From ba2f957f393596b4a569d2880a93ddb497163aa4 Mon Sep 17 00:00:00 2001 From: sefidel Date: Tue, 4 Apr 2023 22:18:34 +0900 Subject: feat(services/grafana): use proper secrets --- modules/services/metrics.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules/services/metrics.nix') diff --git a/modules/services/metrics.nix b/modules/services/metrics.nix index 74f7e9a..145d1fe 100644 --- a/modules/services/metrics.nix +++ b/modules/services/metrics.nix @@ -9,6 +9,7 @@ in enable = mkEnableOption "metrics"; domain = mkOption { type = types.str; }; tls.acmeHost = mkOption { type = types.str; default = cfg.domain; }; + secrets.adminPassword = mkOption { type = types.str; description = "path to the admin password"; }; }; config = mkIf cfg.enable { @@ -138,7 +139,7 @@ in settings.server.http_addr = "127.0.0.1"; settings.server.http_port = 2342; settings.server.domain = cfg.domain; - settings.security.admin_password = "supersecurepass"; + settings.security.admin_password = "$__file{${cfg.secrets.adminPassword}}"; }; services.nginx.virtualHosts.${cfg.domain} = { -- cgit 1.4.1