jan-leila/nix-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-config/modules/nixos-modules/server/actual/impermanence.nix

39 lines
1.3 KiB
Nix
Raw Blame History

{
lib,
config,
...
}: let
const = import ./const.nix;
dataDirectory = const.dataDirectory;
# Strip /private from dataDirectory for assertion check (systemd DynamicUser adds /private automatically)
configDataDirectory = lib.strings.replaceStrings ["/var/lib/private"] ["/var/lib"] dataDirectory;
in {
options.services.actual = {
impermanence.enable = lib.mkOption {
type = lib.types.bool;
default = config.services.actual.enable && config.host.impermanence.enable;
};
};
config = lib.mkIf config.services.actual.impermanence.enable {
assertions = [
{
assertion = config.services.actual.settings.dataDir == dataDirectory;
message = "actual data location does not match persistence\nconfig directory: ${config.services.actual.settings.dataDir}\npersistence directory: ${dataDirectory}";
}
{
assertion = config.systemd.services.actual.serviceConfig.DynamicUser or false;
message = "actual systemd service must have DynamicUser enabled to use private directory";
}
];
environment.persistence."/persist/system/root" = {
directories = [
{
directory = dataDirectory;
user = "actual";
group = "actual";
}
];
};
};
}
Reference in a new issue View git blame Copy permalink