feat: move some services to other domain

2025-10-10 23:00:39 +02:00 · 2024-03-12 19:40:09 +01:00 · 2024-03-12 19:40:09 +01:00 · dfe0345888
commit dfe0345888
parent fcc159ed12
15 changed files with 31 additions and 38 deletions
--- a/hosts/sire/guests/grafana.nix
+++ b/hosts/sire/guests/grafana.nix
@ -4,7 +4,7 @@
  ...
 }: let
  sentinelCfg = nodes.sentinel.config;
-  grafanaDomain = "grafana.${sentinelCfg.repo.secrets.local.personalDomain}";
+  grafanaDomain = "grafana.${config.repo.secrets.global.domains.me}";
 in {
  meta.wireguard-proxy.sentinel.allowedTCPPorts = [config.services.grafana.settings.server.http_port];

@ -124,7 +124,7 @@ in {
        use_pkce = true;
        # Allow mapping oauth2 roles to server admin
        allow_assign_grafana_admin = true;
-        role_attribute_path = "contains(scopes[*], 'server_admin') && 'GrafanaAdmin' || contains(scopes[*], 'admin') && 'Admin' || contains(scopes[*], 'editor') && 'Editor' || 'Viewer'";
+        role_attribute_path = "contains(groups[*], 'server_admin') && 'GrafanaAdmin' || contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'editor') && 'Editor' || 'Viewer'";
      };
    };