diff options
author | sefidel <contact@sefidel.net> | 2023-04-04 22:18:34 +0900 |
---|---|---|
committer | sefidel <contact@sefidel.net> | 2023-04-04 22:18:34 +0900 |
commit | ba2f957f393596b4a569d2880a93ddb497163aa4 (patch) | |
tree | 4b2ecfd6702e2b1d75886ac09657540a65d3c0b8 /systems/cobalt | |
parent | ce06f43476863da90dc60dcee606d2b6c5a89a8e (diff) | |
download | infra-ba2f957f393596b4a569d2880a93ddb497163aa4.tar.gz infra-ba2f957f393596b4a569d2880a93ddb497163aa4.zip |
feat(services/grafana): use proper secrets
Diffstat (limited to 'systems/cobalt')
-rw-r--r-- | systems/cobalt/default.nix | 2 | ||||
-rw-r--r-- | systems/cobalt/secrets/secrets.yaml | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/systems/cobalt/default.nix b/systems/cobalt/default.nix index 0a5cfe0..f369fec 100644 --- a/systems/cobalt/default.nix +++ b/systems/cobalt/default.nix @@ -134,6 +134,7 @@ in bsd-finger ]; + sops.secrets.grafana-admin-pass = { owner = "grafana"; }; sops.secrets.acme-envs = { owner = "acme"; }; @@ -154,6 +155,7 @@ in enable = true; domain = "status.exotic.sh"; tls.acmeHost = "exotic.sh"; + secrets.adminPassword = config.sops.secrets.grafana-admin-pass.path; }; services.coredns.enable = false; diff --git a/systems/cobalt/secrets/secrets.yaml b/systems/cobalt/secrets/secrets.yaml index 8e0c0e5..55418aa 100644 --- a/systems/cobalt/secrets/secrets.yaml +++ b/systems/cobalt/secrets/secrets.yaml @@ -8,6 +8,7 @@ turn-secret: ENC[AES256_GCM,data:JA5/BlGwH6yIjYsFZGa8Nm8XVbOBKpre+NFybniOtlmbSx8 openldap-admin-key: ENC[AES256_GCM,data:WBBDPFDW6Q4sJ5+/pK8kAe6iFgJ8gGgi3eCVNvZB,iv:1rnmhu29UGsXLxD9Ptbv7P67EAYgKVk1dlkM6p0L4vA=,tag:yNRrHMI2yT8Oo7qkwxSeUg==,type:str] sefidel-imap-pass: ENC[AES256_GCM,data:rx9hZb+BARs9gB+XLLRMLWDSx67KqkKB1/4nOOtU9i56uagMprFEeDnh8pEaioZbNlqjJRO8kWTBBvWZ,iv:WxKLp0VmwfxVFZt9cnZUbp4wn5WEHubImp8fQy2bXyg=,tag:Vzh0Ntz8iFaSIEf2wjbOKg==,type:str] internal-imap-pass: ENC[AES256_GCM,data:ydjz/NthnJZFLrR1M+p0xEy5xhM8MbPtqE10r0s1DWDFZoyXwRRrIYefFZheW29EjY3VBfr3zWcRIbNm,iv:6hU/dHADbn4pNi0vlJG8BoyQW1ohByINSO6y+nJddfY=,tag:j67D2stmq2A+ulhFIYkZPA==,type:str] +grafana-admin-pass: ENC[AES256_GCM,data:88z+mLcZ5s1u/8LWYcnOOhWTkff8sv1NIhQ=,iv:YdGaKCaq1bCCLsuYIug6NFO2rhqX/Xyt5yQ/hgWOfko=,tag:D+xWcN2bC2Q1Q2mjtpWqLg==,type:str] sops: kms: [] gcp_kms: [] @@ -32,8 +33,8 @@ sops: cUpBZ01CMEFjNnNuWjlYejVKajkwcGMKehqYCZP0zZHDTfJrC/5LYiE/3doa0OiM OKXhOuUX8HF8RfkyiOSMpntxuNX2jSvd9sQRYnHkUvgm793+IuQjrg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-03-27T15:19:33Z" - mac: ENC[AES256_GCM,data:CyVH0paaTqnff98h5CSCas3YYYYAxEtyYdkjyFBfN/Nwfpe3e71O6YwLZgzAZoiaN+1FuF0kls5WmvDNdx95rEC4yvxQACA75iRyP95B5Q9iN9SGGld0Ii8wPY6s0QkJX+OL7mCllH/gC0J2gOpnPxRB9k5v5FXtKHmJtj5kfaI=,iv:ytWBOy2VTWtVlPbrXiHF5BNxbCmQ194x6aeMh1pd7vc=,tag:0J77TO1y8OTXzdODqANkEw==,type:str] + lastmodified: "2023-04-04T12:50:47Z" + mac: ENC[AES256_GCM,data:E7mzoKJ8K+exnMrC4EKkrBhO/pjWHQrWsctI9AFbVu78vHCcB9RLavdubJpHgEzMqSzPW35UylPM8X6cNTXNKtc7peYpMFvSttJxjfKDB1EY/op2gZ8H2XWpirbnY+NT3ty5HEzMZJOgTYFhtXXSnpsolqWhIERtq2SQ8s0OVog=,iv:WRviTHCjNd5u53LUvtV+mQop5MybNTeQF8wvj4EyvLQ=,tag:R6xd/wMaF50xbd9s4lxz4g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 |