43 lines
974 B
Nix
43 lines
974 B
Nix
|
{ lib, ... }:
|
||
|
|
||
|
with lib;
|
||
|
rec {
|
||
|
# "Access Control List", only it's just a user:group and file mode
|
||
|
# compatible with `chown` and `chmod`
|
||
|
aclMod = {
|
||
|
options = {
|
||
|
user = mkOption {
|
||
|
type = types.str; # TODO: use uid?
|
||
|
};
|
||
|
group = mkOption {
|
||
|
type = types.str;
|
||
|
};
|
||
|
mode = mkOption {
|
||
|
type = types.str;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
acl = types.submodule aclMod;
|
||
|
|
||
|
# this is acl, but doesn't require to be fully specified.
|
||
|
# a typical use case is when there's a complete acl, and the user
|
||
|
# wants to override just one attribute of it.
|
||
|
aclOverrideMod = {
|
||
|
options = {
|
||
|
user = mkOption {
|
||
|
type = types.nullOr types.str;
|
||
|
default = null;
|
||
|
};
|
||
|
group = mkOption {
|
||
|
type = types.nullOr types.str;
|
||
|
default = null;
|
||
|
};
|
||
|
mode = mkOption {
|
||
|
type = types.nullOr types.str;
|
||
|
default = null;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
aclOverride = types.submodule aclOverrideMod;
|
||
|
}
|