chore: update flake

2026-01-24 15:10:26 +08:00 · 2026-01-24 15:10:26 +08:00 · b4b7997ac5
commit b4b7997ac5
parent 25482857d4
11 changed files with 163 additions and 140 deletions
--- a/system/dev/dn-server/services/mail-server.nix
+++ b/system/dev/dn-server/services/mail-server.nix
@ -18,6 +18,7 @@ in
    "api.docker.com"
    "cdn.segment.com"
    "api.segment.io"
+    "sa-update.surbl.org"
  ];

  mail-server =
--- a/system/dev/dn-server/services/metrics.nix
+++ b/system/dev/dn-server/services/metrics.nix
@ -10,6 +10,7 @@ let
  inherit (lib) optionalAttrs optional;
  inherit (config.networking) hostName domain;

+  oidcEndpoint = "https://${config.services.keycloak.settings.hostname}/realms/master";
  grafanaHostname = "grafana.${domain}";
  prometheusHostname = "metrics.${domain}";

@ -118,13 +119,13 @@ in
      extraSettings = {
        "auth.generic_oauth" =
          let
-            OIDCBaseUrl = "https://keycloak.net.dn/realms/master/protocol/openid-connect";
+            OIDCBaseUrl = "${oidcEndpoint}/protocol/openid-connect";
          in
          {
            enabled = true;
            allow_sign_up = true;
            client_id = "grafana";
-            client_secret = ''$__file{${config.sops.secrets."grafana/client_secret".path}}'';
+            client_secret = "$__file{${config.sops.secrets."grafana/client_secret".path}}";
            scopes = "openid email profile offline_access roles";
            email_attribute_path = "email";
            login_attribute_path = "username";