nixos-config/modules/wrapper-manager/sandboxing/default.nix

{ lib, ... }:

{
  imports = [
    ./boxxy.nix
    ./bubblewrap
  ];

  options.wrappers =
    let
      sandboxingType = { name, lib, config, options, ... }: {
        options.sandboxing = {
          variant = lib.mkOption {
            type = with lib.types; nullOr (enum []);
            description = ''
              The sandboxing framework to be applied to the wrapper. A value of
              `null` will essentially disable it.
            '';
            default = null;
            example = "bubblewrap";
          };

          wraparound = {
            executable = options.arg0;
            extraArgs = options.extraArgs;
          };
        };
      };
    in
    lib.mkOption {
      type = with lib.types; attrsOf (submodule sandboxingType);
    };
}
wrapper-manager/sandboxing: init skeleton module 2024-07-24 13:07:06 +00:00			`{ lib, ... }:`

			`{`
wrapper-manager/sandboxing/bubblewrap: init prototype Not complete, just its options for now. We might even go into the direction of NixPak and nix-bubblewrap creating our own specialized launcher. 2024-07-26 07:41:49 +00:00			`imports = [`
wrapper-manager/sandboxing/boxxy: init Alternative to Bubblewrap while I'm still figuring it out. 2024-07-29 11:03:31 +00:00			`./boxxy.nix`
wrapper-manager/sandboxing/bubblewrap: init prototype Not complete, just its options for now. We might even go into the direction of NixPak and nix-bubblewrap creating our own specialized launcher. 2024-07-26 07:41:49 +00:00			`./bubblewrap`
			`];`
wrapper-manager/sandboxing: init skeleton module 2024-07-24 13:07:06 +00:00
			`options.wrappers =`
			`let`
wrapper-manager/sandboxing: add wraparound under namespace Each wrapper represents one... wrapper anyways so it is fine to have this. If nothing else applies, you could still make the specific sandboxing module to have its own wraparound option namespace. That practice should be discouraged though. 2024-07-29 08:39:59 +00:00			`sandboxingType = { name, lib, config, options, ... }: {`
wrapper-manager/sandboxing: init skeleton module 2024-07-24 13:07:06 +00:00			`options.sandboxing = {`
			`variant = lib.mkOption {`
			`type = with lib.types; nullOr (enum []);`
			`description = ''`
			`The sandboxing framework to be applied to the wrapper. A value of`
			`null` will essentially disable it.
			`'';`
			`default = null;`
			`example = "bubblewrap";`
			`};`
wrapper-manager/sandboxing: add wraparound under namespace Each wrapper represents one... wrapper anyways so it is fine to have this. If nothing else applies, you could still make the specific sandboxing module to have its own wraparound option namespace. That practice should be discouraged though. 2024-07-29 08:39:59 +00:00
			`wraparound = {`
			`executable = options.arg0;`
			`extraArgs = options.extraArgs;`
			`};`
wrapper-manager/sandboxing: init skeleton module 2024-07-24 13:07:06 +00:00			`};`
			`};`
			`in`
			`lib.mkOption {`
			`type = with lib.types; attrsOf (submodule sandboxingType);`
			`};`
			`}`