mirror of
https://github.com/LnL7/nix-darwin.git
synced 2024-12-14 11:57:34 +00:00
36a15e8c6c
This is a huge anti‐declarative footgun; `copy` files cannot distinguish if a previous version is managed by nix-darwin, so they can’t check the hash, so they’re prone to destroying data, and copied files are not deleted when they’re removed from the system configuration, which led to a security bug. Nothing else in‐tree was using this functionality, so let’s make sure it doesn’t cause any more bugs.
60 lines
1 KiB
Nix
60 lines
1 KiB
Nix
{ lib, mkTextDerivation }:
|
|
|
|
{ config, name, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
fileName = file: last (splitString "/" file);
|
|
mkDefaultIf = cond: value: mkIf cond (mkDefault value);
|
|
|
|
drv = mkTextDerivation (fileName name) config.text;
|
|
in
|
|
|
|
{
|
|
options = {
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = true;
|
|
description = ''
|
|
Whether this file should be generated.
|
|
This option allows specific files to be disabled.
|
|
'';
|
|
};
|
|
|
|
text = mkOption {
|
|
type = types.lines;
|
|
default = "";
|
|
description = ''
|
|
Text of the file.
|
|
'';
|
|
};
|
|
|
|
target = mkOption {
|
|
type = types.str;
|
|
default = name;
|
|
description = ''
|
|
Name of symlink. Defaults to the attribute name.
|
|
'';
|
|
};
|
|
|
|
source = mkOption {
|
|
type = types.path;
|
|
description = ''
|
|
Path of the source file.
|
|
'';
|
|
};
|
|
|
|
knownSha256Hashes = mkOption {
|
|
internal = true;
|
|
type = types.listOf types.str;
|
|
default = [];
|
|
};
|
|
};
|
|
|
|
config = {
|
|
|
|
source = mkDefault drv;
|
|
|
|
};
|
|
}
|