authentik yay

modules/services/authentik/test.nix

@@ -0,0 +1,30 @@
+{
+  name = "authentik";
+  nodes.machine = {lib, config, pkgs, ...}: {
+    virtualisation = {
+        cores = 3;
+        memorySize = 2048;
+    };
+    xyno.services.authentik = {
+      enable = true;
+      url = "http://[::1]:9000";
+      oauthApps."app1".name = "app1-name";
+      ldapApps."app2".name = "app2-name";
+      proxyApps."app3".name = "app3-name";
+      proxyApps."app3".externalHost = "https://test.example.org";
+    };
+    services.authentik.environmentFile = lib.mkForce "/etc/authentik-env";
+    sops.defaultSopsFile = ../../../secrets/common.yaml;
+    environment.etc."authentik-env".text = ''
+        AUTHENTIK_SECRET_KEY=db6363ba033b111c6835489c5c0aca5ec192c20ee1ea3116a601065c3b118c3d
+        AUTHENTIK_BOOTSTRAP_TOKEN=75c041b7e79aac71ff0a74f7905c9f818ab2f0d21d8618fa5fd753f9e57a02f8
+      '';
+    sops.secrets."authentik/env" = lib.mkForce { sopsFile = ../../../instances/ds9/secrets/authentik.yaml; };
+  };
+  testScript = ''
+      machine.wait_for_unit("authentik-config.service")
+      print(machine.succeed("cat /run/authentik-terraform-config/app1_environment"))
+      machine.wait_for_unit("authentik-proxy.service")
+      machine.wait_for_unit("authentik-ldap.service")
+    '';
+}