outputs: pass secretsData directly

2024-03-02 10:24:49 +01:00 · 2024-03-02 10:24:49 +01:00 · 4cfd580447
commit 4cfd580447
parent b1a4b4de96
2 changed files with 2 additions and 14 deletions
--- a/nixosModules/clanCore/outputs.nix
+++ b/nixosModules/clanCore/outputs.nix
@ -62,19 +62,7 @@
          description = ''
            secret data as json for the generator
          '';
-          default = pkgs.writers.writeJSON "secrets.json" (lib.mapAttrs
-            (_name: secret: {
-              secrets = lib.mapAttrsToList
-                (name: secret: {
-                  inherit name;
-                } // lib.optionalAttrs (secret ? groups) {
-                  inherit (secret) groups;
-                })
-                secret.secrets;
-              facts = lib.mapAttrs (_: secret: secret.path) secret.facts;
-              generator = secret.generator.finalScript;
-            })
-            config.clanCore.secrets);
+          default = pkgs.writers.writeJSON "secrets.json" config.clanCore.secrets;
        };
        vm.create = lib.mkOption {
          type = lib.types.path;
--- a/pkgs/clan-cli/clan_cli/secrets/generate.py
+++ b/pkgs/clan-cli/clan_cli/secrets/generate.py
@ -58,7 +58,7 @@ def generate_service_secrets(
                "--unshare-user",
                "--uid", "1000",
                "--",
-                "bash", "-c", machine.secrets_data[service]["generator"]
+                "bash", "-c", machine.secrets_data[service]["generator"]["finalScript"]
            ],
        )
        # fmt: on