{ config, lib, ... }: let allApps = lib.concatMap lib.attrValues (lib.concatMap lib.attrValues (lib.attrValues config.fysiweb-apps)); in { options.fysiweb.capabilities.password-credentials = lib.mkOption { type = lib.types.attrsOf (lib.types.attrsOf (lib.types.submodule { options.username = lib.mkOption { type = lib.types.str; }; options.passwordFile = lib.mkOption { type = lib.types.str; }; })); default = { }; }; options.fysiweb.capabilities.ssh-credentials = lib.mkOption { type = lib.types.attrsOf (lib.types.attrsOf (lib.types.submodule { options.publicKeyFiles = lib.mkOption { type = lib.types.listOf lib.types.str; }; })); default = { }; }; config = { fysiweb.capabilities = lib.attrsets.mergeAttrsList (lib.concatMap (appConfig: let path = (toString ../../apps) + "/${appConfig.appName}/capabilities.nix"; in lib.optionals (lib.pathIsRegularFile path) [ (lib.mapAttrs (_: value: { ${appConfig.appId} = value; }) (import path { inherit appConfig config lib; })) ]) allApps); }; }