diff options
author | Martin Milata <martin@martinmilata.cz> | 2019-09-22 13:29:03 +0200 |
---|---|---|
committer | Martin Milata <martin@martinmilata.cz> | 2019-09-22 14:33:08 +0200 |
commit | 2adb03fdaea6186299c6ff578bb6814d8f3bb30b (patch) | |
tree | 97d15cd13adcd163063f5ba74d61018916c27097 /nixos/tests/wordpress.nix | |
parent | 6a42202beb2637a9c2f70f2a1e462e9a53c9a496 (diff) | |
download | nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.tar nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.tar.gz nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.tar.bz2 nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.tar.lz nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.tar.xz nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.tar.zst nixpkgs-2adb03fdaea6186299c6ff578bb6814d8f3bb30b.zip |
nixos/wordpress: generate secrets locally
Use /dev/urandom to generate keys and salts instead of downloading them from https://api.wordpress.org/secret-key/1.1/salt/
Diffstat (limited to 'nixos/tests/wordpress.nix')
-rw-r--r-- | nixos/tests/wordpress.nix | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/nixos/tests/wordpress.nix b/nixos/tests/wordpress.nix index 774ef6293b5..c6acfa6c1f3 100644 --- a/nixos/tests/wordpress.nix +++ b/nixos/tests/wordpress.nix @@ -20,12 +20,6 @@ import ./make-test.nix ({ pkgs, ... }: }; networking.hosts."127.0.0.1" = [ "site1.local" "site2.local" ]; - - # required for wordpress-init.service to succeed - systemd.tmpfiles.rules = [ - "F /var/lib/wordpress/site1.local/secret-keys.php 0440 wordpress wwwrun - -" - "F /var/lib/wordpress/site2.local/secret-keys.php 0440 wordpress wwwrun - -" - ]; }; testScript = '' @@ -37,6 +31,11 @@ import ./make-test.nix ({ pkgs, ... }: $machine->succeed("curl -L site1.local | grep 'Welcome to the famous'"); $machine->succeed("curl -L site2.local | grep 'Welcome to the famous'"); + + $machine->succeed("systemctl --no-pager show wordpress-init-site1.local.service | grep 'ExecStart=.*status=0'"); + $machine->succeed("systemctl --no-pager show wordpress-init-site2.local.service | grep 'ExecStart=.*status=0'"); + $machine->succeed("grep -E '^define.*NONCE_SALT.{64,};\$' /var/lib/wordpress/site1.local/secret-keys.php"); + $machine->succeed("grep -E '^define.*NONCE_SALT.{64,};\$' /var/lib/wordpress/site2.local/secret-keys.php"); ''; }) |