chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2024-10-23 02:58:44 +08:00
Code Issues Packages Projects Releases Wiki Activity
76383ad9cb
nixos/modules/services/groupshare.nix
chn 822c3ef607 users: add hjp wp
2024-08-30 14:41:16 +08:00

53 lines
1.8 KiB
Nix
Raw Blame History

inputs:
{
options.nixos.services.groupshare = let inherit (inputs.lib) mkOption types; in mkOption
{
type = types.nullOr (types.submodule { options =
{
users = mkOption
{
type = types.listOf types.nonEmptyStr;
default = [ "chn" "gb" "xll" "yjq" "zem" "gb" "wp" "hjp" ];
};
};});
default = null;
};
config =
let
inherit (inputs.config.nixos.services) groupshare;
users = inputs.lib.intersectLists groupshare.users inputs.config.nixos.user.users;
in inputs.lib.mkIf (groupshare != null)
{
users =
{
users = builtins.listToAttrs (map (user: { name = user; value.extraGroups = [ "groupshare" ]; }) users);
groups.groupshare.gid = inputs.config.nixos.user.gid.groupshare;
};
systemd.tmpfiles.rules = [ "d /var/lib/groupshare" ]
++ (builtins.concatLists (map
(user:
[
"d /var/lib/groupshare/${user} 2750 ${user} groupshare"
"Z /var/lib/groupshare/${user} - ${user} groupshare"
("A /var/lib/groupshare/${user} - - - - "
# d 指 default, 即目录下新创建的文件和目录的权限
# 大写 X 指仅给目录执行权限
# m 指 mask, 即对于所有者以外的用户, 该用户的权限最大为 m 指定的权限
+ (builtins.concatStringsSep "," (builtins.concatLists (map
(perm: [ "d:${perm}" perm ])
[ "u:${user}:rwX" "g:groupshare:r-X" "o::---" "m::r-x" ]))))
])
users));
home-manager.users = builtins.listToAttrs (map
(user:
{
name = user;
value = homeInputs:
{
config.home.file.groupshare.source = homeInputs.config.lib.file.mkOutOfStoreSymlink "/var/lib/groupshare";
};
})
users);
};
}
Reference in New Issue View Git Blame Copy Permalink