feat: Filter userdata.json input so we don't pass undefined items

2025-01-08 00:51:23 +00:00 · 2024-12-15 03:45:46 +03:00 · 2024-12-15 03:45:46 +03:00 · af2f0014c5
parent 8276d8c8ce
commit af2f0014c5
1 changed files with 42 additions and 18 deletions
--- a/flake.nix
+++ b/flake.nix
@ -25,28 +25,52 @@
            deployment
            ./configuration.nix
            selfprivacy-api.nixosModules.default
-            {
+            (
-              # pass userdata (parsed from JSON) options to selfprivacy module
+              let
-              selfprivacy = userdata;
+                deepFilter = ref: attrset:
                  builtins.foldl'
                    (acc: key:
                      if builtins.hasAttr key ref then
                        let
                          value = attrset.${key};
                          refValue = ref.${key};
                        in
                        acc // {
                          ${key} =
                            if builtins.isAttrs value && builtins.isAttrs refValue then
                              deepFilter refValue value
                            else
                              value;
                        }
                      else
                        acc
                    )
                    { }
                    (builtins.attrNames attrset);
              in
              { options, ... }: {
                # pass userdata (parsed from JSON) options to selfprivacy module
                selfprivacy = deepFilter options.selfprivacy userdata;
-              # embed top-level flake source folder into the build
+                # embed top-level flake source folder into the build
-              environment.etc."selfprivacy/nixos-config-source".source =
+                environment.etc."selfprivacy/nixos-config-source".source =
-                top-level-flake;
+                  top-level-flake;
-              # for running "nix search nixpkgs", "nix shell nixpkgs#PKG... etc
+                # for running "nix search nixpkgs", "nix shell nixpkgs#PKG... etc
-              nix.registry.nixpkgs.flake = nixpkgs;
+                nix.registry.nixpkgs.flake = nixpkgs;
-              # embed commit sha1 for `nixos-version --configuration-revision`
+                # embed commit sha1 for `nixos-version --configuration-revision`
-              system.configurationRevision = self.rev
+                system.configurationRevision = self.rev
-                or "@${self.lastModifiedDate}"; # for development
+                  or "@${self.lastModifiedDate}"; # for development
-              # TODO assertion to forbid dirty builds caused by top-level-flake
+                # TODO assertion to forbid dirty builds caused by top-level-flake
-              # reset contents of /etc/nixos to match running NixOS generation
+                # reset contents of /etc/nixos to match running NixOS generation
-              system.activationScripts.selfprivacy-nixos-config-source = ''
+                system.activationScripts.selfprivacy-nixos-config-source = ''
-                rm -rf /etc/nixos/{*,.[!.]*}
+                  rm -rf /etc/nixos/{*,.[!.]*}
-                cp -r --no-preserve=all ${top-level-flake}/ -T /etc/nixos/
+                  cp -r --no-preserve=all ${top-level-flake}/ -T /etc/nixos/
-              '';
+                '';
-            }
+              }
            )
          ]
          ++
          # add SP modules, but constrain available config attributes for each