chvp/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Actually fix creation of dirs before secret placement

Browse source
This commit is contained in:
Charlotte Van Petegem 2022-03-06 05:25:37 +01:00
parent e36b662279
commit 562fcbbcf1
No known key found for this signature in database
GPG key ID: 019E764B7184435A
2 changed files with 24 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

2
machines/lasting-integrity/default.nix
View file

@ -80,7 +80,7 @@
add_header 'access-control-allow-origin' '*' always; add_header 'access-control-allow-origin' '*' always;
add_header 'access-control-allow-methods' 'GET, HEAD, POST, PUT, DELETE, OPTIONS' always; add_header 'access-control-allow-methods' 'GET, HEAD, POST, PUT, DELETE, OPTIONS' always;
add_header 'access-control-allow-headers' 'X-Requested-With, Content-Type, Authorization, Date' always; add_header 'access-control-allow-headers' 'X-Requested-With, Content-Type, Authorization, Date' always;
''; '';
priority = 1; priority = 1;
}; };
"/".return = "307 https://www.vanpetegem.me$request_uri"; "/".return = "307 https://www.vanpetegem.me$request_uri";

35
modules/base/zfs/default.nix
View file

@ -89,22 +89,36 @@
}; };
}; };
system.activationScripts =
let
ensureSystemExistsScript = lib.concatStringsSep "\n" (map (path: ''mkdir -p "${path}"'') config.chvp.base.zfs.ensureSystemExists);
ensureHomeExistsScript = lib.concatStringsSep "\n" (map (path: ''mkdir -p "/home/charlotte/${path}"; chown charlotte:users /home/charlotte/${path};'') config.chvp.base.zfs.ensureHomeExists);
in
{
ensureSystemPathsExist = {
text = ensureSystemExistsScript;
deps = [ "agenixMountSecrets" ];
};
agenixRoot.deps = [ "ensureSystemPathsExist" ];
ensureHomePathsExist = {
text = ''
mkdir -p /home/charlotte/
${ensureHomeExistsScript}
'';
deps = [ "users" "groups" ];
};
agenix.deps = [ "ensureHomePathsExist" ];
};
systemd.services = systemd.services =
let let
makeLinkScript = config: lib.concatStringsSep "\n" (map (location: ''mkdir -p "${location.path}"'') config); makeLinkScript = config: lib.concatStringsSep "\n" (map (location: ''mkdir -p "${location.path}"'') config);
ensureSystemExistsScript = lib.concatStringsSep "\n" (map (path: ''mkdir -p "${path}"'') config.chvp.base.zfs.ensureSystemExists);
systemLinksScript = makeLinkScript config.chvp.base.zfs.systemLinks; systemLinksScript = makeLinkScript config.chvp.base.zfs.systemLinks;
ensureHomeExistsScript = lib.concatStringsSep "\n" (map (path: ''mkdir -p "${path}"'') config.chvp.base.zfs.ensureHomeExists);
homeLinksScript = makeLinkScript config.chvp.base.zfs.homeLinks; homeLinksScript = makeLinkScript config.chvp.base.zfs.homeLinks;
in in
{ {
make-system-links-destinations = { make-system-links-destinations = {
script = '' script = systemLinksScript;
${ensureSystemExistsScript}
${systemLinksScript}
mkdir -p /home/charlotte
chown charlotte:users /home/charlotte
'';
after = [ "local-fs.target" ]; after = [ "local-fs.target" ];
wants = [ "local-fs.target" ]; wants = [ "local-fs.target" ];
before = [ "shutdown.target" "sysinit.target" ]; before = [ "shutdown.target" "sysinit.target" ];
@ -121,10 +135,7 @@
}; };
make-home-links-destinations = { make-home-links-destinations = {
script = '' script = homeLinksScript;
${ensureHomeExistsScript}
${homeLinksScript}
'';
after = [ "local-fs.target" "make-system-links-destinations.service" ]; after = [ "local-fs.target" "make-system-links-destinations.service" ];
wants = [ "local-fs.target" "make-system-links-destinations.service" ]; wants = [ "local-fs.target" "make-system-links-destinations.service" ];
before = [ "shutdown.target" "sysinit.target" ]; before = [ "shutdown.target" "sysinit.target" ];