6 changed files with 19 additions and 29 deletions
--- a/flake.nix
+++ b/flake.nix
@ -17,7 +17,6 @@
          ./infra/flake-part.nix
          ./keys/flake-part.nix
          ./secrets/flake-part.nix
          ./services/tests/flake-part.nix
        ];
        perSystem =
--- a/services/default.nix
+++ b/services/default.nix
@ -0,0 +1,13 @@
 {
  system ? builtins.currentSystem,
  sources ? import ../npins,
  pkgs ? import sources.nixpkgs { inherit system; },
  ...
 }:
 {
  tests = {
    mastodon = pkgs.nixosTest ./tests/mastodon.nix;
    pixelfed-garage = pkgs.nixosTest ./tests/pixelfed-garage.nix;
    peertube = pkgs.nixosTest ./tests/peertube.nix;
  };
 }
--- a/services/fediversity/default.nix
+++ b/services/fediversity/default.nix
@ -49,7 +49,7 @@ in
              displayName = mkOption {
                type = types.str;
                description = "Name of the initial user, for humans";
-                default = config.fediversity.temp.initialUser.username;
+                default = config.fediversity.temp.initialUser.name;
              };
              email = mkOption {
                type = types.str;
--- a/services/tests/flake-part.nix
+++ b/services/tests/flake-part.nix
@ -1,14 +0,0 @@
 { ... }:
 {
  _class = "flake";
  perSystem =
    { pkgs, ... }:
    {
      checks = {
        test-mastodon-service = pkgs.testers.runNixOSTest ./mastodon.nix;
        test-pixelfed-garage-service = pkgs.testers.runNixOSTest ./pixelfed-garage.nix;
        test-peertube-service = pkgs.testers.runNixOSTest ./peertube.nix;
      };
    };
 }
--- a/services/tests/mastodon.nix
+++ b/services/tests/mastodon.nix
@ -6,7 +6,7 @@
 { pkgs, ... }:
 let
-  inherit (pkgs) lib writeText;
+  lib = pkgs.lib;
  ## FIXME: this binding was not used, but maybe we want a side-effect or something?
  # rebuildableTest = import ./rebuildableTest.nix pkgs;
@ -69,17 +69,9 @@ in
          expect
        ];
        environment.variables = {
-          AWS_ACCESS_KEY_ID = "$(cat ${config.fediversity.mastodon.s3AccessKeyFile})";
+          AWS_ACCESS_KEY_ID = config.fediversity.garage.ensureKeys.mastodon.id;
-          AWS_SECRET_ACCESS_KEY = "$(cat ${config.fediversity.mastodon.s3SecretKeyFile})";
+          AWS_SECRET_ACCESS_KEY = config.fediversity.garage.ensureKeys.mastodon.secret;
        };
        services.mastodon.extraEnvFiles = [
          # generate as: cd ${pkgs.mastodon}; IGNORE_ALREADY_SET_SECRETS=true RAILS_ENV=development ${pkgs.mastodon}/bin/rails db:encryption:init
          (writeText "rest" ''
            ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=naGoEzeyjUmwIlmgZZmGQDWJrlWud5eX
            ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=A0tE1VJ7S3cjaOQ58mNkhrVFY7o5NKDB
            ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=tGHhd5Os7hLxa8QTzWwjyVLrvsj5VsCw
          '')
        ];
      };
  };
--- a/services/tests/pixelfed-garage.nix
+++ b/services/tests/pixelfed-garage.nix
@ -161,8 +161,8 @@ in
        ];
        environment.variables = {
          POST_MEDIA = ./fediversity.png;
-          AWS_ACCESS_KEY_ID = "$(cat ${config.fediversity.pixelfed.s3AccessKeyFile})";
+          AWS_ACCESS_KEY_ID = config.fediversity.garage.ensureKeys.pixelfed.id;
-          AWS_SECRET_ACCESS_KEY = "$(cat ${config.fediversity.pixelfed.s3SecretKeyFile})";
+          AWS_SECRET_ACCESS_KEY = config.fediversity.garage.ensureKeys.pixelfed.secret;
          ## without this we get frivolous errors in the logs
          MC_REGION = "garage";
        };