diff --git a/DEPLOYMENT-NOTES.rst b/DEPLOYMENT-NOTES.rst
index 0a7ea52e0bfb20e77f86797ead1778d614a2a720..e48a8b524ebd3218fd3b96e8a182b25886449fb8 100644
--- a/DEPLOYMENT-NOTES.rst
+++ b/DEPLOYMENT-NOTES.rst
@@ -1,6 +1,8 @@
 Deployment notes
 ================
 
+- 2021-10-XX The secret in ``private-keys/grafana-slack-url`` needs to be changed to remove the ``SLACKURL=`` prefix.
+
 - 2021-09-30 `Enable alerting <https://whetstone.privatestorage.io/privatestorage/PrivateStorageio/-/merge_requests/185>`_ needs a secret in ``private-keys/grafana-slack-url`` looking like the template in ``morph/grid/local/private-keys/grafana-slack-url`` and pointing to the secret API endpoint URL saved in `this 1Password entry <https://privatestorage.1password.com/vaults/7flqasy5hhhmlbtp5qozd3j4ga/allitems/cgznskz2oix2tyx5xyntwaos5i>`_ (or create a new secret URL at https://www.slack.com/apps/A0F7XDUAZ).
 
 - 2021-09-07 `Manage access to payment metrics <https://whetstone.privatestorage.io/privatestorage/PrivateStorageio/-/merge_requests/146>`_ requires moving and chown'ing the PaymentServer database on the ``payments`` host::
diff --git a/morph/grid/local/private-keys/grafana-slack-url b/morph/grid/local/private-keys/grafana-slack-url
index cb7dd1aec785a557fef6082a7570bc8c56728f14..0885b7bfe1786d19f845c45d749bafaf12756cb4 100644
--- a/morph/grid/local/private-keys/grafana-slack-url
+++ b/morph/grid/local/private-keys/grafana-slack-url
@@ -1,2 +1,2 @@
-SLACKURL=https://hooks.slack.com/services/x/y/z
+https://hooks.slack.com/services/x/y/z
 
diff --git a/nixos/modules/monitoring/server/grafana.nix b/nixos/modules/monitoring/server/grafana.nix
index 1783782ce7e395f9201dd93e2386f4eed4bf003e..a53718a24430d5bcfa84c7dd2075cf64303f7a2a 100644
--- a/nixos/modules/monitoring/server/grafana.nix
+++ b/nixos/modules/monitoring/server/grafana.nix
@@ -86,12 +86,6 @@ in {
     # Port 80 for ACME ssl retrieval only. 443 for nginx -> grafana.
     networking.firewall.allowedTCPPorts = [ 80 443 ];
 
-    # We pass the secret Slack URL using an environment variable.
-    systemd.services.grafana.serviceConfig.EnvironmentFile =
-      if cfg.enableSlackAlert
-      then [ cfg.grafanaSlackUrlFile ]
-      else [ ];
-
     services.grafana = {
       enable = true;
       domain = cfg.domain;
@@ -157,7 +151,7 @@ in {
             uploadImage = true;
           };
           secure_settings = {
-            url = "$SLACKURL";
+            url = "$__file{${toString cfg.grafanaSlackUrlFile}}";
           };
         }]);
       };