...

1 files changed, 9 insertions, 7 deletions

diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index e40342df..a5c60419 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -129,10 +129,10 @@ with lib;
         client_body_temp_path /run/nginx-client-bodies;
       '';
       upstreams.grafana = {
-        servers = { "unix:${config.services.grafana.socket}" = {}; };
+        servers = { "unix:${config.services.grafana.settings.server.socket}" = {}; };
       };
       virtualHosts = {
-        ${config.services.grafana.domain} = {
+        ${config.services.grafana.settings.server.domain} = {
           forceSSL = true;
           sslCertificate = ./selfsigned.crt;
           sslCertificateKey = "/run/credentials/nginx.service/selfsigned.key";
@@ -146,11 +146,13 @@ with lib;
     users.users.nginx.extraGroups = ["grafana"];
     services.grafana = {
       enable = true;
-      analytics.reporting.enable = false;
-      domain = "grafana.vidhar.yggdrasil";
-      security.adminPasswordFile = config.sops.secrets."grafana-admin-password".path;
-      security.secretKeyFile = config.sops.secrets."grafana-secret-key".path;
-      protocol = "socket";
+      settings = {
+        analytics.reporting_enabled = false;
+        server.protocol = "socket";
+        server.domain = "grafana.vidhar.yggdrasil";
+        security.admin_password = "$__file{${config.sops.secrets."grafana-admin-password".path}}";
+        security.secret_key = "$__file{${config.sops.secrets."grafana-secret-key".path}}";
+      };
     };
     sops.secrets."grafana-admin-password" = {
       format = "binary";