mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

feat: generate caddy basic auth passwords using agenix-rekey

Browse source
This commit is contained in:
oddlama 2023-06-10 00:52:17 +02:00
parent cfb7c88862
commit e61c82ebfc
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
4 changed files with 42 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hosts/ward/default.nix
View file

@ -2,6 +2,7 @@
config,
nodes,
nixos-hardware,
nodeName,
pkgs,
...
}: let
@ -100,6 +101,7 @@ in {
age.secrets.loki-basic-auth-password = {
rekeyFile = ./secrets/loki-basic-auth-password.age;
generator = "alnum";
mode = "440";
group = "grafana";
};
@ -165,7 +167,7 @@ in {
url = "https://${lokiDomain}";
orgId = 1;
basicAuth = true;
basicAuthUser = "iB6UEjt4so4xWqei";
basicAuthUser = nodeName;
secureJsonData.basicAuthPassword = "$__file{${config.age.secrets.loki-basic-auth-password.path}}";
}
];

8
hosts/ward/promtail.nix
View file

@ -11,9 +11,7 @@
in {
age.secrets.loki-basic-auth-password = {
rekeyFile = ./secrets/loki-basic-auth-password.age;
file = ./aaa;
#file = ./aaa;
#generate = "alnum48";
generator = "alnum";
mode = "440";
group = "promtail";
};
@ -35,9 +33,7 @@ in {
clients = [
{
#basic_auth.username = nodeName;
#basic_auth.password_file = config.age.random-secrets.loki-basic-auth-password.path;
basic_auth.username = "iB6UEjt4so4xWqei";
basicAuthUser = nodeName;
basic_auth.password_file = config.age.secrets.loki-basic-auth-password.path;
url = "https://${lokiDomain}/loki/api/v1/push";
}