tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity

nextcloud and sops-nix

Browse source
This commit is contained in:
Tristan 2024-02-22 17:16:38 +00:00
parent a49f3d34ab
commit c32ab6ba1f
10 changed files with 175 additions and 119 deletions
Download patch file Download diff file Expand all files Collapse all files

7
nixos/services/grafana.nix
View file

@ -1,9 +1,8 @@
{config, ...}: let
cfg = config.services.grafana;
secrets = config.age.secrets;
secrets = config.sops.secrets;
in {
age.secrets.grafana_oidc_client_secret = {
file = ../../secrets/grafana/oidc/client_secret.age;
sops.secrets."grafana/oidc_client_secret" = {
owner = "grafana";
};
services.grafana = {
@ -16,7 +15,7 @@ in {
enabled = true;
name = "authentik";
client_id = "TNMLGFxpovO0jPptxD0nYmjnuytXd1MphjFS20uE";
client_secret = "$__file{${secrets.grafana_oidc_client_secret.path}}";
client_secret = "$__file{${secrets."grafana/oidc_client_secret".path}}";
scopes = toString ["openid" "profile" "email"];
auth_url = "https://auth.tristans.cloud/application/o/authorize/";
token_url = "https://auth.tristans.cloud/application/o/token/";