From 415991c2b301d77549d0475b41ac104db0d3e5ab Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@private.storage>
Date: Thu, 13 Jan 2022 19:21:00 +0000
Subject: [PATCH] Put unconditional secrets stanza with the other unconditional
 ones

---
 morph/lib/monitoring.nix | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/morph/lib/monitoring.nix b/morph/lib/monitoring.nix
index 18359738..84d6fa56 100644
--- a/morph/lib/monitoring.nix
+++ b/morph/lib/monitoring.nix
@@ -111,6 +111,14 @@ in {
         permissions = "0400";
         action = ["sudo" "systemctl" "restart" "wireguard-monitoringvpn.service"];
         };
+        "grafana-admin-password" = {
+          source = "${privateKeyPath}/grafana-admin.password";
+          destination = "/run/keys/grafana-admin.password";
+          owner.user = config.systemd.services.grafana.serviceConfig.User;
+          owner.group = config.users.users.grafana.group;
+          permissions = "0400";
+          action = ["sudo" "systemctl" "restart" "grafana.service"];
+        };
       }
       (lib.mkIf (cfg.googleOAuthClientID != "") {
         "grafana-google-sso-secret" = {
@@ -122,16 +130,6 @@ in {
           action = ["sudo" "systemctl" "restart" "grafana.service"];
         };
       })
-      {
-        "grafana-admin-password" = {
-          source = "${privateKeyPath}/grafana-admin.password";
-          destination = "/run/keys/grafana-admin.password";
-          owner.user = config.systemd.services.grafana.serviceConfig.User;
-          owner.group = config.users.users.grafana.group;
-          permissions = "0400";
-          action = ["sudo" "systemctl" "restart" "grafana.service"];
-        };
-      }
       (lib.mkIf cfg.enableSlackAlert {
         "grafana-slack-url" = {
           source = "${privateKeyPath}/grafana-slack-url";
-- 
GitLab