clanCore/vars: allow mode to be set
fmt
This commit is contained in:
Raymond Barbiero
committed by
Jörg Thalheim
Jörg Thalheim
parent
b6777cac93
commit
4117eb2f37
@@ -89,4 +89,23 @@ in
|
|||||||
expr = lib.hasPrefix builtins.storeDir config.generators.my_secret.script;
|
expr = lib.hasPrefix builtins.storeDir config.generators.my_secret.script;
|
||||||
expected = true;
|
expected = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# test for mode attribute
|
||||||
|
test_mode_attribute =
|
||||||
|
let
|
||||||
|
config = eval {
|
||||||
|
generators.my_secret = {
|
||||||
|
files.password = {
|
||||||
|
mode = "0400";
|
||||||
|
};
|
||||||
|
script = ''
|
||||||
|
echo "Mode set to ${config.generators.my_secret.files.password.mode}"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
expr = config.generators.my_secret.files.password.mode;
|
||||||
|
expected = "0400";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -276,9 +276,9 @@ in
|
|||||||
defaultText = lib.literalExpression ''if _class == "darwin" then "wheel" else "root"'';
|
defaultText = lib.literalExpression ''if _class == "darwin" then "wheel" else "root"'';
|
||||||
};
|
};
|
||||||
mode = lib.mkOption {
|
mode = lib.mkOption {
|
||||||
type = lib.types.strMatching "^[0-7]{3}$";
|
type = lib.types.strMatching "^[0-7]{4}$";
|
||||||
description = "The unix file mode of the file. Must be a 3-digit octal number.";
|
description = "The unix file mode of the file. Must be a 4-digit octal number.";
|
||||||
default = "400";
|
default = "0400";
|
||||||
};
|
};
|
||||||
value =
|
value =
|
||||||
lib.mkOption {
|
lib.mkOption {
|
||||||
|
|||||||
@@ -43,7 +43,12 @@ in
|
|||||||
map (secret: {
|
map (secret: {
|
||||||
name = "vars/${secret.generator}/${secret.name}";
|
name = "vars/${secret.generator}/${secret.name}";
|
||||||
value = {
|
value = {
|
||||||
inherit (secret) owner group neededForUsers;
|
inherit (secret)
|
||||||
|
owner
|
||||||
|
group
|
||||||
|
mode
|
||||||
|
neededForUsers
|
||||||
|
;
|
||||||
sopsFile = secretPath secret;
|
sopsFile = secretPath secret;
|
||||||
format = "binary";
|
format = "binary";
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -28,7 +28,7 @@ in
|
|||||||
generator = gen_name;
|
generator = gen_name;
|
||||||
neededForUsers = file.neededFor == "users";
|
neededForUsers = file.neededFor == "users";
|
||||||
inherit (generator) share;
|
inherit (generator) share;
|
||||||
inherit (file) owner group;
|
inherit (file) owner group mode;
|
||||||
}) (relevantFiles generator)
|
}) (relevantFiles generator)
|
||||||
) vars.generators
|
) vars.generators
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -77,6 +77,6 @@ class Var:
|
|||||||
deploy=data["deploy"],
|
deploy=data["deploy"],
|
||||||
owner=data.get("owner", "root"),
|
owner=data.get("owner", "root"),
|
||||||
group=data.get("group", "root"),
|
group=data.get("group", "root"),
|
||||||
mode=int(data.get("mode", "400"), 8),
|
mode=int(data.get("mode", "0400"), 8),
|
||||||
needed_for=data.get("neededFor", "services"),
|
needed_for=data.get("neededFor", "services"),
|
||||||
)
|
)
|
||||||
|
|||||||
Reference in New Issue
Block a user