warnings.nix: port to a proper module

2024-02-20 11:19:12 +00:00 · 2024-02-20 11:19:12 +00:00 · d7be5da483
commit d7be5da483
parent 902e351085
5 changed files with 22 additions and 14 deletions
--- a/hosts/common/default.nix
+++ b/hosts/common/default.nix
@ -16,7 +16,6 @@
    ./secrets.nix
    ./ssh.nix
    ./users
-    ./warnings.nix
  ];

  sane.nixcache.enable-trusted-keys = true;
--- a/hosts/common/users/colin.nix
+++ b/hosts/common/users/colin.nix
@ -51,6 +51,12 @@
    };
  };

+  # i explicitly set both `initialPassword` and `hashedPasswordFile`, so ignore the warning against this.
+  # see: <https://github.com/NixOS/nixpkgs/pull/287506>
+  sane.silencedWarnings = [
+    "The user 'colin' has multiple of the options\n`hashedPassword`, `password`, `hashedPasswordFile`, `initialPassword`\n& `initialHashedPassword` set to a non-null value.\nThe options silently discard others by the order of precedence\ngiven above which can lead to surprising results. To resolve this warning,\nset at most one of the options above to a non-`null` value.\n"
+  ];
+
  environment.etc."/security/capability.conf".text = ''
    # The pam_cap.so module accepts the following arguments:
    #
--- a/hosts/common/warnings.nix
+++ b/hosts/common/warnings.nix
@ -1,13 +0,0 @@
-{ lib, ... }:
-let
-  ignored = [
-    "The user 'colin' has multiple of the options\n`hashedPassword`, `password`, `hashedPasswordFile`, `initialPassword`\n& `initialHashedPassword` set to a non-null value.\nThe options silently discard others by the order of precedence\ngiven above which can lead to surprising results. To resolve this warning,\nset at most one of the options above to a non-`null` value.\n"
-  ];
-in
-{
-  options = {
-    warnings = lib.mkOption {
-      apply = builtins.filter (w: !(builtins.elem w ignored));
-    };
-  };
-}
--- a/modules/default.nix
+++ b/modules/default.nix
@ -16,6 +16,7 @@
    ./ssh.nix
    ./users.nix
    ./vpn.nix
+    ./warnings.nix
    ./wowlan.nix
  ];

--- a/modules/warnings.nix
+++ b/modules/warnings.nix
@ -0,0 +1,15 @@
+{ config, lib, ... }:
+{
+  options = with lib; {
+    sane.silencedWarnings = mkOption {
+      type = types.listOf types.string;
+      default = [];
+      description = ''
+        list of `config.warnings` values you want to ignore, verbatim.
+      '';
+    };
+    warnings = mkOption {
+      apply = builtins.filter (w: !(builtins.elem w config.sane.silencedWarnings));
+    };
+  };
+}