nixos/prometheus-exporters/fastly: fix secret handling

The exporter expects the token as an environment variable, not a path
to the file containing the token.

nixos/modules/services/monitoring/prometheus/exporters/fastly.nix

@@ -31,18 +31,17 @@ in
       '';
     };
 
-    tokenPath = mkOption {
+    environmentFile = mkOption {
       type = path;
       description = ''
-        A run-time path to the token file, which is supposed to be provisioned
+        An environment file containg at least the FASTLY_API_TOKEN= environment
-        outside of Nix store.
+        variable.
       '';
     };
   };
   serviceOpts = {
     serviceConfig = {
-      LoadCredential = "fastly-api-token:${cfg.tokenPath}";
+      EnvironmentFile = cfg.environmentFile;
-      Environment = [ "FASTLY_API_TOKEN=%d/fastly-api-token" ];
       ExecStart = escapeSystemdExecArgs (
         [
           (getExe pkgs.prometheus-fastly-exporter)

nixos/tests/prometheus-exporters.nix

@@ -399,7 +399,7 @@ let
     fastly = {
       exporterConfig = {
         enable = true;
-        tokenPath = pkgs.writeText "token" "abc123";
+        environmentFile = pkgs.writeText "fastly-exporter-env" "FASTLY_API_TOKEN=abc123";
       };
 
       exporterTest = ''