diff --git a/cmd/sharefs/test/test.py b/cmd/sharefs/test/test.py index 969bfa5..366b4b6 100644 --- a/cmd/sharefs/test/test.py +++ b/cmd/sharefs/test/test.py @@ -5,7 +5,8 @@ machine.wait_for_unit("multi-user.target") print(machine.succeed("/etc/sharefs -V")) # Make sure sharefs did not terminate: -machine.wait_for_unit("sharefs.service") +machine.wait_for_unit("sdcard.mount") +machine.wait_for_unit("sharefs-setup.service") machine.succeed("mkdir /mnt") def check_bad_opts_output(opts, want, source="/etc", privileged=False): diff --git a/flake.nix b/flake.nix index fff1df3..9e09c61 100644 --- a/flake.nix +++ b/flake.nix @@ -138,6 +138,10 @@ ; }; hsu = pkgs.callPackage ./cmd/hsu/package.nix { inherit (self.packages.${system}) hakurei; }; + sharefs = pkgs.linkFarm "sharefs" { + "bin/sharefs" = "${hakurei}/libexec/sharefs"; + "bin/mount.fuse.sharefs" = "${hakurei}/libexec/sharefs"; + }; dist = pkgs.runCommand "${hakurei.name}-dist" { buildInputs = hakurei.targetPkgs ++ [ pkgs.pkgsStatic.musl ]; } '' # go requires XDG_CACHE_HOME for the build cache diff --git a/nixos.nix b/nixos.nix index cccc181..f646683 100644 --- a/nixos.nix +++ b/nixos.nix @@ -66,42 +66,56 @@ in ) "" cfg.users; }; + environment.systemPackages = optional (cfg.sharefs.source != null) cfg.sharefs.package; + systemd.services = { - sharefs = mkIf (cfg.sharefs.source != null) { - unitConfig.RequiresMountsFor = cfg.sharefs.source; + sharefs-setup = mkIf (cfg.sharefs.source != null) { + unitConfig.RequiresMountsFor = dirOf cfg.sharefs.source; serviceConfig = { - NoNewPrivileges = true; + Type = "oneshot"; + RemainAfterExit = true; }; script = '' ${pkgs.coreutils}/bin/install \ -dm0700 \ -o ${cfg.sharefs.user} \ -g ${cfg.sharefs.group} \ - ${cfg.sharefs.source} ${cfg.sharefs.name} - - exec ${cfg.package}/libexec/sharefs -f \ - -o ${ - lib.join "," [ - "noexec" - "nosuid" - "nodev" - "noatime" - "auto_unmount" - "allow_other" - "setuid=$(id -u ${cfg.sharefs.user})" - "setgid=$(id -g ${cfg.sharefs.group})" - "source=${cfg.sharefs.source}" - ] - } ${cfg.sharefs.name} + ${cfg.sharefs.source} ''; - - # do not unmount on configuration changes - restartIfChanged = false; - - wantedBy = [ "multi-user.target" ]; + wantedBy = [ "local-fs.target" ]; }; }; + systemd.mounts = optional (cfg.sharefs.source != null) { + unitConfig.RequiresMountsFor = cfg.sharefs.source; + where = cfg.sharefs.name; + what = "sharefs"; + type = "fuse.sharefs"; + options = lib.join "," [ + "noexec" + "nosuid" + "nodev" + "noatime" + "auto_unmount" + "allow_other" + "setuid=${toString config.users.users.${cfg.sharefs.user}.uid}" + "setgid=${toString config.users.groups.${cfg.sharefs.group}.gid}" + "source=${cfg.sharefs.source}" + ]; + wants = [ "sharefs-setup.service" ]; + after = [ "sharefs-setup.service" ]; + before = [ + "local-fs.target" + "multi-user.target" + "nix-daemon.socket" + ]; + wantedBy = [ + "local-fs.target" + "multi-user.target" + "nix-daemon.socket" + ]; + }; + home-manager = let privPackages = mapAttrs (_: userid: { diff --git a/options.nix b/options.nix index 15e6f9f..02d69f5 100644 --- a/options.nix +++ b/options.nix @@ -41,6 +41,12 @@ in }; sharefs = { + package = mkOption { + type = types.package; + default = packages.${pkgs.stdenv.hostPlatform.system}.sharefs; + description = "The sharefs package to use."; + }; + user = mkOption { type = types.str; default = "sharefs";