diff --git a/flake.nix b/flake.nix index c25e88d..faa6da5 100644 --- a/flake.nix +++ b/flake.nix @@ -1,8 +1,6 @@ { - inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; - systems.url = "github:nix-systems/default-linux"; - }; + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + inputs.systems.url = "github:nix-systems/default-linux"; outputs = { @@ -36,13 +34,10 @@ yoke-lite = pkgs.rustPlatform.callPackage ./nix/package.nix { }; }); nixosModules.default = - { pkgs, lib, ... }: + { pkgs, ... }: { - config = { - imports = [ ./nix/module.nix ]; - wrapperPkg = self.packages.${pkgs.system}.yoke-lite; - environment.systemPackages = [ self.packages.${pkgs.system}.yoke ]; - }; + imports = [ ./nix/module.nix ]; + programs.yoke.package = self.packages.${pkgs.system}.yoke; }; }; } diff --git a/nix/module.nix b/nix/module.nix deleted file mode 100644 index a6586e9..0000000 --- a/nix/module.nix +++ /dev/null @@ -1,89 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: -let - inherit (lib) mkOption mkPackageOption types; - strNotEmpty = s: lib.stringLength s != 0; - wrapperType = lib.types.submodule { - options = { - package = mkPackageOption "wrapped" { } { - nullable = false; - }; - executable = mkOption { - type = types.str; - default = ""; - }; - args = mkOption { - type = types.listOf types.str; - default = [ ]; - }; - env = mkOption { - type = types.attrsOf (types.listOf types.str); - default = { }; - }; - retainEnv = mkOption { - type = types.bool; - default = false; - }; - addPwd = mkOption { - type = types.bool; - default = false; - }; - }; - }; -in -{ - options = { - wrappers = mkOption { - type = types.attrsOf wrapperType; - }; - wrapperPkg = mkPackageOption "wrapper" { } { nullable = false; }; - }; - config = - let - wrap = - name: opts: - let - envs = lib.concatStringsSep " " ( - lib.mapAttrsToList (n: v: "${n}=${lib.concatStringsSep ":" v}") opts.env - ); - sandboxArgs = pkgs.stdenvNoCC.mkDerivation { - name = "${name}-opts"; - __structuredAttrs = true; - exportReferencesGraph.closure = [ opts.package ]; - preferLocalBuild = true; - nativeBuildInputs = [ - pkgs.coreutils - pkgs.jq - ]; - buildCommand = '' - echo -n "--fs rx=" > $out - jq -r '.closure[].path' < "$NIX_ATTRS_JSON_FILE" \ - | tr '\n' ':' | sed 's/:$//' >> $out - ${if (strNotEmpty envs) then "echo -n ' --env ${envs}' >> $out" else ""} - ''; - }; - command = lib.getExe' opts.package ( - if (strNotEmpty opts.executable) then opts.executable else opts.package.pname - ); - wrappedArgs = lib.concatStringsSep " " opts.args; - script = '' - #! /usr/bin/env bash - ${lib.getExe' config.wrapperPkg "yoke"} \ - ${if opts.addPwd then "--fs rwx=$PWD" else ""} \ - ${if opts.retainEnv then "--retain-env" else ""} \ - --fd-args -- \ - ${command} \ - ${wrappedArgs} $@ \ - 3< ${sandboxArgs} - ''; - in - pkgs.writeScriptBin "${name}" script; - in - { - environment.systemPackages = lib.mapAttrsToList wrap config.wrappers; - }; -} diff --git a/src/main.rs b/src/main.rs index abee00c..3260a38 100644 --- a/src/main.rs +++ b/src/main.rs @@ -46,8 +46,8 @@ rules env vars: --env | -e [key]=[value] - retain inherited env vars: - --retain-env | -r + clear inherited env vars: + --clear-env | -c allow use of external unix domain sockets: --sockets | -s