From 9b78e5f35d209754bd539a7f026ab6d3ada2d67d Mon Sep 17 00:00:00 2001
From: "EEva (JPotier)" <jpo.contributes.to.nixos@marvid.fr>
Date: Mon, 4 Nov 2019 19:08:57 +0200
Subject: [PATCH 1/2] vault: fix config when file backend is used

When the option services.vault.storageBackend is set to "file", a
systemd.tmpfiles.rules was added, with extraneous []. These are not
needed and have been removed.
---
 nixos/modules/services/security/vault.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/services/security/vault.nix b/nixos/modules/services/security/vault.nix
index d5962ba9af9..b0ab8fadcbe 100644
--- a/nixos/modules/services/security/vault.nix
+++ b/nixos/modules/services/security/vault.nix
@@ -119,9 +119,8 @@ in
     };
     users.groups.vault.gid = config.ids.gids.vault;
 
-    systemd.tmpfiles.rules = optional (cfg.storagePath != null) [
-      "d '${cfg.storagePath}' 0700 vault vault - -"
-    ];
+    systemd.tmpfiles.rules = optional (cfg.storagePath != null)
+      "d '${cfg.storagePath}' 0700 vault vault - -";
 
     systemd.services.vault = {
       description = "Vault server daemon";

From 5fecc35bb2ef82e118e023779bf1f38491234e92 Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Tue, 5 Nov 2019 16:57:08 +0100
Subject: [PATCH 2/2] nixos/vault: convert test to python

---
 nixos/tests/vault.nix | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/nixos/tests/vault.nix b/nixos/tests/vault.nix
index caf0cbb2abf..ac8cf0703da 100644
--- a/nixos/tests/vault.nix
+++ b/nixos/tests/vault.nix
@@ -1,4 +1,4 @@
-import ./make-test.nix ({ pkgs, ... }:
+import ./make-test-python.nix ({ pkgs, ... }:
 {
   name = "vault";
   meta = with pkgs.stdenv.lib.maintainers; {
@@ -12,12 +12,12 @@ import ./make-test.nix ({ pkgs, ... }:
 
   testScript =
     ''
-      startAll;
+      start_all()
 
-      $machine->waitForUnit('multi-user.target');
-      $machine->waitForUnit('vault.service');
-      $machine->waitForOpenPort(8200);
-      $machine->succeed('vault operator init');
-      $machine->succeed('vault status | grep Sealed | grep true');
+      machine.wait_for_unit("multi-user.target")
+      machine.wait_for_unit("vault.service")
+      machine.wait_for_open_port(8200)
+      machine.succeed("vault operator init")
+      machine.succeed("vault status | grep Sealed | grep true")
     '';
 })