colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

btrfs.autoScrub: enable

Browse Source
This commit is contained in:
Colin
2024-11-08 09:36:33 +00:00
parent b897640f7f
commit a34ab22fd7
3 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/common/programs/assorted.nix
View File

@@ -445,13 +445,6 @@ in
bridge-utils.sandbox.net = "all"; bridge-utils.sandbox.net = "all";
btrfs-progs.sandbox.autodetectCliPaths = "existing"; # e.g. `btrfs filesystem df /my/fs`
btrfs-progs.sandbox.extraPaths = [
"/dev/btrfs-control"
];
btrfs-progs.sandbox.tryKeepUsers = true;
btrfs-progs.sandbox.capabilities = [ "sys_admin" ]; # for `btrfs scrub`
"cacert.unbundled".sandbox.enable = false; #< data only "cacert.unbundled".sandbox.enable = false; #< data only
cargo.persist.byStore.plaintext = [ ".cargo" ]; cargo.persist.byStore.plaintext = [ ".cargo" ];

19
hosts/common/programs/btrfs-progs.nix Normal file
View File

@@ -0,0 +1,19 @@
{ config, lib, ... }:
let
cfg = config.sane.programs.btrfs-progs;
in
{
sane.programs.btrfs-progs = {
sandbox.autodetectCliPaths = "existing"; # e.g. `btrfs filesystem df /my/fs`
sandbox.extraPaths = [
"/dev/btrfs-control"
];
sandbox.tryKeepUsers = true;
sandbox.capabilities = [ "sys_admin" ]; # for `btrfs scrub`
};
# TODO: service sandboxing
services.btrfs.autoScrub.enable = lib.mkIf cfg.enabled true;
services.btrfs.autoScrub.interval = "weekly";
}

1
hosts/common/programs/default.nix
View File

@@ -17,6 +17,7 @@
./bonsai.nix ./bonsai.nix
./brave.nix ./brave.nix
./brightnessctl.nix ./brightnessctl.nix
./btrfs-progs.nix
./bubblewrap.nix ./bubblewrap.nix
./bunpen.nix ./bunpen.nix
./callaudiod.nix ./callaudiod.nix