palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of ssh://git.ingolf-wagner.de:443/palo/nixos-config

Browse source
This commit is contained in:
Ingolf Wagner 2020-10-18 22:31:59 +02:00
commit 60d9482999
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
2 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
configs/workhorse/graylog.nix
View file

@ -119,6 +119,7 @@ in {
"2","cirtical","Critical conditions"
"3","error","Error Condition"
"4","warning","May indicate that an error will occur if action is not taken."
"4","warn","May indicate that an error will occur if action is not taken."
"5","notice","Events that are unusual, but not error conditions."
"6","info","Normal operational messages that require no action."
"7","debug","Information useful to developers for debugging the application."

21
modules/programs/browser.nix
View file

@ -37,6 +37,9 @@ let
'';
};
killBrowser = name:
pkgs.writeShellScriptBin "${name}-kill" "sudo killall -9 -u ${name}";
cleanBrowser = name: browser: home: homeBackup:
let
backupFile = "${homeBackup}.tar.lzma";
@ -45,7 +48,7 @@ let
in pkgs.writeShellScriptBin "${name}-clean" # sh
''
sudo killall -9 -u ${name}
sudo rm ${lockFile}
sudo rm -f ${lockFile}
sudo rm -rf ${home}
'';
@ -129,6 +132,8 @@ let
cleanBrowser name name browserConfig.home browserConfig.homeBackup)
filteredConfigs;
allKillScripts = mapAttrsToList (name: _: killBrowser name) cfg.configList;
# browser chooser
# ---------------
browserSelect = pkgs.writeScriptBin "browser-select" ''
@ -203,9 +208,15 @@ in {
# add sudo rights
security.sudo.extraConfig = let
extraRules = flip mapAttrsToList cfg.configList (name: values:
concatStringsSep "\n"
(map (sudoUser: "${sudoUser} ALL=(${values.user}) NOPASSWD: ALL")
values.sudoUsers));
concatStringsSep "" (map (sudoUser: ''
# sudo configuration to control browser
${sudoUser} ALL=(${values.user}) NOPASSWD: ALL
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/mkdir -p ${values.home}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/chown -R ${values.user}\:users ${values.home}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/killall -9 -u ${name}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -rf ${values.home}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -f ${values.home}-lock
'') values.sudoUsers));
in lib.concatStringsSep "\n" extraRules;
# create users
@ -226,7 +237,7 @@ in {
environment.systemPackages = [ browserSelect (desktopFile browserSelect) ]
++ browserExecutableList
++ (map (bin: desktopFile bin) browserExecutableList) ++ allBackupScripts
++ allCleanScripts;
++ allCleanScripts ++ allKillScripts;
};
}