Flatpak is a application packing method available on Linux and provides a separate sandbox environment from the main OS like chroot or a docker container.
[net.retrodeck.retrodeck.yml](https://github.com/XargonWan/RetroDECK/blob/main/net.retrodeck.retrodeck.yml) in our manifest the RetroDECK module is defined together with a ever growing list of other modules like our dependencies:
- Emulators
- Game Engines
- Libraries
- Github / Gitlab projects
Are all defined in their own module and built together.
Additional permissions arguments can be defined in the manifest to give access to several features of the hostsystem. Flatpak developers are always adding new permissions but the goal of a flatpak it should only request as much as it needs and not be over permissive .
More on [Sandbox Permissions Reference](https://docs.flatpak.org/en/latest/sandbox-permissions-reference.html)
All permissions can be even overridden by the user doing cli commands or using flatseal to add more permissions.
Example arguments:
```
finish-args:
- --share=ipc
- --share=network
- --device=all
- --filesystem=home
- --filesystem=/run/media
- --filesystem=/media
- --filesystem=/media
```
In this example we're telling the flatpak:
Enable ipc and networking
```
--share=ipc
--share=network
```
Have access to all plugged in devices, such as controllers and webcams.
```
--device=all
```
Have access to file systems paths for the entire home catalog and plugged in Disks / SDCards and USB Storage.
A good way to learn how to write modules is to search on flathub's GitHub for other modules to get an idea, however our manifest is more or less using every module type possible. What follows are two examples (note that providing a sha256 is mandatory):
