remove unused acme node for data model tests (#540)

Reviewed-on: fediversity/fediversity#540

deployment/check/common/nixosTest.nix

@@ -80,41 +80,44 @@ in
 
     acmeNodeIP = config.nodes.acme.networking.primaryIPAddress;
 
-    nodes =
+    nodes = lib.mkMerge [
       {
-        deployer = {
+        deployer = lib.mkMerge [
-          imports = [ ./deployerNode.nix ];
+          {
-          _module.args = { inherit inputs sources; };
+            imports = [ ./deployerNode.nix ];
-          enableAcme = config.enableAcme;
+            _module.args = { inherit inputs sources; };
-          acmeNodeIP = config.nodes.acme.networking.primaryIPAddress;
+            enableAcme = config.enableAcme;
-        };
+          }
+          (lib.mkIf config.enableAcme {
+            acmeNodeIP = config.nodes.acme.networking.primaryIPAddress;
+            security.acme = {
+              acceptTerms = true;
+              defaults.email = "test@test.com";
+              defaults.server = "https://acme.test/dir";
+            };
+            security.pki.certificateFiles = [
+              (import "${inputs.nixpkgs}/nixos/tests/common/acme/server/snakeoil-certs.nix").ca.cert
+            ];
+            networking.extraHosts = "${config.acmeNodeIP} acme.test";
+          })
+        ];
       }
-
+      (lib.mkIf config.enableAcme {
-      //
+        acme = {
-
+          ## FIXME: This makes `nodes.acme` into a local resolver. Maybe this will
-        (
+          ## break things once we play with DNS?
-          if config.enableAcme then
+          imports = [ "${inputs.nixpkgs}/nixos/tests/common/acme/server" ];
-            {
+          ## We aren't testing ACME - we just want certificates.
-              acme = {
+          systemd.services.pebble.environment.PEBBLE_VA_ALWAYS_VALID = "1";
-                ## FIXME: This makes `nodes.acme` into a local resolver. Maybe this will
+        };
-                ## break things once we play with DNS?
+      })
-                imports = [ "${inputs.nixpkgs}/nixos/tests/common/acme/server" ];
+      (genAttrs config.targetMachines (_: {
-                ## We aren't testing ACME - we just want certificates.
+        imports = [ ./targetNode.nix ];
-                systemd.services.pebble.environment.PEBBLE_VA_ALWAYS_VALID = "1";
+        _module.args = { inherit inputs sources; };
-              };
+        enableAcme = config.enableAcme;
-            }
+        acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null;
-          else
+      }))
-            { }
+    ];
-        )
-
-      //
-
-        genAttrs config.targetMachines (_: {
-          imports = [ ./targetNode.nix ];
-          _module.args = { inherit inputs sources; };
-          enableAcme = config.enableAcme;
-          acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null;
-        });
 
     testScript = ''
       ${forConcat (attrNames config.nodes) (n: ''

deployment/check/data-model-nixops4/constants.nix

@@ -4,6 +4,5 @@
   ];
   pathToRoot = ../../..;
   pathFromRoot = ./.;
-  enableAcme = true;
   useFlake = true;
 }

deployment/check/data-model-nixops4/default.nix

@@ -16,7 +16,6 @@ runNixOSTest {
     targetMachines
     pathToRoot
     pathFromRoot
-    enableAcme
     useFlake
     ;
 }

deployment/check/data-model-ssh/constants.nix

@@ -8,5 +8,4 @@
     name = "root";
   };
   pathFromRoot = "/deployment/check/data-model-ssh";
-  enableAcme = true;
 }

deployment/check/data-model-ssh/default.nix

@@ -16,6 +16,5 @@ runNixOSTest {
     targetMachines
     pathToRoot
     pathFromRoot
-    enableAcme
     ;
 }

deployment/check/data-model-tf/constants.nix

@@ -7,5 +7,4 @@
     name = "root";
   };
   pathFromRoot = "/deployment/check/data-model-tf";
-  enableAcme = true;
 }

deployment/check/data-model-tf/default.nix

@@ -46,6 +46,5 @@ pkgs.testers.runNixOSTest {
     targetMachines
     pathToRoot
     pathFromRoot
-    enableAcme
     ;
 }