From 4b648422c3a78897e4855734aa962f255afab30e Mon Sep 17 00:00:00 2001
From: Gregor Kleen <pngwjpgh@users.noreply.github.com>
Date: Sun, 4 Sep 2016 19:44:12 +0200
Subject: bind mount

---
 hel.nix | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/hel.nix b/hel.nix
index 759441f7..bc2d520f 100644
--- a/hel.nix
+++ b/hel.nix
@@ -109,7 +109,7 @@
           AllowStreamLocalForwarding no
           X11Forwarding no
           AllowAgentForwarding no
-          ChrootDirectory %h
+          ChrootDirectory /run/%u
           AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
       '';
     };
@@ -353,5 +353,26 @@
   virtualisation.virtualbox.host = {
     enable = true;
   };
+
+  systemd.automounts = [
+    { enable = true;
+      where = "/run/media";
+      automountConfig = {
+        DirectoryMode = "700";
+      };
+    }
+  ];
+
+  systemd.mounts = [
+    { enable = true;
+      where = "/run/media";
+      what = "/var/media";
+      type = "none";
+      options = "bind";
+      mountConfig = {
+        DirectoryMode = "700";
+      };
+    }
+  ];
 }
 
-- 
cgit v1.2.3