fix browser permission stuff, which should have handle stuff but isn't

This commit is contained in:
Ingolf Wagner 2023-12-15 14:23:36 +01:00
parent d8601a39dc
commit 789131b422
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
2 changed files with 5 additions and 25 deletions

View file

@ -48,8 +48,8 @@
services.permown."/syncthing" = {
owner = "syncthing";
group = "syncthing";
directory-mode = "760";
file-mode = "760";
directory-mode = "755";
file-mode = "755";
};
}

View file

@ -37,7 +37,7 @@ let
};
killBrowser = name:
pkgs.writeShellScriptBin "${name}-kill" "sudo killall -9 -u ${name}";
pkgs.writeShellScriptBin "${name}-kill" "sudo ${pkgs.killall}/bin/killall -9 -u ${name}";
cleanBrowser = name: browser: home: homeBackup:
let
@ -47,7 +47,7 @@ let
in
pkgs.writeShellScriptBin "${name}-clean" # sh
''
sudo killall -9 -u ${name}
sudo ${pkgs.killall}/bin/killall -9 -u ${name}
sudo rm -f ${lockFile}
sudo rm -rf ${home}
'';
@ -148,26 +148,6 @@ let
cp ${source}.tar.lzma ${target}.tar.lzma
'';
# todo this_is_how_I_want_to_use_tar = tar {
# sudo = "jobrad";
# # true => tar --directory ${source} .
# # false => tar $source
# strip_path = true;
# source = "/browser/jobrad";
# target = "/browser/jobrad.tar.lzma";
# lzma = true;
# # also possble this is a string
# exclude = [
# ".cache"
# ".config"
# ];
# exclude-backup = true;
# exclude-cache-all = true;
# extraArgs = {
# # key = string or key = list
# };
# };
allBackupScripts =
let
filteredConfigs =
@ -285,7 +265,7 @@ in
${sudoUser} ALL=(${values.user}) NOPASSWD: ALL
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/mkdir -p ${values.home}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/chown -R ${values.user}\:users ${values.home}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/killall -9 -u ${name}
${sudoUser} ALL=(root) NOPASSWD: ${pkgs.killall}/bin/killall -9 -u ${name}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -rf ${values.home}
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -f ${values.home}-lock
'')