cmd/sharefs: implement shared filesystem
All checks were successful
Test / Create distribution (push) Successful in 46s
Test / Sandbox (push) Successful in 2m40s
Test / Hakurei (push) Successful in 3m41s
Test / Hpkg (push) Successful in 4m42s
Test / Sandbox (race detector) (push) Successful in 4m53s
Test / Hakurei (race detector) (push) Successful in 5m53s
Test / ShareFS (push) Successful in 38m10s
Test / Flake checks (push) Successful in 1m46s
All checks were successful
Test / Create distribution (push) Successful in 46s
Test / Sandbox (push) Successful in 2m40s
Test / Hakurei (push) Successful in 3m41s
Test / Hpkg (push) Successful in 4m42s
Test / Sandbox (race detector) (push) Successful in 4m53s
Test / Hakurei (race detector) (push) Successful in 5m53s
Test / ShareFS (push) Successful in 38m10s
Test / Flake checks (push) Successful in 1m46s
This is for passing files between applications, similar to android /sdcard. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
96
nixos.nix
96
nixos.nix
@@ -66,6 +66,38 @@ in
|
||||
) "" cfg.users;
|
||||
};
|
||||
|
||||
systemd.services = {
|
||||
sharefs = mkIf (cfg.sharefs.source != null) {
|
||||
unitConfig.RequiresMountsFor = cfg.sharefs.source;
|
||||
serviceConfig = {
|
||||
NoNewPrivileges = true;
|
||||
};
|
||||
script = ''
|
||||
${pkgs.coreutils}/bin/install \
|
||||
-dm0700 \
|
||||
-o ${cfg.sharefs.user} \
|
||||
-g ${cfg.sharefs.group} \
|
||||
${cfg.sharefs.source} ${cfg.sharefs.name}
|
||||
|
||||
exec ${cfg.package}/libexec/sharefs -f \
|
||||
-o ${
|
||||
lib.join "," [
|
||||
"noexec"
|
||||
"nosuid"
|
||||
"nodev"
|
||||
"auto_unmount"
|
||||
"allow_other"
|
||||
"clone_fd"
|
||||
"setuid=$(id -u ${cfg.sharefs.user})"
|
||||
"setgid=$(id -g ${cfg.sharefs.group})"
|
||||
"source=${cfg.sharefs.source}"
|
||||
]
|
||||
} ${cfg.sharefs.name}
|
||||
'';
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
};
|
||||
|
||||
home-manager =
|
||||
let
|
||||
privPackages = mapAttrs (_: userid: {
|
||||
@@ -322,25 +354,57 @@ in
|
||||
in
|
||||
{
|
||||
users = mkMerge (
|
||||
foldlAttrs (
|
||||
acc: _: fid:
|
||||
acc
|
||||
++ foldlAttrs (
|
||||
acc': _: app:
|
||||
acc' ++ [ { ${getsubname fid app.identity} = getuser fid app.identity; } ]
|
||||
) [ { ${getsubname fid 0} = getuser fid 0; } ] cfg.apps
|
||||
) [ ] cfg.users
|
||||
foldlAttrs
|
||||
(
|
||||
acc: _: fid:
|
||||
acc
|
||||
++ foldlAttrs (
|
||||
acc': _: app:
|
||||
acc' ++ [ { ${getsubname fid app.identity} = getuser fid app.identity; } ]
|
||||
) [ { ${getsubname fid 0} = getuser fid 0; } ] cfg.apps
|
||||
)
|
||||
(
|
||||
if (cfg.sharefs.source != null) then
|
||||
[
|
||||
{
|
||||
${cfg.sharefs.user} = {
|
||||
uid = lib.mkDefault 1023;
|
||||
inherit (cfg.sharefs) group;
|
||||
isSystemUser = true;
|
||||
home = cfg.sharefs.source;
|
||||
};
|
||||
|
||||
}
|
||||
]
|
||||
else
|
||||
[ ]
|
||||
)
|
||||
cfg.users
|
||||
);
|
||||
|
||||
groups = mkMerge (
|
||||
foldlAttrs (
|
||||
acc: _: fid:
|
||||
acc
|
||||
++ foldlAttrs (
|
||||
acc': _: app:
|
||||
acc' ++ [ { ${getsubname fid app.identity} = getgroup fid app.identity; } ]
|
||||
) [ { ${getsubname fid 0} = getgroup fid 0; } ] cfg.apps
|
||||
) [ ] cfg.users
|
||||
foldlAttrs
|
||||
(
|
||||
acc: _: fid:
|
||||
acc
|
||||
++ foldlAttrs (
|
||||
acc': _: app:
|
||||
acc' ++ [ { ${getsubname fid app.identity} = getgroup fid app.identity; } ]
|
||||
) [ { ${getsubname fid 0} = getgroup fid 0; } ] cfg.apps
|
||||
)
|
||||
(
|
||||
if (cfg.sharefs.source != null) then
|
||||
[
|
||||
{
|
||||
${cfg.sharefs.group} = {
|
||||
gid = lib.mkDefault 1023;
|
||||
};
|
||||
}
|
||||
]
|
||||
else
|
||||
[ ]
|
||||
)
|
||||
cfg.users
|
||||
);
|
||||
};
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user