diff --git a/configs/pepe/syncthing.nix b/configs/pepe/syncthing.nix index 1d7847c..80ff731 100644 --- a/configs/pepe/syncthing.nix +++ b/configs/pepe/syncthing.nix @@ -81,16 +81,14 @@ }; }; - # todo not working properly - #systemd.services."permown._media_syncthing" = { - # bindsTo = [ "media.mount" ]; - # after = [ "media.mount" ]; - #}; - #system.permown."/media/syncthing" = { - # owner = "syncthing"; - # group = "syncthing"; - # umask = "0003"; - #}; + system.permown."/media/syncthing" = { + owner = "syncthing"; + group = "syncthing"; + }; + systemd.services."permown._media_syncthing" = { + bindsTo = [ "media.mount" ]; + after = [ "media.mount" ]; + }; systemd.services."syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; diff --git a/configs/porani/syncthing.nix b/configs/porani/syncthing.nix index c5548d1..0939bf1 100644 --- a/configs/porani/syncthing.nix +++ b/configs/porani/syncthing.nix @@ -42,14 +42,13 @@ }; }; - systemd.services."permown._media" = { - bindsTo = [ "media.mount" ]; - after = [ "media.mount" ]; - }; system.permown."/media" = { owner = "syncthing"; group = "syncthing"; - umask = "0007"; + }; + systemd.services."permown._media" = { + bindsTo = [ "media.mount" ]; + after = [ "media.mount" ]; }; systemd.services."syncthing" = { bindsTo = [ "media.mount" ]; diff --git a/configs/sterni/syncthing.nix b/configs/sterni/syncthing.nix index c4dda96..0da38cd 100644 --- a/configs/sterni/syncthing.nix +++ b/configs/sterni/syncthing.nix @@ -65,4 +65,9 @@ }; }; }; + + system.permown."/home/palo/music-library" = { + owner = "palo"; + group = "users"; + }; } diff --git a/configs/workhorse/borg.nix b/configs/workhorse/borg.nix index abb6761..4033520 100644 --- a/configs/workhorse/borg.nix +++ b/configs/workhorse/borg.nix @@ -5,7 +5,6 @@ quota = "100G"; allowSubRepos = true; authorizedKeys = [ - # todo rename (lib.fileContents ) (lib.fileContents ) ]; diff --git a/configs/workhorse/syncthing.nix b/configs/workhorse/syncthing.nix index 3f9ed05..bacb76f 100644 --- a/configs/workhorse/syncthing.nix +++ b/configs/workhorse/syncthing.nix @@ -100,17 +100,14 @@ }; }; - # todo now working properly - # ------------------------- - #systemd.services."permown._media_syncthing" = { - # bindsTo = [ "media.mount" ]; - # after = [ "media.mount" ]; - #}; - #system.permown."/media/syncthing" = { - # owner = "syncthing"; - # group = "syncthing"; - # umask = "0002"; - #}; + system.permown."/media/syncthing" = { + owner = "syncthing"; + group = "syncthing"; + }; + systemd.services."permown._media_syncthing" = { + bindsTo = [ "media.mount" ]; + after = [ "media.mount" ]; + }; systemd.services."syncthing" = { bindsTo = [ "media.mount" ]; after = [ "media.mount" ]; diff --git a/modules/system/permown.nix b/modules/system/permown.nix index a079525..7988dfb 100644 --- a/modules/system/permown.nix +++ b/modules/system/permown.nix @@ -1,6 +1,11 @@ { config, pkgs, lib, ... }: + with lib; -let cfg = config.system.permown; + +let + cfg = config.system.permown; + nameGenerator = path: "permown.${replaceStrings [ "/" ] [ "_" ] path}"; + in { options.system.permown = mkOption { @@ -10,11 +15,11 @@ in { options = { directory-mode = mkOption { default = "=rwx"; - type = types.str; # TODO + type = types.str; }; file-mode = mkOption { default = "=rw"; - type = types.str; # TODO + type = types.str; }; group = mkOption { apply = x: if x == null then "" else x; @@ -30,69 +35,58 @@ in { default = "0027"; type = types.str; }; + timer = mkOption { + default = "hourly"; + type = types.str; + description = + "OnCalendar string on how frequent should this command run"; + }; }; })); }; config = let plans = lib.attrValues cfg; + in mkIf (plans != [ ]) { system.activationScripts.permown = let - mkdir = plan: # sh - '' - ${pkgs.coreutils}/bin/mkdir -p ${plan.path} - ''; + mkdir = { path, ... }: '' + ${pkgs.coreutils}/bin/mkdir -p ${path} + ''; in concatMapStrings mkdir plans; - # genAttrs' = names: f: listToAttrs (map f names); + systemd.services = listToAttrs (flip map plans + ({ path, directory-mode, file-mode, owner, group, umask, ... }: { + name = nameGenerator path; + value = { + environment = { + DIR_MODE = directory-mode; + FILE_MODE = file-mode; + OWNER_GROUP = "${owner}:${group}"; + ROOT_PATH = path; + }; + path = [ pkgs.coreutils pkgs.findutils pkgs.inotifyTools ]; + serviceConfig = { + ExecStart = pkgs.writers.writeDash "permown" '' + set -efu + find "$ROOT_PATH" -exec chown -h "$OWNER_GROUP" {} + + find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} + + find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} + + ''; + PrivateTmp = true; + Restart = "always"; + RestartSec = 10; + UMask = umask; + }; + wantedBy = [ "multi-user.target" ]; + }; + })); - systemd.services = listToAttrs (flip map plans (plan: { - name = "permown.${replaceStrings [ "/" ] [ "_" ] plan.path}"; + systemd.timers = listToAttrs (flip map plans ({ path, timer, ... }: { + name = nameGenerator path; value = { - environment = { - DIR_MODE = plan.directory-mode; - FILE_MODE = plan.file-mode; - OWNER_GROUP = "${plan.owner}:${plan.group}"; - ROOT_PATH = plan.path; - }; - path = [ pkgs.coreutils pkgs.findutils pkgs.inotifyTools ]; - serviceConfig = { - ExecStart = pkgs.writers.writeDash "permown" '' - set -efu - - find "$ROOT_PATH" -exec chown -h "$OWNER_GROUP" {} + - find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} + - find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} + - - paths=/tmp/paths - rm -f "$paths" - mkfifo "$paths" - - inotifywait -mrq -e CREATE --format %w%f "$ROOT_PATH" > "$paths" & - inotifywaitpid=$! - - trap cleanup EXIT - cleanup() { - kill "$inotifywaitpid" - } - - while read -r path; do - if test -d "$path"; then - cleanup - exec "$0" "$@" - fi - chown -h "$OWNER_GROUP" "$path" - if test -f "$path"; then - chmod "$FILE_MODE" "$path" - fi - done < "$paths" - ''; - PrivateTmp = true; - Restart = "always"; - RestartSec = 10; - UMask = plan.umask; - }; wantedBy = [ "multi-user.target" ]; + timerConfig.OnCalendar = timer; }; }));