From 2697607f915bb19c904919f754e4bec3f152b242 Mon Sep 17 00:00:00 2001
From: Ittihadyya <Ittihadyya@collective-conciousness.monster>
Date: Fri, 20 Dec 2024 16:19:33 +0200
Subject: [PATCH] changed secret owner and formatted files

---
 networking/firewall.mod.nix            |  2 +-
 services/monitoring/grafana.mod.nix    | 26 ++++++++++++++++----------
 services/monitoring/prometheus.mod.nix |  4 ++--
 sops.mod.nix                           |  2 ++
 4 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/networking/firewall.mod.nix b/networking/firewall.mod.nix
index e910880..9a383c6 100644
--- a/networking/firewall.mod.nix
+++ b/networking/firewall.mod.nix
@@ -42,7 +42,7 @@
         interfaces.eth0.allowedTCPPorts = [
           80 # http
           222 # forgejo ssh
-          443 # https 
+          443 # https
           64738 # murmur tcp
         ];
         interfaces.eth0.allowedUDPPorts = [
diff --git a/services/monitoring/grafana.mod.nix b/services/monitoring/grafana.mod.nix
index 9d8dc07..5e87dcf 100644
--- a/services/monitoring/grafana.mod.nix
+++ b/services/monitoring/grafana.mod.nix
@@ -1,15 +1,19 @@
 {
   glucose.modules = [
-    ({config, lib, ...}: {
+    ({
+      config,
+      lib,
+      ...
+    }: {
       services.grafana = {
         enable = true;
         dataDir = "/var/services/grafana";
         # declarativePlugins = null;
 
-        settings =  {
-         # analytics = {};
-         # database = {};
-         # paths = {};
+        settings = {
+          # analytics = {};
+          # database = {};
+          # paths = {};
           security = {
             admin_user = "$__file" + "{${config.sops.secrets.grafana_admin_account.path}}";
             admin_password = "$__file" + "{${config.sops.secrets.grafana_admin_pass.path}}";
@@ -20,16 +24,18 @@
             http_addr = "127.0.0.1";
             http_port = 6700;
           };
-         # smtp = {};
-         # users = {};
+          # smtp = {};
+          # users = {};
         };
 
-        /*provision = {
+        /*
+          provision = {
           alerting = {};
           dashboards = {};
           datasources = {};
-        };*/
+        };
+        */
       };
     })
   ];
-}
\ No newline at end of file
+}
diff --git a/services/monitoring/prometheus.mod.nix b/services/monitoring/prometheus.mod.nix
index e142759..bd595f2 100644
--- a/services/monitoring/prometheus.mod.nix
+++ b/services/monitoring/prometheus.mod.nix
@@ -5,8 +5,8 @@
         enable = true;
         port = 6750;
 
-        enableReload = true;  
+        enableReload = true;
       };
     }
   ];
-}
\ No newline at end of file
+}
diff --git a/sops.mod.nix b/sops.mod.nix
index c9e2f47..c4baf61 100644
--- a/sops.mod.nix
+++ b/sops.mod.nix
@@ -57,6 +57,8 @@
     ({config, ...}: {
       sops.secrets.grafana_admin_pass = {};
       sops.secrets.grafana_admin_account = {};
+      sops.secrets.grafana_admin_account.owner = "grafana";
+      sops.secrets.grafana_admin_pass.owner = "grafana";
     })
     (
       {config, ...}: {