2019-08-11 13:36:33 +00:00
|
|
|
{ config, lib, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let
|
|
|
|
cfg = config.programs.fuse;
|
|
|
|
in {
|
|
|
|
meta.maintainers = with maintainers; [ primeos ];
|
|
|
|
|
|
|
|
options.programs.fuse = {
|
|
|
|
mountMax = mkOption {
|
|
|
|
# In the C code it's an "int" (i.e. signed and at least 16 bit), but
|
|
|
|
# negative numbers obviously make no sense:
|
|
|
|
type = types.ints.between 0 32767; # 2^15 - 1
|
|
|
|
default = 1000;
|
2022-07-28 21:19:15 +00:00
|
|
|
description = lib.mdDoc ''
|
2019-08-11 13:36:33 +00:00
|
|
|
Set the maximum number of FUSE mounts allowed to non-root users.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
userAllowOther = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
2022-07-28 21:19:15 +00:00
|
|
|
description = lib.mdDoc ''
|
2019-08-12 11:37:15 +00:00
|
|
|
Allow non-root users to specify the allow_other or allow_root mount
|
2019-08-11 13:36:33 +00:00
|
|
|
options, see mount.fuse3(8).
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = {
|
|
|
|
environment.etc."fuse.conf".text = ''
|
|
|
|
${optionalString (!cfg.userAllowOther) "#"}user_allow_other
|
|
|
|
mount_max = ${toString cfg.mountMax}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
}
|