From b1108821a9dbc617f02a4437c9300f5b0bdca479 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <mail@tazj.in>
Date: Fri, 10 Dec 2021 15:55:08 +0300
Subject: [PATCH] refactor(ops): Move grafana secret into agenix

Change-Id: Id141758135c796881e91d20b950dae74c40d9ab3
---
 ops/machines/whitby/default.nix |   3 ++-
 ops/secrets/grafana.age         | Bin 0 -> 529 bytes
 ops/secrets/secrets.nix         |   1 +
 3 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 ops/secrets/grafana.age

diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix
index 41b53fa98..88c0aa9d0 100644
--- a/ops/machines/whitby/default.nix
+++ b/ops/machines/whitby/default.nix
@@ -209,6 +209,7 @@ in {
     in {
       clbot.file = secretFile "clbot";
       gerrit-queue.file = secretFile "gerrit-queue";
+      grafana.file = secretFile "grafana";
       irccat.file = secretFile "irccat";
       owothia.file = secretFile "owothia";
 
@@ -517,7 +518,7 @@ in {
     };
   };
   # Contains GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET.
-  systemd.services.grafana.serviceConfig.EnvironmentFile = "/etc/secrets/grafana";
+  systemd.services.grafana.serviceConfig.EnvironmentFile = "/run/agenix/grafana";
 
   security.sudo.extraRules = [
     {
diff --git a/ops/secrets/grafana.age b/ops/secrets/grafana.age
new file mode 100644
index 0000000000000000000000000000000000000000..197fe9485607622527ca8ae4fa891fd3211ddcd0
GIT binary patch
literal 529
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSnNiI(GDOWHEa;<cA
zPtH&G%Pw|zG%ZL@%`0#zb1QbwjPTD5H8LtpO}6mY&+tmF3gvQ1w8#$d)A#Xr^fgNj
zu8b%Q^@%VpG4RbO^(b^T^VW{?w#ZE^&<@N?c15?%Kij>~Ctaa5uh2Ustgy1g#m6}*
zF-bowB0MS8IjXWGD978x!XUlKEX*g-%qzJv(}XKG%)=uh%h220I4ICD%EUFtDI>}^
z&?3Y;x40_R#63$tEXgUt$IUy*&=+KzvYBy?M`4+6dQoa(ajJq<j&-U>rjkOkN40~O
z4wr>_V0nZ=l375QN0~uElBbbhguZ!Jicv_WexbjwQ)qILpObl^w|+{co27S(r>SE`
zg_(=Fp|QD(L7{QFyEj*mrB{)Uv1@K|xl5jVZbY!DX+(I2c~GU7f2oscq@Q<jURrUm
zZzz|puC9Vpx?`!fpJ7m{yJbd^eo9GRUYTpKtD$RHp=Xk1RGy`YTUBtSr-_?spb6J8
z{l(Xo%qsu9I$iX%{>HuD|FX4r#wR9DmYJ|7Nzvv%_j{I3%^QWCAHKP0eqVe=bkzc_
z`ctNxMHXi9aC4lUmox4B@)f*he;7;@gf+Q0NJVTrQD!=yRl&!wFI*tv!c`U93f-%#
FqXA${v{e8A

literal 0
HcmV?d00001

diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix
index 75cc80cc9..66176c3b9 100644
--- a/ops/secrets/secrets.nix
+++ b/ops/secrets/secrets.nix
@@ -17,6 +17,7 @@ in {
   "clbot-ssh.age" = default;
   "clbot.age" = default;
   "gerrit-queue.age" = default;
+  "grafana.age" = default;
   "irccat.age" = default;
   "owothia.age" = default;
 }