47 lines
1004 B
Nix
47 lines
1004 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let cfg = config.sydnix.deertopia.copyparty.vault;
|
|
in {
|
|
options.sydnix.deertopia.copyparty.vault = {
|
|
enable = lib.mkEnableOption "personal storage under Copyparty";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
sydnix.impermanence.directories = [ "/vault" ];
|
|
|
|
# HACK: Ad-hoc permissions, as typical.
|
|
users.groups.vault = {};
|
|
users.users.copyparty.extraGroups = [ "vault" ];
|
|
|
|
systemd.tmpfiles.settings."50-vault" =
|
|
let e = {
|
|
z.group = "vault";
|
|
z.mode = "2775";
|
|
v.group = "vault";
|
|
v.mode = "2775";
|
|
};
|
|
in {
|
|
"/vault" = e;
|
|
"/vault/~msyds" = e;
|
|
};
|
|
|
|
services.copyparty.volumes = {
|
|
"/~msyds" = {
|
|
path = "/vault/~msyds";
|
|
access.A = [ "msyds" ];
|
|
};
|
|
"/~msyds/zotero" = {
|
|
path = "/vault/~msyds/zotero";
|
|
flags.daw = true;
|
|
access.A = [ "msyds" ];
|
|
access.rwmd = [ "zotero" ];
|
|
};
|
|
"/~msyds/public" = {
|
|
path = "/vault/~msyds/public";
|
|
access.A = [ "msyds" ];
|
|
access.r = [ "*" ];
|
|
};
|
|
};
|
|
};
|
|
}
|