outputs: pass secretsData directly

nixosModules/clanCore/outputs.nix

@@ -62,19 +62,7 @@
           description = ''
             secret data as json for the generator
           '';
-          default = pkgs.writers.writeJSON "secrets.json" (lib.mapAttrs
+          default = pkgs.writers.writeJSON "secrets.json" config.clanCore.secrets;
-            (_name: secret: {
-              secrets = lib.mapAttrsToList
-                (name: secret: {
-                  inherit name;
-                } // lib.optionalAttrs (secret ? groups) {
-                  inherit (secret) groups;
-                })
-                secret.secrets;
-              facts = lib.mapAttrs (_: secret: secret.path) secret.facts;
-              generator = secret.generator.finalScript;
-            })
-            config.clanCore.secrets);
         };
         vm.create = lib.mkOption {
           type = lib.types.path;

pkgs/clan-cli/clan_cli/secrets/generate.py

@@ -58,7 +58,7 @@ def generate_service_secrets(
                 "--unshare-user",
                 "--uid", "1000",
                 "--",
-                "bash", "-c", machine.secrets_data[service]["generator"]
+                "bash", "-c", machine.secrets_data[service]["generator"]["finalScript"]
             ],
         )
         # fmt: on