From a8c9100849a52b096436b2684706b8723e5df009 Mon Sep 17 00:00:00 2001 From: David Crompton Date: Thu, 27 Jul 2023 14:53:50 -0400 Subject: [PATCH] User Home Size Restriction Make XFS drives Mounted with Quota Support --- machines/kcnhub/configuration.nix | 4 +++ machines/kcnhub/hardware-configuration.nix | 2 ++ machines/kcnhub/modules.nix | 5 +++ machines/kcnhub/modules/userHomeSize.nix | 39 ++++++++++++++++++++++ machines/kcnhub/users.nix | 5 +++ machines/kcnhub/users/david.nix | 9 +++++ 6 files changed, 64 insertions(+) create mode 100644 machines/kcnhub/modules.nix create mode 100644 machines/kcnhub/modules/userHomeSize.nix create mode 100644 machines/kcnhub/users.nix create mode 100644 machines/kcnhub/users/david.nix diff --git a/machines/kcnhub/configuration.nix b/machines/kcnhub/configuration.nix index 0354c24..b45d5e1 100644 --- a/machines/kcnhub/configuration.nix +++ b/machines/kcnhub/configuration.nix @@ -8,8 +8,12 @@ imports = [ ./hardware-configuration.nix + # Set of Modules Defining System Configuration + ./modules.nix # Set of System Wide Available Packages ./packages.nix + # Set of Users on This System + ./users.nix ]; # Use the systemd-boot EFI boot loader. diff --git a/machines/kcnhub/hardware-configuration.nix b/machines/kcnhub/hardware-configuration.nix index 44094ef..3914757 100644 --- a/machines/kcnhub/hardware-configuration.nix +++ b/machines/kcnhub/hardware-configuration.nix @@ -29,6 +29,7 @@ fileSystems."/" = { device = "/dev/disk/by-uuid/4aa8d42a-e8c3-4b60-bc69-2d0333886c55"; fsType = "xfs"; + options = [ "defaults" "pquota" ]; }; fileSystems."/boot" = @@ -39,6 +40,7 @@ fileSystems."/storage" = { device = "/dev/disk/by-uuid/eb2170c8-236a-40d4-baa8-07ad4981a442"; fsType = "xfs"; + options = [ "defaults" "pquota" ]; }; swapDevices = [ ]; diff --git a/machines/kcnhub/modules.nix b/machines/kcnhub/modules.nix new file mode 100644 index 0000000..b0df7b8 --- /dev/null +++ b/machines/kcnhub/modules.nix @@ -0,0 +1,5 @@ +{ ... }: { + imports = [ + ./modules/userHomeSize.nix + ]; +} diff --git a/machines/kcnhub/modules/userHomeSize.nix b/machines/kcnhub/modules/userHomeSize.nix new file mode 100644 index 0000000..8b74631 --- /dev/null +++ b/machines/kcnhub/modules/userHomeSize.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: with lib; let + + userOpts = { name, config, ... }: { + options = { + homeSize = mkOption { + type = types.nullOr types.str; + description = "Size of user's home directory"; + default = null; + }; + homeProjectId = mkOption { + type = types.nullOr types.int; + description = "What project does this user's home directory belong to"; + default = null; + }; + }; + config = { + }; + }; + +in { + options = { + users.users = mkOption { + type = with types; attrsOf (submodule userOpts); + }; + }; + + config = let + users' = lib.attrsets.filterAttrs (userName: user: user.homeSize != null) config.users.users; + in mkIf (users' != {}) { + programs.xfs_quota.projects = mapAttrs (userName: user: let + in { + id = user.homeProjectId; + fileSystem = "/"; + path = user.home; + sizeSoftLimit = user.homeSize; + sizeHardLimit = user.homeSize; + }) users'; + }; +} diff --git a/machines/kcnhub/users.nix b/machines/kcnhub/users.nix new file mode 100644 index 0000000..41342c0 --- /dev/null +++ b/machines/kcnhub/users.nix @@ -0,0 +1,5 @@ +{ ... }: { + imports = [ + ./users/david.nix + ]; +} diff --git a/machines/kcnhub/users/david.nix b/machines/kcnhub/users/david.nix new file mode 100644 index 0000000..57106fa --- /dev/null +++ b/machines/kcnhub/users/david.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: { + users.users.david = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ + ]; + }; + users.userHomes.david = {}; +}