impermanence: cleanup backing directory creation. this should let me remove the per-store /home/<user> perms hack
This commit is contained in:
parent
c18dd9636d
commit
43a46af43b
|
@ -302,12 +302,7 @@ let
|
|||
|
||||
# return all ancestors of this path.
|
||||
# e.g. ancestorsOf "/foo/bar/baz" => [ "/" "/foo" "/foo/bar" ]
|
||||
# TODO: move this to path-lib?
|
||||
ancestorsOf = path: if path-lib.hasParent path then
|
||||
ancestorsOf (path-lib.parent path) ++ [ (path-lib.parent path) ]
|
||||
else
|
||||
[ ]
|
||||
;
|
||||
ancestorsOf = path: lib.init (path-lib.walk "/" path);
|
||||
|
||||
# attrsOf fsEntry type which for every entry ensures that all ancestor entries are created.
|
||||
# we do this with a custom type to ensure that users can access `config.sane.fs."/parent/path"`
|
||||
|
|
|
@ -162,30 +162,37 @@ in
|
|||
cfgFor = opt:
|
||||
let
|
||||
store = opt.store;
|
||||
store-rel-path = path.from store.prefix opt.directory;
|
||||
backing-path = path.concat [ store.origin store-rel-path ];
|
||||
fsPathToStoreRelPath = fspath: path.from store.prefix fspath;
|
||||
fsPathToBackingPath = fspath: path.concat [ store.origin (fsPathToStoreRelPath fspath) ];
|
||||
|
||||
# pass through the perm/mode overrides
|
||||
dir-acl = sane-lib.filterNonNull {
|
||||
inherit (opt) user group mode;
|
||||
};
|
||||
in {
|
||||
# create destination and backing directory, with correct perms
|
||||
sane.fs."${opt.directory}" = {
|
||||
# inherit perms & make sure we don't mount until after the mount point is setup correctly.
|
||||
dir.acl = dir-acl;
|
||||
mount.bind = backing-path;
|
||||
inherit (store.defaultOrdering) wantedBy wantedBeforeBy;
|
||||
};
|
||||
sane.fs."${backing-path}" = {
|
||||
# ensure the backing path has same perms as the mount point.
|
||||
# TODO: maybe we want to do this, crawling all the way up to the store base?
|
||||
# that would simplify (remove) the code in stores/default.nix
|
||||
dir.acl = config.sane.fs."${opt.directory}".generated.acl;
|
||||
};
|
||||
};
|
||||
in [
|
||||
{
|
||||
# create destination dir, with correct perms
|
||||
sane.fs."${opt.directory}" = {
|
||||
# inherit perms & make sure we don't mount until after the mount point is setup correctly.
|
||||
dir.acl = dir-acl;
|
||||
mount.bind = fsPathToBackingPath opt.directory;
|
||||
inherit (store.defaultOrdering) wantedBy wantedBeforeBy;
|
||||
};
|
||||
|
||||
# create the backing path as a dir
|
||||
sane.fs."${fsPathToBackingPath opt.directory}".dir = {};
|
||||
# sane.fs."${fsPathToBackingPath opt.directory}".dir.acl = config.sane.fs."${opt.directory}".generated.acl;
|
||||
}
|
||||
{
|
||||
# default each item along the backing path to have the same acl as the location it would be mounted.
|
||||
sane.fs = sane-lib.mapToAttrs (fspath: {
|
||||
name = fsPathToBackingPath fspath;
|
||||
value.generated.acl = config.sane.fs."${fspath}".generated.acl;
|
||||
}) (path.walk store.prefix opt.directory);
|
||||
}
|
||||
];
|
||||
in mkIf cfg.enable {
|
||||
sane.fs = lib.mkMerge (map (d: (cfgFor d).sane.fs) cfg.dirs.all);
|
||||
sane.fs = lib.mkMerge (map (c: c.sane.fs) (concatMap cfgFor cfg.dirs.all));
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -5,4 +5,7 @@
|
|||
types = import ./types.nix moduleArgs;
|
||||
|
||||
filterNonNull = attrs: lib.filterAttrsRecursive (n: v: v != null) attrs;
|
||||
# transform a list into an attrset via a function which maps an element to a name + value
|
||||
# Type: mapToAttrs :: (a -> { name, value }) -> [a] -> AttrSet
|
||||
mapToAttrs = f: list: builtins.listToAttrs (builtins.map f list);
|
||||
}
|
||||
|
|
|
@ -26,5 +26,14 @@ let path = rec {
|
|||
assert lib.hasPrefix s e;
|
||||
"/" + (lib.removePrefix s e)
|
||||
);
|
||||
|
||||
# yield every node between start and end, including each the endpoints
|
||||
# e.g. walk "/foo" "/foo/bar/baz" => [ "/foo" "/foo/bar" "/foo/bar/baz" ]
|
||||
# XXX: assumes input paths are normalized
|
||||
walk = start: end: if start == end then
|
||||
[ start ]
|
||||
else
|
||||
(walk start (parent end)) ++ [ end ]
|
||||
;
|
||||
};
|
||||
in path
|
||||
|
|
Loading…
Reference in New Issue
Block a user