add json templating

flake.nix

@@ -11,12 +11,16 @@
     packages = nixpkgs.lib.genAttrs supportedArchitectures (system: {
       nix_templater = nixpkgs.legacyPackages.${system}.callPackage ./pkgs/nix_templater {};
     });
-    legacyPackages = nixpkgs.lib.genAttrs supportedArchitectures (system: import ./lib.nix {
+    legacyPackages = nixpkgs.lib.genAttrs supportedArchitectures (system: let
       pkgs = nixpkgs.legacyPackages.${system};
+    in import ./lib.nix {
+      inherit pkgs;
+      inherit (pkgs) lib;
       nix_templater = packages.${system}.nix_templater;
     });
     checks = nixpkgs.lib.genAttrs supportedArchitectures (system: {
       template = import ./tests/template.nix { inherit legacyPackages system nixpkgs; };
+      json = import ./tests/json.nix { inherit legacyPackages system nixpkgs; };
     });
   };
 }

lib.nix

@@ -1,5 +1,9 @@
-{ pkgs, nix_templater }:
 {
+  pkgs,
+  nix_templater,
+  lib ? pkgs.lib,
+}:
+rec {
   # placeholder to be substituted with the content of a secret file
   fileContents = file: {
    outPath = "<${builtins.placeholder "nix_template"}${toString file}${builtins.placeholder "nix_template"}>";
@@ -21,4 +25,13 @@
       cp $scriptPath $out/bin/${name}
       chmod +x $out/bin/${name}
     '';
+
+  template_generator = generator: { name, value, outPath }: template_text {
+    inherit name outPath;
+    text = generator value;
+  };
+
+  template_json = options: template_generator (lib.generators.toJSON options);
+  template_yaml = options: template_generator (lib.generators.toYAML options); # just json
+  template_ini = options: template_generator (lib.generators.toINI options);
 }

tests/json.nix

@@ -0,0 +1,38 @@
+# test injecting a secret into a json template
+{ legacyPackages, system, nixpkgs }:
+let
+  secret_file = (nixpkgs.legacyPackages.${system}.writeText "secret" "secret");
+in (nixpkgs.lib.nixos.runTest {
+    hostPkgs = nixpkgs.legacyPackages.${system};
+    name = "nix_templates";
+
+    nodes.machine = {pkgs, ...}: {
+      config = {
+        systemd.services.testservice = {
+          wantedBy = [ "multi-user.target" ];
+          serviceConfig = {
+            Type = "oneshot";
+            ExecStartPre = "${legacyPackages.${system}.template_json {} {
+              name = "test";
+              value = {
+                foo = "text";
+                bar = legacyPackages.${system}.fileContents secret_file;
+              };
+              outPath = "./test";
+            }}/bin/test";
+            ExecStart = pkgs.writeScript "test_file_got_templates" ''
+              #!/bin/sh
+              cat ./test | grep -q 'secret'
+            '';
+          };
+        };
+      };
+    };
+
+    testScript = ''
+      start_all()
+      print(machine.execute("uname -a"))
+      machine.wait_for_unit("multi-user.target")
+      print(machine.succeed("cat /test | grep -q secret"))
+    '';
+  })

tests/template.nix

@@ -1,4 +1,4 @@
-# test injecting a secret into a template
+# test injecting a secret into a text template
 { legacyPackages, system, nixpkgs }:
 let
   # this file would usually be outside of the store