Henry-Hiles/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

use credentials to fix perms

Browse source
This commit is contained in:
Henry Hiles 2025-10-29 13:51:50 -04:00
commit 382d643573
No known key found for this signature in database
1 changed files with 13 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

15
clients/quadraticserver/stats/grafana.nix
View file

@ -1,5 +1,16 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
secretName = "grafanaSecret";
passwordName = "grafanaPassword";
credentialDirectory = "/run/credentials/grafana.service/";
in
{ {
systemd.services.grafana.serviceConfig.LoadCredential = [
"${secretName}:${config.age.secrets."grafanaSecret.age".path}"
"${passwordName}:${config.age.secrets."grafanaPassword.age".path}"
];
services = services =
let let
domain = "status.federated.nexus"; domain = "status.federated.nexus";
@ -20,10 +31,10 @@
security = { security = {
cookie_secure = true; cookie_secure = true;
secret_key = "$__file{${config.age.secrets."grafanaSecret.age".path}}"; secret_key = "$__file{${credentialDirectory}${secretName}}";
admin_user = "quadradical"; admin_user = "quadradical";
admin_password = "$__file{${config.age.secrets."grafanaPassword.age".path}}"; admin_password = "$__file{${credentialDirectory}${passwordName}}";
}; };
}; };