From e2292de44def7026fba014e77a59fe83795f63f4 Mon Sep 17 00:00:00 2001
From: ibizaman <ibizapeanut@gmail.com>
Date: Mon, 11 Dec 2023 12:35:16 -0800
Subject: [PATCH] can avoid hardcoding secret now

---
 modules/services/jellyfin.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/services/jellyfin.nix b/modules/services/jellyfin.nix
index 508c513..e1f5599 100644
--- a/modules/services/jellyfin.nix
+++ b/modules/services/jellyfin.nix
@@ -372,7 +372,7 @@ in
       {
         id = cfg.oidcClientID;
         description = "Jellyfin";
-        secret = "jbmVCAZluESWbOvbKQtHhjwcuaNjlMVaidMbJGKaHXHPOmwilCWYBFAQtrnohJzIhbuhWTBwhbDKLmdtyrLXeankWgXNspWCmJxzayHiHRvOPDbcsnquYReI";
+        secretFile = config.sops.secrets."jellyfin/sso_secret".path;
         public = "false";
         authorization_policy = "one_factor";
         redirect_uris = [ "https://${cfg.subdomain}.${cfg.domain}/sso/OID/r/${cfg.oidcProvider}" ];