can avoid hardcoding secret now

2023-12-11 12:35:16 -08:00 · 2023-12-11 12:35:16 -08:00 · e2292de44d
commit e2292de44d
parent 9a5a10a824
1 changed files with 1 additions and 1 deletions
--- a/modules/services/jellyfin.nix
+++ b/modules/services/jellyfin.nix
@ -372,7 +372,7 @@ in
      {
        id = cfg.oidcClientID;
        description = "Jellyfin";
-        secret = "jbmVCAZluESWbOvbKQtHhjwcuaNjlMVaidMbJGKaHXHPOmwilCWYBFAQtrnohJzIhbuhWTBwhbDKLmdtyrLXeankWgXNspWCmJxzayHiHRvOPDbcsnquYReI";
+        secretFile = config.sops.secrets."jellyfin/sso_secret".path;
        public = "false";
        authorization_policy = "one_factor";
        redirect_uris = [ "https://${cfg.subdomain}.${cfg.domain}/sso/OID/r/${cfg.oidcProvider}" ];