mastodon: set Active Record env vars

2025-07-14 18:12:23 +02:00
1 changed files with 9 additions and 1 deletions
--- a/services/tests/mastodon.nix
+++ b/services/tests/mastodon.nix
@ -6,7 +6,7 @@
 { pkgs, ... }:

 let
-  lib = pkgs.lib;
+  inherit (pkgs) lib writeText;

  ## FIXME: this binding was not used, but maybe we want a side-effect or something?
  # rebuildableTest = import ./rebuildableTest.nix pkgs;
@ -72,6 +72,14 @@ in
          AWS_ACCESS_KEY_ID = "$(cat ${config.fediversity.mastodon.s3AccessKeyFile})";
          AWS_SECRET_ACCESS_KEY = "$(cat ${config.fediversity.mastodon.s3SecretKeyFile})";
        };
+        services.mastodon.extraEnvFiles = [
+          # generate as: cd ${pkgs.mastodon}; IGNORE_ALREADY_SET_SECRETS=true RAILS_ENV=development ${pkgs.mastodon}/bin/rails db:encryption:init
+          (writeText "rest" ''
+            ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=naGoEzeyjUmwIlmgZZmGQDWJrlWud5eX
+            ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=A0tE1VJ7S3cjaOQ58mNkhrVFY7o5NKDB
+            ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=tGHhd5Os7hLxa8QTzWwjyVLrvsj5VsCw
+          '')
+        ];
      };
  };