From 53d76920e49f41f3a22f3f4471599ffcd3e92291 Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Tue, 5 Mar 2024 18:39:23 +0000
Subject: [PATCH] servo: persist more specifically the /var/lib/uninsane/media
 directory

---
 hosts/by-name/servo/fs.nix | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/hosts/by-name/servo/fs.nix b/hosts/by-name/servo/fs.nix
index 003294d2..1fd96f06 100644
--- a/hosts/by-name/servo/fs.nix
+++ b/hosts/by-name/servo/fs.nix
@@ -82,14 +82,13 @@
   };
   sane.fs."/mnt/usb-hdd".mount = {};
 
-  sane.persist.sys.byStore.plaintext = [
-    # TODO: this is overly broad; only need media and share directories to be persisted
-    { user = "colin"; group = "users"; path = "/var/lib/uninsane"; method = "bind"; }
-  ];
-  # force some problematic directories to always get correct permissions:
-  sane.fs."/var/lib/uninsane/media".dir.acl = {
-    user = "colin"; group = "media"; mode = "0775";
-  };
+  sane.persist.sys.byStore.plaintext = [{
+    path = "/var/lib/uninsane/media";
+    method = "bind";  #< this HAS to be `bind` if we're going to persist the whole thing but create subdirs, as below.
+    user = "colin";
+    group = "media";
+    mode = "0755";
+  }];
   sane.fs."/var/lib/uninsane/media/archive".dir = {};
   # this is file.text instead of symlink.text so that it may be read over a remote mount (where consumers might not have any /nix/store/.../README.md path)
   sane.fs."/var/lib/uninsane/media/archive/README.md".file.text = ''
@@ -133,8 +132,8 @@
     {
       user = "colin";
       group = "users";
-      mode = "0777";
-      path = "/var/lib/uninsane/media/datasets";
+      mode = "0775";
+      path = "/var/lib/uninsane/datasets";
     }
   ];