feat: generate caddy basic auth passwords using agenix-rekey

hosts/ward/default.nix

@@ -2,6 +2,7 @@
   config,
   nodes,
   nixos-hardware,
+  nodeName,
   pkgs,
   ...
 }: let
@@ -100,6 +101,7 @@ in {
 
     age.secrets.loki-basic-auth-password = {
       rekeyFile = ./secrets/loki-basic-auth-password.age;
+      generator = "alnum";
       mode = "440";
       group = "grafana";
     };
@@ -165,7 +167,7 @@ in {
             url = "https://${lokiDomain}";
             orgId = 1;
             basicAuth = true;
-            basicAuthUser = "iB6UEjt4so4xWqei";
+            basicAuthUser = nodeName;
             secureJsonData.basicAuthPassword = "$__file{${config.age.secrets.loki-basic-auth-password.path}}";
           }
         ];

hosts/ward/promtail.nix

@@ -11,9 +11,7 @@
 in {
   age.secrets.loki-basic-auth-password = {
     rekeyFile = ./secrets/loki-basic-auth-password.age;
-    file = ./aaa;
-    #file = ./aaa;
-    #generate = "alnum48";
+    generator = "alnum";
     mode = "440";
     group = "promtail";
   };
@@ -35,9 +33,7 @@ in {
 
       clients = [
         {
-          #basic_auth.username = nodeName;
-          #basic_auth.password_file = config.age.random-secrets.loki-basic-auth-password.path;
-          basic_auth.username = "iB6UEjt4so4xWqei";
+          basicAuthUser = nodeName;
           basic_auth.password_file = config.age.secrets.loki-basic-auth-password.path;
           url = "https://${lokiDomain}/loki/api/v1/push";
         }