feat: Filter userdata.json input so we don't pass undefined items

2025-01-06 16:14:17 +00:00 · 2024-12-15 03:45:46 +03:00 · 2024-12-15 03:45:46 +03:00 · af2f0014c5
parent 8276d8c8ce
commit af2f0014c5
1 changed files with 42 additions and 18 deletions
--- a/flake.nix
+++ b/flake.nix
@ -25,28 +25,52 @@
            deployment
            ./configuration.nix
            selfprivacy-api.nixosModules.default
-            {
-              # pass userdata (parsed from JSON) options to selfprivacy module
-              selfprivacy = userdata;
+            (
+              let
+                deepFilter = ref: attrset:
+                  builtins.foldl'
+                    (acc: key:
+                      if builtins.hasAttr key ref then
+                        let
+                          value = attrset.${key};
+                          refValue = ref.${key};
+                        in
+                        acc // {
+                          ${key} =
+                            if builtins.isAttrs value && builtins.isAttrs refValue then
+                              deepFilter refValue value
+                            else
+                              value;
+                        }
+                      else
+                        acc
+                    )
+                    { }
+                    (builtins.attrNames attrset);
+              in
+              { options, ... }: {
+                # pass userdata (parsed from JSON) options to selfprivacy module
+                selfprivacy = deepFilter options.selfprivacy userdata;

-              # embed top-level flake source folder into the build
-              environment.etc."selfprivacy/nixos-config-source".source =
-                top-level-flake;
+                # embed top-level flake source folder into the build
+                environment.etc."selfprivacy/nixos-config-source".source =
+                  top-level-flake;

-              # for running "nix search nixpkgs", "nix shell nixpkgs#PKG... etc
-              nix.registry.nixpkgs.flake = nixpkgs;
+                # for running "nix search nixpkgs", "nix shell nixpkgs#PKG... etc
+                nix.registry.nixpkgs.flake = nixpkgs;

-              # embed commit sha1 for `nixos-version --configuration-revision`
-              system.configurationRevision = self.rev
-                or "@${self.lastModifiedDate}"; # for development
-              # TODO assertion to forbid dirty builds caused by top-level-flake
+                # embed commit sha1 for `nixos-version --configuration-revision`
+                system.configurationRevision = self.rev
+                  or "@${self.lastModifiedDate}"; # for development
+                # TODO assertion to forbid dirty builds caused by top-level-flake

-              # reset contents of /etc/nixos to match running NixOS generation
-              system.activationScripts.selfprivacy-nixos-config-source = ''
-                rm -rf /etc/nixos/{*,.[!.]*}
-                cp -r --no-preserve=all ${top-level-flake}/ -T /etc/nixos/
-              '';
-            }
+                # reset contents of /etc/nixos to match running NixOS generation
+                system.activationScripts.selfprivacy-nixos-config-source = ''
+                  rm -rf /etc/nixos/{*,.[!.]*}
+                  cp -r --no-preserve=all ${top-level-flake}/ -T /etc/nixos/
+                '';
+              }
+            )
          ]
          ++
          # add SP modules, but constrain available config attributes for each