1 files changed,
25 insertions(+),
0 deletions(-)
Author:
Oleksandr Smirnov
olexsmir@gmail.com
Committed at:
2026-02-22 13:37:54 +0200
Authored at:
2026-02-22 13:35:54 +0200
Change ID:
kuosrtzqruwuyvyuxuswlmmvovyssovo
Parent:
cc59ce4
M
flake.nix
路路路 68 68 description = "Whether to open the firewall for mugit. Can only be used with `config`, not `configFile`."; 69 69 }; 70 70 71 + exposeCli = mkOption { 72 + type = types.bool; 73 + default = false; 74 + description = "Whether to expose a mugit CLI wrapper to all system users, runs as the mugit user/group."; 75 + }; 76 + 71 77 configFile = mkOption { 72 78 type = types.nullOr types.path; 73 79 default = null; 路路路 225 231 }; 226 232 227 233 users.groups.${cfg.group} = { }; 234 + 235 + security.wrappers = lib.mkIf cfg.exposeCli { 236 + mugit = { 237 + source = 238 + let 239 + resolvedConfig = if cfg.configFile != null then cfg.configFile else configFile; 240 + mugitWrapped = pkgs.writeScriptBin "mugit" '' 241 + #!${pkgs.bash}/bin/bash 242 + exec ${cfg.package}/bin/mugit --config ${resolvedConfig} "$@" 243 + ''; 244 + in 245 + "${mugitWrapped}/bin/mugit"; 246 + owner = cfg.user; 247 + group = cfg.group; 248 + setuid = true; 249 + setgid = true; 250 + permissions = "u+rx,g+rx,o+rx"; 251 + }; 252 + }; 228 253 229 254 systemd.services.mugit = { 230 255 description = "mugit service";