From 08059336ca2974df1b2176ccfbc5f6de73cac843 Mon Sep 17 00:00:00 2001 From: cinereal Date: Wed, 28 May 2025 22:55:43 +0200 Subject: [PATCH 1/4] make test go thru --- tests/template.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/template.nix b/tests/template.nix index d7e92de..5fd22c6 100644 --- a/tests/template.nix +++ b/tests/template.nix @@ -33,7 +33,7 @@ in (nixpkgs.lib.nixos.runTest { testScript = '' start_all() print(machine.execute("uname -a")) - machine.wait_for_unit("testservice.service") - print(machine.succeed("cat /root/test | grep -q secret")) + machine.wait_for_unit("multi-user.target") + print(machine.succeed("cat /test | grep -q secret")) ''; }) From 5189feae3a7d9a025a3be46b872d0a6efe0368e7 Mon Sep 17 00:00:00 2001 From: cinereal Date: Wed, 28 May 2025 22:55:54 +0200 Subject: [PATCH 2/4] fix typo --- pkgs/nix_templater/replace.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/nix_templater/replace.py b/pkgs/nix_templater/replace.py index 8b434a9..aa84127 100644 --- a/pkgs/nix_templater/replace.py +++ b/pkgs/nix_templater/replace.py @@ -1,7 +1,7 @@ import sys from pathlib import Path -tempalte_file = sys.argv[1] +template_file = sys.argv[1] magic_string = sys.argv[2] outfile = sys.argv[3] @@ -9,7 +9,7 @@ if Path(outfile).exists(): print(f"{outfile} already exists, aborting") sys.exit(1) -template_bytes = Path(tempalte_file).read_bytes() +template_bytes = Path(template_file).read_bytes() loc = 0 output = b"" From f76e2e42feb32b8623e1cdce932e2e093549a37a Mon Sep 17 00:00:00 2001 From: cinereal Date: Wed, 28 May 2025 22:56:15 +0200 Subject: [PATCH 3/4] document components --- lib.nix | 2 ++ pkgs/nix_templater/replace.py | 1 + tests/template.nix | 1 + 3 files changed, 4 insertions(+) diff --git a/lib.nix b/lib.nix index 0f34930..1d63182 100644 --- a/lib.nix +++ b/lib.nix @@ -1,10 +1,12 @@ { pkgs, nix_templater }: rec { + # placeholder to be substituted with the content of a secret file fileContents = file: { outPath = "<${builtins.placeholder "nix_template"}${toString file}${builtins.placeholder "nix_template"}>"; file = file; }; + # make a template with placeholders template_text = { name, text, outPath }: pkgs.runCommand name { textBeforeTemplate = text; diff --git a/pkgs/nix_templater/replace.py b/pkgs/nix_templater/replace.py index aa84127..50ff7c5 100644 --- a/pkgs/nix_templater/replace.py +++ b/pkgs/nix_templater/replace.py @@ -1,3 +1,4 @@ +# replace occurrences of a magic string in a template file import sys from pathlib import Path diff --git a/tests/template.nix b/tests/template.nix index 5fd22c6..8c737b8 100644 --- a/tests/template.nix +++ b/tests/template.nix @@ -1,3 +1,4 @@ +# test injecting a secret into a template { legacyPackages, system, nixpkgs }: let # this file would usually be outside of the store From 0babda6eb511751b3a45c7403d97045cf0ecfb1a Mon Sep 17 00:00:00 2001 From: cinereal Date: Wed, 28 May 2025 22:56:26 +0200 Subject: [PATCH 4/4] simplify as per nix linter --- lib.nix | 2 +- tests/template.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib.nix b/lib.nix index 1d63182..16b1791 100644 --- a/lib.nix +++ b/lib.nix @@ -1,5 +1,5 @@ { pkgs, nix_templater }: -rec { +{ # placeholder to be substituted with the content of a secret file fileContents = file: { outPath = "<${builtins.placeholder "nix_template"}${toString file}${builtins.placeholder "nix_template"}>"; diff --git a/tests/template.nix b/tests/template.nix index 8c737b8..a72911c 100644 --- a/tests/template.nix +++ b/tests/template.nix @@ -8,7 +8,7 @@ in (nixpkgs.lib.nixos.runTest { hostPkgs = nixpkgs.legacyPackages.${system}; name = "nix_templates"; - nodes.machine = {config, pkgs, ...}: { + nodes.machine = {pkgs, ...}: { config = { systemd.services.testservice = { wantedBy = [ "multi-user.target" ];