76 lines
1.7 KiB
Nix
Executable File
76 lines
1.7 KiB
Nix
Executable File
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.sydnix.impermanence;
|
|
in {
|
|
imports = [
|
|
./impermanence/rollback.nix
|
|
];
|
|
|
|
options = {
|
|
sydnix.impermanence = {
|
|
enable = mkEnableOption "Impermanence";
|
|
|
|
directories = mkOption {
|
|
type = with types; listOf anything;
|
|
default = [];
|
|
};
|
|
|
|
files = mkOption {
|
|
type = with types; listOf anything;
|
|
default = [];
|
|
};
|
|
|
|
persistDirectory = mkOption {
|
|
default = "/persist";
|
|
type = types.str;
|
|
description = ''
|
|
The directory in which persistent files live.
|
|
'';
|
|
};
|
|
|
|
persistGroupName = mkOption {
|
|
default = "persist";
|
|
type = types.str;
|
|
description = ''
|
|
Name of the group whose members have access to the persist directory.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
# Create a group called `cfg.persistGroupName`
|
|
users.groups.${cfg.persistGroupName} = {
|
|
name = cfg.persistGroupName;
|
|
};
|
|
|
|
# Permit members of `cfg.persistGroupName` to read, write, and execute
|
|
# /persist.
|
|
systemd.tmpfiles.settings."10-persist" = {
|
|
${cfg.persistDirectory} = {
|
|
z.group = cfg.persistGroupName;
|
|
z.mode = "2775";
|
|
};
|
|
"${cfg.persistDirectory}/home" = {
|
|
z.group = "users";
|
|
z.mode = "2775";
|
|
};
|
|
"${cfg.persistDirectory}/user-files" = {
|
|
z.group = "users";
|
|
z.mode = "2775";
|
|
};
|
|
};
|
|
|
|
# TODO: Move this somewhere else.
|
|
programs.fuse.userAllowOther = true;
|
|
|
|
environment.persistence."${cfg.persistDirectory}/root" = {
|
|
directories = cfg.directories;
|
|
files = cfg.files;
|
|
};
|
|
};
|
|
}
|