1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
nix-darwin/modules/lib/write-text.nix
Emily 36a15e8c6c write-text: remove support for copy
This is a huge anti‐declarative footgun; `copy` files cannot
distinguish if a previous version is managed by nix-darwin, so they
can’t check the hash, so they’re prone to destroying data, and
copied files are not deleted when they’re removed from the system
configuration, which led to a security bug. Nothing else in‐tree
was using this functionality, so let’s make sure it doesn’t
cause any more bugs.
2024-06-15 12:15:13 +01:00

60 lines
1 KiB
Nix

{ lib, mkTextDerivation }:
{ config, name, ... }:
with lib;
let
fileName = file: last (splitString "/" file);
mkDefaultIf = cond: value: mkIf cond (mkDefault value);
drv = mkTextDerivation (fileName name) config.text;
in
{
options = {
enable = mkOption {
type = types.bool;
default = true;
description = ''
Whether this file should be generated.
This option allows specific files to be disabled.
'';
};
text = mkOption {
type = types.lines;
default = "";
description = ''
Text of the file.
'';
};
target = mkOption {
type = types.str;
default = name;
description = ''
Name of symlink. Defaults to the attribute name.
'';
};
source = mkOption {
type = types.path;
description = ''
Path of the source file.
'';
};
knownSha256Hashes = mkOption {
internal = true;
type = types.listOf types.str;
default = [];
};
};
config = {
source = mkDefault drv;
};
}