Fediversity/nix-templating
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add json templating

Browse source
This commit is contained in:
Kiara Grouwstra 2025-05-29 11:19:33 +02:00
parent e46bc3ef80
commit 959d3911a5
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
4 changed files with 55 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
flake.nix
View file

@ -11,12 +11,16 @@
packages = nixpkgs.lib.genAttrs supportedArchitectures (system: { packages = nixpkgs.lib.genAttrs supportedArchitectures (system: {
nix_templater = nixpkgs.legacyPackages.${system}.callPackage ./pkgs/nix_templater {}; nix_templater = nixpkgs.legacyPackages.${system}.callPackage ./pkgs/nix_templater {};
}); });
legacyPackages = nixpkgs.lib.genAttrs supportedArchitectures (system: import ./lib.nix { legacyPackages = nixpkgs.lib.genAttrs supportedArchitectures (system: let
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
in import ./lib.nix {
inherit pkgs;
inherit (pkgs) lib;
nix_templater = packages.${system}.nix_templater; nix_templater = packages.${system}.nix_templater;
}); });
checks = nixpkgs.lib.genAttrs supportedArchitectures (system: { checks = nixpkgs.lib.genAttrs supportedArchitectures (system: {
template = import ./tests/template.nix { inherit legacyPackages system nixpkgs; }; template = import ./tests/template.nix { inherit legacyPackages system nixpkgs; };
json = import ./tests/json.nix { inherit legacyPackages system nixpkgs; };
}); });
}; };
} }

13
lib.nix
View file

@ -1,5 +1,5 @@
{ pkgs, nix_templater }: { pkgs, lib, nix_templater }:
{ rec {
# placeholder to be substituted with the content of a secret file # placeholder to be substituted with the content of a secret file
fileContents = file: { fileContents = file: {
outPath = "<${builtins.placeholder "nix_template"}${toString file}${builtins.placeholder "nix_template"}>"; outPath = "<${builtins.placeholder "nix_template"}${toString file}${builtins.placeholder "nix_template"}>";
@ -21,4 +21,13 @@
cp $scriptPath $out/bin/${name} cp $scriptPath $out/bin/${name}
chmod +x $out/bin/${name} chmod +x $out/bin/${name}
''; '';
template_generator = generator: { name, value, outPath }: template_text {
inherit name outPath;
text = generator value;
};
template_json = options: template_generator (lib.generators.toJSON options);
template_yaml = options: template_generator (lib.generators.toYAML options); # just json
template_ini = options: template_generator (lib.generators.toINI options);
} }

38
tests/json.nix Normal file
View file

@ -0,0 +1,38 @@
# test injecting a secret into a json template
{ legacyPackages, system, nixpkgs }:
let
secret_file = (nixpkgs.legacyPackages.${system}.writeText "secret" "secret");
in (nixpkgs.lib.nixos.runTest {
hostPkgs = nixpkgs.legacyPackages.${system};
name = "nix_templates";
nodes.machine = {pkgs, ...}: {
config = {
systemd.services.testservice = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
ExecStartPre = "${legacyPackages.${system}.template_json {} {
name = "test";
value = {
foo = "text";
bar = legacyPackages.${system}.fileContents secret_file;
};
outPath = "./test";
}}/bin/test";
ExecStart = pkgs.writeScript "test_file_got_templates" ''
#!/bin/sh
cat ./test | grep -q 'secret'
'';
};
};
};
};
testScript = ''
start_all()
print(machine.execute("uname -a"))
machine.wait_for_unit("multi-user.target")
print(machine.succeed("cat /test | grep -q secret"))
'';
})

2
tests/template.nix
View file

@ -1,4 +1,4 @@
# test injecting a secret into a template # test injecting a secret into a text template
{ legacyPackages, system, nixpkgs }: { legacyPackages, system, nixpkgs }:
let let
# this file would usually be outside of the store # this file would usually be outside of the store