diff --git a/deployment/data-model-test.nix b/deployment/data-model-test.nix index 7c11f687..5b4b9259 100644 --- a/deployment/data-model-test.nix +++ b/deployment/data-model-test.nix @@ -45,8 +45,10 @@ in description = "Any options from NixOS"; }; }; - config.resource-type = types.raw; # TODO: what's the type of a NixOS configuration? - config.apply = requests: lib.mkMerge (requests ++ [ config.extra-config ]); + config = { + resource-type = types.raw; # TODO: what's the type of a NixOS configuration? + apply = requests: lib.mkMerge (requests ++ [ config.extra-config ]); + }; }; }; resources.login-shell = { @@ -82,24 +84,26 @@ in default = false; }; }; - config.resource-type = types.raw; # TODO: splice out the user type from NixOS - config.apply = - requests: - let - # Filter out requests that need wheel if policy doesn't allow it - validRequests = lib.filterAttrs ( - _name: req: !req.login-shell.wheel || config.wheel - ) requests.resources; - in - lib.optionalAttrs (validRequests != { }) { - ${config.username} = { - isNormalUser = true; - packages = - with lib; - attrValues (concatMapAttrs (_name: request: request.login-shell.packages) validRequests); - extraGroups = lib.optional config.wheel "wheel"; + config = { + resource-type = types.raw; # TODO: splice out the user type from NixOS + apply = + requests: + let + # Filter out requests that need wheel if policy doesn't allow it + validRequests = lib.filterAttrs ( + _name: req: !req.login-shell.wheel || config.wheel + ) requests.resources; + in + lib.optionalAttrs (validRequests != { }) { + ${config.username} = { + isNormalUser = true; + packages = + with lib; + attrValues (concatMapAttrs (_name: request: request.login-shell.packages) validRequests); + extraGroups = lib.optional config.wheel "wheel"; + }; }; - }; + }; }; }; applications.hello = @@ -165,7 +169,7 @@ in } ); resources = fediversity.applications.hello.resources fediversity.example-configuration.applications.hello; - hello-shell = (resources).resources.hello.login-shell; + hello-shell = resources.resources.hello.login-shell; environment = fediversity.environments.single-nixos-vm.resources.operator-environment.login-shell; result = mkDeployment { modules = [ @@ -174,7 +178,7 @@ in }; in - rec { + { number-of-resources = with lib; length (attrNames fediversity.resources); inherit (fediversity) example-configuration; hello-package-exists = hello-shell.packages ? hello; @@ -186,7 +190,7 @@ in in { inherit (operator) isNormalUser; - packages = with lib; map (p: "${p.pname}") operator.packages; + packages = map (p: "${p.pname}") operator.packages; extraGroups = operator.extraGroups; }; deployment = { diff --git a/deployment/data-model.nix b/deployment/data-model.nix index 10256d30..a5562f93 100644 --- a/deployment/data-model.nix +++ b/deployment/data-model.nix @@ -76,7 +76,7 @@ in # TODO(@fricklerhandwerk): do we need a function type here as well, or is it in the way? options.apply = mkOption { description = "Apply the policy to a request"; - type = with types; functionTo policy.config.resource-type; + type = functionTo policy.config.resource-type; }; }) ];