43 lines
974 B
Nix
43 lines
974 B
Nix
{ lib, ... }:
|
|
|
|
with lib;
|
|
rec {
|
|
# "Access Control List", only it's just a user:group and file mode
|
|
# compatible with `chown` and `chmod`
|
|
aclMod = {
|
|
options = {
|
|
user = mkOption {
|
|
type = types.str; # TODO: use uid?
|
|
};
|
|
group = mkOption {
|
|
type = types.str;
|
|
};
|
|
mode = mkOption {
|
|
type = types.str;
|
|
};
|
|
};
|
|
};
|
|
acl = types.submodule aclMod;
|
|
|
|
# this is acl, but doesn't require to be fully specified.
|
|
# a typical use case is when there's a complete acl, and the user
|
|
# wants to override just one attribute of it.
|
|
aclOverrideMod = {
|
|
options = {
|
|
user = mkOption {
|
|
type = types.nullOr types.str;
|
|
default = null;
|
|
};
|
|
group = mkOption {
|
|
type = types.nullOr types.str;
|
|
default = null;
|
|
};
|
|
mode = mkOption {
|
|
type = types.nullOr types.str;
|
|
default = null;
|
|
};
|
|
};
|
|
};
|
|
aclOverride = types.submodule aclOverrideMod;
|
|
}
|