cleanup: persist/private: encode the dependencies more precisely, rather than just having it all depend on default.target
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
{ config, lib, pkgs, sane-lib, utils, ... }:
|
||||
|
||||
let
|
||||
# TODO: parameterize!
|
||||
persist-base = "/nix/persist";
|
||||
origin = config.sane.persist.stores."private".origin;
|
||||
backing = sane-lib.path.concat [ persist-base "private" ];
|
||||
@@ -112,15 +111,15 @@ lib.mkIf config.sane.persist.enable
|
||||
};
|
||||
|
||||
# let sane.fs know about the mount
|
||||
sane.fs."${origin}".mount = {};
|
||||
sane.fs."${origin}".mount.depends = [
|
||||
config.sane.fs."${backing}".unit
|
||||
config.sane.fs."/run/gocryptfs".unit
|
||||
];
|
||||
# it also needs to know that the underlying device is an ordinary folder
|
||||
sane.fs."${backing}" = sane-lib.fs.wanted {
|
||||
dir.acl.user = config.sane.defaultUser;
|
||||
};
|
||||
|
||||
sane.fs."/run/gocryptfs" = sane-lib.fs.wanted {
|
||||
dir.acl.user = config.sane.defaultUser;
|
||||
dir.acl.mode = "0700";
|
||||
sane.fs."${backing}".dir.acl.user = config.sane.defaultUser;
|
||||
sane.fs."/run/gocryptfs".dir.acl = {
|
||||
user = config.sane.defaultUser;
|
||||
mode = "0700";
|
||||
};
|
||||
|
||||
# in order for non-systemd `mount` to work, the mount point has to already be created, so make that a default target
|
||||
|
||||
Reference in New Issue
Block a user