~cnx/loang#5: 
Enable userdir for both WWW and Gemini

Currently bind mount is used to let nginx user see inside others' home:

bindUserDirs = sources: target: lib.mapAttrs' (user: dir: {
  name = target + user;
  value = {
    device = "${config.users.users.${user}.home}/${dir}";
    options = [ "bind" ];
  };
}) sources;

This works fine for just WWW, e.g.

fileSystems = bindUserDirs {
  cnx = "www";
} "${config.services.nginx.virtualHosts.${domain}.root}/~";

however if the same is done for Gemini

fileSystems = (bindUserDirs {
  cnx = "gemini";
} "${config.services.molly-brown.docBase}/users") // bindUserDirs {
  cnx = "www";
} "${config.services.nginx.virtualHosts.${domain}.root}/~";

we hit a nix bug (?):

# nixos-rebuild switch
building Nix...
building the system configuration...
error: infinite recursion encountered

       at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/modules.nix:746:9:

          745|     in warnDeprecation opt //
          746|       { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
             |         ^
          747|         inherit (res.defsFinal') highestPrio;
(use '--show-trace' to show detailed location information)

Alternatively we can just require user homes to be 755 like Debian since I can see everything anyway.

Status
REPORTED
Submitter
~cnx
Assigned to
No-one
Submitted
3 months ago
Updated
3 months ago
Labels
No labels applied.