Add initial tmproot module
This commit is contained in:
parent
fd0bbb2961
commit
ee353607d2
@ -60,6 +60,7 @@
|
||||
imports = [ (import path') ];
|
||||
}) {
|
||||
common = "common.nix";
|
||||
tmproot = "tmproot.nix";
|
||||
server = "server.nix";
|
||||
};
|
||||
|
||||
|
@ -12,19 +12,22 @@
|
||||
defaultUsername = "dev";
|
||||
uname = config.my.user.name;
|
||||
in {
|
||||
my.user = rec {
|
||||
name = mkDefault defaultUsername;
|
||||
isNormalUser = true;
|
||||
uid = mkDefault 1000;
|
||||
extraGroups = mkDefault [ "wheel" ];
|
||||
password = mkDefault "hunter2"; # TODO: secrets...
|
||||
my = {
|
||||
user = {
|
||||
name = mkDefault defaultUsername;
|
||||
isNormalUser = true;
|
||||
uid = mkDefault 1000;
|
||||
extraGroups = mkDefault [ "wheel" ];
|
||||
password = mkDefault "hunter2"; # TODO: secrets...
|
||||
};
|
||||
};
|
||||
|
||||
time.timeZone = mkDefault "Europe/Dublin";
|
||||
|
||||
users.mutableUsers = false;
|
||||
users.users.${uname} = mkAliasDefinitions options.my.user;
|
||||
users.groups.${uname}.gid = mkDefault config.users.users.${uname}.uid;
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
users.${uname} = mkAliasDefinitions options.my.user;
|
||||
};
|
||||
|
||||
security = {
|
||||
sudo.enable = mkDefault false;
|
||||
@ -43,11 +46,15 @@
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
bash-completion
|
||||
vim
|
||||
htop
|
||||
iperf3
|
||||
];
|
||||
|
||||
system.stateVersion = "21.11";
|
||||
system.configurationRevision = with inputs; mkIf (self ? rev) self.rev;
|
||||
system = {
|
||||
stateVersion = "21.11";
|
||||
configurationRevision = with inputs; mkIf (self ? rev) self.rev;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
61
modules/tmproot.nix
Normal file
61
modules/tmproot.nix
Normal file
@ -0,0 +1,61 @@
|
||||
{ lib, pkgs, inputs, config, ... }:
|
||||
let
|
||||
inherit (lib) concatStringsSep mkIf mkDefault mkAliasDefinitions;
|
||||
inherit (lib.my) mkOpt mkBoolOpt;
|
||||
|
||||
cfg = config.my.tmproot;
|
||||
|
||||
showUnsaved =
|
||||
''
|
||||
#!${pkgs.python310}/bin/python
|
||||
import stat
|
||||
import sys
|
||||
import os
|
||||
|
||||
ignored = [
|
||||
${concatStringsSep ",\n " (map (p: "'${p}'") cfg.ignoreUnsaved)}
|
||||
]
|
||||
|
||||
base = '/'
|
||||
base_dev = os.stat(base).st_dev
|
||||
|
||||
def recurse(p, link=None):
|
||||
try:
|
||||
for ignore in ignored:
|
||||
if p.startswith(ignore):
|
||||
return
|
||||
|
||||
st = os.lstat(p)
|
||||
if st.st_dev != base_dev:
|
||||
return
|
||||
|
||||
if stat.S_ISLNK(st.st_mode):
|
||||
target = os.path.realpath(p, strict=False)
|
||||
if os.access(target, os.F_OK):
|
||||
recurse(target, link=p)
|
||||
return
|
||||
elif stat.S_ISDIR(st.st_mode):
|
||||
for e in os.listdir(p):
|
||||
recurse(os.path.join(p, e))
|
||||
return
|
||||
|
||||
print(link or p)
|
||||
except PermissionError as ex:
|
||||
print(f'{p}: {ex.strerror}', file=sys.stderr)
|
||||
|
||||
recurse(base)
|
||||
'';
|
||||
in {
|
||||
options.my.tmproot = with lib.types; {
|
||||
enable = mkBoolOpt true;
|
||||
ignoreUnsaved = mkOpt (listOf str) [
|
||||
"/tmp"
|
||||
];
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [
|
||||
(pkgs.writeScriptBin "tmproot-unsaved" showUnsaved)
|
||||
];
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user