From 3e10e6f139fcc4c161de91f0602265564f5a85a3 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Mon, 16 Dec 2024 12:31:22 -0600
Subject: [PATCH] no with

---
 nixos/modules/nixos/lib.nix | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/nixos/modules/nixos/lib.nix b/nixos/modules/nixos/lib.nix
index dbe8dc9..2b74133 100644
--- a/nixos/modules/nixos/lib.nix
+++ b/nixos/modules/nixos/lib.nix
@@ -1,20 +1,14 @@
 { lib, config, pkgs, ... }:
-with lib;
 {
 
   # container builder
   lib.mySystem.mkContainer = options: (
     let
-      # nix doesnt have an exhausive list of options for oci
-      # so here i try to get a robust list of security options for containers
-      # because everyone needs more tinfoild hat right?  RIGHT?
-
       containerExtraOptions = lib.optionals (lib.attrsets.attrByPath [ "caps" "privileged" ] false options) [ "--privileged" ]
         ++ lib.optionals (lib.attrsets.attrByPath [ "caps" "readOnly" ] false options) [ "--read-only" ]
-        ++ lib.optionals (lib.attrsets.attrByPath [ "caps" "tmpfs" ] false options) [ (map (folders: "--tmpfs=${folders}") tmpfsFolders) ]
+        ++ lib.optionals (lib.attrsets.attrByPath [ "caps" "tmpfs" ] false options) [ (map (folders: "--tmpfs=${folders}") lib.tmpfsFolders) ]
         ++ lib.optionals (lib.attrsets.attrByPath [ "caps" "noNewPrivileges" ] false options) [ "--security-opt=no-new-privileges" ]
         ++ lib.optionals (lib.attrsets.attrByPath [ "caps" "dropAll" ] false options) [ "--cap-drop=ALL" ];
-
     in
     {
       ${options.app} = {