switch dufs user to nfs user
This commit is contained in:
parent
0d00dbbcfd
commit
cfd282d97d
@ -41,13 +41,13 @@ in
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "dufs";
|
||||
description = "User to run dufs service as";
|
||||
description = "User to run dufs service as (should match NFS share owner)";
|
||||
};
|
||||
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "dufs";
|
||||
description = "Group to run dufs service as";
|
||||
description = "Group to run dufs service as (should match NFS share group)";
|
||||
};
|
||||
|
||||
publicInstance = {
|
||||
@ -166,20 +166,20 @@ in
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
# Create dufs user and group
|
||||
users.users.${cfg.user} = {
|
||||
# Create dufs user and group only if using default user/group
|
||||
users.users.${cfg.user} = lib.mkIf (cfg.user == "dufs") {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
extraGroups = [ "users" ]; # Add to users group for access to shared files
|
||||
description = "dufs file server user";
|
||||
};
|
||||
|
||||
users.groups.${cfg.group} = {};
|
||||
users.groups.${cfg.group} = lib.mkIf (cfg.group == "dufs") {};
|
||||
|
||||
# Ensure proper ownership of dufs directories
|
||||
# Ensure directories exist (ownership should be managed by NFS or external system)
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${cfg.servePathPublic} 0755 ${cfg.user} ${cfg.group} -"
|
||||
"d ${cfg.servePathPrivate} 0755 ${cfg.user} ${cfg.group} -"
|
||||
"d ${cfg.servePathPublic} 0755 - - -"
|
||||
"d ${cfg.servePathPrivate} 0755 - - -"
|
||||
];
|
||||
|
||||
# Public read-only instance
|
||||
|
||||
@ -179,6 +179,8 @@ in
|
||||
services.dufs = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
user = "kage";
|
||||
group = "users";
|
||||
|
||||
# Public read-only instance
|
||||
publicInstance = {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user