about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--ops/machines/whitby/default.nix10
-rw-r--r--ops/secrets/grafana.age26
2 files changed, 18 insertions, 18 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix
index 727859542938..e013c56196f5 100644
--- a/ops/machines/whitby/default.nix
+++ b/ops/machines/whitby/default.nix
@@ -500,15 +500,15 @@ in {
         auth = {
           generic_oauth = {
             enabled = true;
-            client_id = "OAUTH-TVL-grafana-f1A1EmHLDT";
+            client_id = "grafana";
             scopes = "openid profile email";
             name = "TVL";
             email_attribute_path = "mail";
             login_attribute_path = "sub";
             name_attribute_path = "displayName";
-            auth_url = "https://login.tvl.fyi/oidc/authorize";
-            token_url = "https://login.tvl.fyi/oidc/accessToken";
-            api_url = "https://login.tvl.fyi/oidc/profile";
+            auth_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/auth";
+            token_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/token";
+            api_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/userinfo";
 
             # Give lukegb, grfn, tazjin "Admin" rights.
             role_attribute_path = "((sub == 'lukegb' || sub == 'grfn' || sub == 'tazjin') && 'Admin') || 'Editor'";
@@ -516,11 +516,13 @@ in {
             # Allow creating new Grafana accounts from OAuth accounts.
             allow_sign_up = true;
           };
+
           anonymous = {
             enabled = true;
             org_name = "The Virus Lounge";
             org_role = "Viewer";
           };
+
           basic.enabled = false;
           oauth_auto_login = true;
           disable_login_form = true;
diff --git a/ops/secrets/grafana.age b/ops/secrets/grafana.age
index 9c093968471c..ad503dc32a8f 100644
--- a/ops/secrets/grafana.age
+++ b/ops/secrets/grafana.age
@@ -1,15 +1,13 @@
 age-encryption.org/v1
--> ssh-ed25519 dcsaLw TjDj+2FT4468X7jin78UPetVsZRmDtwU7HfwAk79Omc
-WLxXI+jaYFuvynK06GaHFs7D3XeYzSjHl6mteiks3uc
--> ssh-ed25519 CpJBgQ Z3y+8U5H0ZTQdIaBgOtLGFst925kTspwJ1z+W/op8wo
-jHuIydmqN1ypCsyPZVbJYuuW6aJiTOe3SoSD7Ju2tMY
--> ssh-ed25519 aXKGcg KttaHGM/1zYMFCfdYFKmWyUpco0mPmKxeX2LpUndm0c
-vLULuYNRGDdvuWf1M9o+Vq9cnk3G/DzYVAcxdZfvcvg
--> ssh-ed25519 OkGqLg Obwnq0537RDZHFT7I+vucuYFk/fKTZYUzccSM/HfNnY
-tSqtWbgt/PebTDK9Od0EWj4mf3gXomtONcj0XBFYQDs
--> [eCG-grease CV
-j5A3qikgyfxFMAcqeheGI8CMNDfhBh399JddXXvziPYB7QBkbeznUdMCX+2wOg/U
-U2rBgA1G84Rlr+2BJXlQ6iLL9xs7/us9vANaiTPiB0Ir4u377HBuCWoDLg
---- ucJ+JohxZBSFnDzNw/pFvlYOZIFWvBxrn+CP9bcEsD0
-rB]0Ujfuabd6
-pWyH\e֯8rCz)ӛu_䌡clw,"ewSvh%8e{7dC'_n
\ No newline at end of file
+-> ssh-ed25519 dcsaLw CrJGrkztUpn+XkED1hn4Clr/oBNrer9J+/fdqDhgx18
+VWENh02k4HTkhDS2F219vrCUVuxXFOCPsCW+8eeZHs4
+-> ssh-ed25519 CpJBgQ 8Lm14o93CEh/aerPtMiStKYtqF/HdgJD05uRRegLgUs
+b0H5XBOe4nepmGzl646Ar0XAazzHAJeTLCCGUVaZyW0
+-> ssh-ed25519 aXKGcg SKWLHNM0WeFJoGlOPbI6v7CebdSK3qAmQ6kMW5YbIz4
+kQD7Oh9mQeCXyXzOc1kVI8ShE0J89TzuZBOboaQn7sE
+-> ssh-ed25519 OkGqLg ablfqKN1GYY3GWGCHGtciRFJwO4e0kbcS75Kaj+elUA
+PQPeRVzV/Yi0lxI7U+lNbCpeatymazj7GjQLhmL4YI8
+-> gse~-grease
+I9X7cHnmfbsnu/4AeVVtTRlbguJDylrAlCOqTOt11Gtg/Ft2fnZZTOmsKo8
+--- 3xk3ls7SR7s394FtfqLwxgUDjTPMjnhLz79ClvIm4pE
+yFzH*M\26I`ko΃&baWvM.jF;ZN*P
_Jc_(Sjd8F
\ No newline at end of file