diff options
| author | Davíð Steinn Geirsson <david@dsg.is> | 2019-10-06 21:18:32 +0000 |
|---|---|---|
| committer | Lassulus <github@lassul.us> | 2019-12-08 16:33:19 +0100 |
| commit | 077934e1928f7cbfa7f4391f960dce3807515c5e (patch) | |
| tree | 5edefcee47d566a2d121629c35a2dff5c6ffbd2b /nixos | |
| parent | 664fdfbb781324f18654a9810e252118662d2b11 (diff) | |
| download | nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.tar nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.tar.gz nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.tar.bz2 nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.tar.lz nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.tar.xz nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.tar.zst nixlib-077934e1928f7cbfa7f4391f960dce3807515c5e.zip | |
transmission: Configurable download directory permissions
Allow the user to specify the permissions to apply to download folders used by transmission. This is useful e.g. when they are stored on a network share and accessed by other users. This commit also makes the home and config directories 700, as there is should be no need for wider permissions there.
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/torrent/transmission.nix | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/nixos/modules/services/torrent/transmission.nix b/nixos/modules/services/torrent/transmission.nix index 7409eb8cdcbe..412f9180375c 100644 --- a/nixos/modules/services/torrent/transmission.nix +++ b/nixos/modules/services/torrent/transmission.nix @@ -7,6 +7,7 @@ let apparmor = config.security.apparmor.enable; homeDir = cfg.home; + downloadDirPermissions = cfg.downloadDirPermissions; downloadDir = "${homeDir}/Downloads"; incompleteDir = "${homeDir}/.incomplete"; @@ -16,16 +17,14 @@ let # for users in group "transmission" to have access to torrents fullSettings = { umask = 2; download-dir = downloadDir; incomplete-dir = incompleteDir; } // cfg.settings; - # Directories transmission expects to exist and be ug+rwx. - directoriesToManage = [ homeDir settingsDir fullSettings.download-dir fullSettings.incomplete-dir ]; - preStart = pkgs.writeScript "transmission-pre-start" '' #!${pkgs.runtimeShell} set -ex - for DIR in ${escapeShellArgs directoriesToManage}; do + for DIR in "${homeDir}" "${settingsDir}" "${fullSettings.download-dir}" "${fullSettings.incomplete-dir}"; do mkdir -p "$DIR" - chmod 770 "$DIR" done + chmod 700 "${homeDir}" "${settingsDir}" + chmod ${downloadDirPermissions} "${fullSettings.download-dir}" "${fullSettings.incomplete-dir}" cp -f ${settingsFile} ${settingsDir}/settings.json ''; in @@ -71,6 +70,16 @@ in ''; }; + downloadDirPermissions = mkOption { + type = types.string; + default = "770"; + example = "775"; + description = '' + The permissions to set for download-dir and incomplete-dir. + They will be applied on every service start. + ''; + }; + port = mkOption { type = types.int; default = 9091; |