secrets: fix too open permissions
This commit is contained in:
parent
9245fa6797
commit
d1a68a7c13
|
@ -8,7 +8,7 @@
|
||||||
{
|
{
|
||||||
age.secrets.forgejo-actions-runner-token = {
|
age.secrets.forgejo-actions-runner-token = {
|
||||||
file = "${flake.self}/secrets/forgejo-actions-runner-token.age";
|
file = "${flake.self}/secrets/forgejo-actions-runner-token.age";
|
||||||
mode = "644";
|
mode = "440";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Trust docker bridge interface traffic
|
# Trust docker bridge interface traffic
|
||||||
|
|
|
@ -8,18 +8,18 @@
|
||||||
{
|
{
|
||||||
age.secrets.grafana-admin-password = {
|
age.secrets.grafana-admin-password = {
|
||||||
file = "${flake.self}/secrets/grafana-admin-password.age";
|
file = "${flake.self}/secrets/grafana-admin-password.age";
|
||||||
mode = "644";
|
mode = "440";
|
||||||
owner = "grafana";
|
owner = "grafana";
|
||||||
};
|
};
|
||||||
age.secrets.grafana-smtp-password = {
|
age.secrets.grafana-smtp-password = {
|
||||||
file = "${flake.self}/secrets/grafana-smtp-password.age";
|
file = "${flake.self}/secrets/grafana-smtp-password.age";
|
||||||
mode = "644";
|
mode = "440";
|
||||||
owner = "grafana";
|
owner = "grafana";
|
||||||
group = "prometheus";
|
group = "prometheus";
|
||||||
};
|
};
|
||||||
age.secrets.grafana-keycloak-client-secret = {
|
age.secrets.grafana-keycloak-client-secret = {
|
||||||
file = "${flake.self}/secrets/grafana-keycloak-client-secret.age";
|
file = "${flake.self}/secrets/grafana-keycloak-client-secret.age";
|
||||||
mode = "644";
|
mode = "440";
|
||||||
owner = "grafana";
|
owner = "grafana";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue