2019-08-11 15:36:33 +02:00
|
|
|
{ config, lib, ... }:
|
|
|
|
|
|
|
|
let
|
|
|
|
cfg = config.programs.fuse;
|
|
|
|
in {
|
2024-04-17 13:37:58 +02:00
|
|
|
meta.maintainers = with lib.maintainers; [ primeos ];
|
2019-08-11 15:36:33 +02:00
|
|
|
|
|
|
|
options.programs.fuse = {
|
2024-04-17 13:37:58 +02:00
|
|
|
mountMax = lib.mkOption {
|
2019-08-11 15:36:33 +02:00
|
|
|
# In the C code it's an "int" (i.e. signed and at least 16 bit), but
|
|
|
|
# negative numbers obviously make no sense:
|
2024-04-17 13:37:58 +02:00
|
|
|
type = lib.types.ints.between 0 32767; # 2^15 - 1
|
2019-08-11 15:36:33 +02:00
|
|
|
default = 1000;
|
|
|
|
description = ''
|
|
|
|
Set the maximum number of FUSE mounts allowed to non-root users.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2024-04-17 13:37:58 +02:00
|
|
|
userAllowOther = lib.mkOption {
|
|
|
|
type = lib.types.bool;
|
2019-08-11 15:36:33 +02:00
|
|
|
default = false;
|
|
|
|
description = ''
|
2019-08-12 13:37:15 +02:00
|
|
|
Allow non-root users to specify the allow_other or allow_root mount
|
2019-08-11 15:36:33 +02:00
|
|
|
options, see mount.fuse3(8).
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = {
|
|
|
|
environment.etc."fuse.conf".text = ''
|
2024-04-17 13:37:58 +02:00
|
|
|
${lib.optionalString (!cfg.userAllowOther) "#"}user_allow_other
|
|
|
|
mount_max = ${builtins.toString cfg.mountMax}
|
2019-08-11 15:36:33 +02:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
}
|