diff options
author | Florian Klink <flokli@flokli.de> | 2019-09-07 12:52:44 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-09-07 12:52:44 -0700 |
commit | 2f3b9cd52cf501c81bc92d2ea5c65547198defa9 (patch) | |
tree | 5c5dda422cbeb84c7aa5cdb91c257459bd7a3496 /nixos/tests/gitlab.nix | |
parent | 493e51deadfd6f27e6fc3c6949c5e9a048fde5d6 (diff) | |
parent | 240649a5100fcb5ea6f18bc5bc87acc3ce216646 (diff) | |
download | nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.tar nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.tar.gz nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.tar.bz2 nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.tar.lz nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.tar.xz nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.tar.zst nixpkgs-2f3b9cd52cf501c81bc92d2ea5c65547198defa9.zip |
Merge pull request #66274 from talyz/gitlab
nixos/gitlab: Add support for secure secrets and more
Diffstat (limited to 'nixos/tests/gitlab.nix')
-rw-r--r-- | nixos/tests/gitlab.nix | 42 |
1 files changed, 6 insertions, 36 deletions
diff --git a/nixos/tests/gitlab.nix b/nixos/tests/gitlab.nix index 29978824870..be0b3c8746a 100644 --- a/nixos/tests/gitlab.nix +++ b/nixos/tests/gitlab.nix @@ -29,44 +29,14 @@ import ./make-test.nix ({ pkgs, lib, ...} : with lib; { services.gitlab = { enable = true; - databasePassword = "dbPassword"; - inherit initialRootPassword; + databasePasswordFile = pkgs.writeText "dbPassword" "xo0daiF4"; + initialRootPasswordFile = pkgs.writeText "rootPassword" initialRootPassword; smtp.enable = true; secrets = { - secret = "secret"; - otp = "otpsecret"; - db = "dbsecret"; - - # nix-shell -p openssl --run "openssl genrsa 2048" - jws = '' - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA13/qEio76OWUtWO0WIz9lWnsTWOU8Esv4sQHDq9PCEFsLt21 - PAXrlWhLjjWcxGfsrDwnh7YErGHYL62BMSxMdFJolaknlQK/O/V8UETDe45VoHM+ - Znk270RfUcfYFgiihnXUZXVmL0om9TsQSk646wCcjCY9LxtxUyKNhvT7KjgYw2aX - z34aw7M+Js3T2p1TjZPSC82GtmtKkJEKFMi5EjprLTDE7EdcUzr9Xuw+kQ+gRm9k - 7FE+JQqSoprwE3Q0v2OAn3UhLMgg0gNFRnsc5l6IAshDzV+H22RPqKKlJjVjjfPY - 0TQSvYLVApigHbDPH0BoCXfjFfQazbbP3OUHrwIDAQABAoIBAQCMU+tkcMQaYIV5 - qLdjgkwO467QpivyXcOM8wF1eosIYTHFQvIlZ+WEoSmyLQ8shlADyBgls01Pw1c3 - lNAv6RzQEmmwKzpvOh61OKH+0whIiOMRXHoh2IUBQZCgfHYlwvGyhUAN4WjtGmhM - AG4XNTQNM5S9Xpkw97nP3Qwz+YskbbkrfqtCEVy9ro+4nhbjqPsuO3adbnkva4zR - cyurRhrHgHU6LPjn5NHnHH4qw2faY2oAsL8pmpkTbO5IqWDvOcbjNfjVPgVoq26O - bbaa1qs4nmc80qQgMjRPJef535xyf3eLsSlDvpf6O8sPrJzVR1zaqEqixpQCZDac - +kRiSBrhAoGBAOwHiq0PuyJh6VzBu7ybqX6+gF/wA4Jkwzx6mbfaBgurvU1aospp - kisIonAkxSbxllZMnjbkShZEdATYKeT9o5NEhnU4YnHfc5bJZbiWOZAzYGLcY7g8 - vDQ31pBItyY4pFgPbSpNlbUvUsoPVJ45RasRADDTNCzMzdjFQQXst2V9AoGBAOm7 - sSpzYfFPLEAhieAkuhtbsX58Boo46djiKVfzGftfp6F9aHTOfzGORU5jrZ16mSbS - qkkC6BEFrATX2051dzzXC89fWoJYALrsffE5I3KlKXsCAWSnCP1MMxOfH+Ls61Mr - 7pK/LKfvJt53mUH4jIdbmmFUDwbg18oBEH+x9PmbAoGAS/+JqXu9N67rIxDGUE6W - 3tacI0f2+U9Uhe67/DTZaXyc8YFTlXU0uWKIWy+bw5RaYeM9tlL/f/f+m2i25KK+ - vrZ7zNag7CWU5GJovGyykDnauTpZaYM03mN0VPT08/uc/zXIYqyknbhlIeaZynCK - fDB3LUF0NVCknz20WCIGU0kCgYEAkxY0ZXx61Dp4pFr2wwEZxQGs7uXpz64FKyEX - 12r6nMATY4Lh6y/Px0W6w5vis8lk+5Ny6cNUevHQ0LNuJS+yu6ywl+1vrbrnqroM - f3LvpcPeGLSoX8jl1VDQi7aFgG6LoKly1xJLbdsH4NPutB9PgBbbTghx9GgmI88L - rPA2M6UCgYBOmkYJocNgxg6B1/n4Tb9fN1Q/XuJrFDE6NxVUoke+IIyMPRH7FC3m - VMYzu+b7zTVJjaBb1cmJemxl/xajziWDofJYPefhdbOVU7HXtmJFY0IG3pVxU1zW - 3bmDj5QAtCUDpuuNa6GEIT0YR4+D/V7o3DmlZ0tVIwKJmVJoQ2f5dw== - -----END RSA PRIVATE KEY----- - ''; + secretFile = pkgs.writeText "secret" "Aig5zaic"; + otpFile = pkgs.writeText "otpsecret" "Riew9mue"; + dbFile = pkgs.writeText "dbsecret" "we2quaeZ"; + jwsFile = pkgs.runCommand "oidcKeyBase" {} "${pkgs.openssl}/bin/openssl genrsa 2048 > $out"; }; }; }; |