!
|
||||||
|
|
||||||
|
trap cleanup EXIT
|
||||||
|
cleanup() {
|
||||||
|
kill "$inotifywaitpid"
|
||||||
|
}
|
||||||
|
|
||||||
|
while read -r path
|
||||||
|
do
|
||||||
|
if test -d "$path"; then
|
||||||
|
cleanup
|
||||||
|
exec "$0" "$@"
|
||||||
|
fi
|
||||||
|
${continuable ''chown -h "$OWNER_GROUP" "$path"''}
|
||||||
|
if test -f "$path"; then
|
||||||
|
${continuable ''chmod "$FILE_MODE" "$path"''}
|
||||||
|
fi
|
||||||
|
done < "$paths"
|
||||||
|
'';
|
||||||
|
PrivateTmp = true;
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = 10;
|
||||||
|
UMask = umask;
|
||||||
|
};
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
listToAttrs (map
|
||||||
|
(plan:
|
||||||
|
{
|
||||||
|
name = nameGenerator plan;
|
||||||
|
value = serviceDefinition plan;
|
||||||
|
})
|
||||||
|
plans);
|
||||||
|
|
||||||
systemd.timers = listToAttrs (flip map plans ({ path, timer, ... }: {
|
|
||||||
name = nameGenerator path;
|
|
||||||
value = {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
timerConfig.OnCalendar = timer;
|
|
||||||
};
|
|
||||||
}));
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue