From d10351d6337cb506262aa206f1c8b9f6a82998a2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Tue, 7 Nov 2023 19:28:24 +0100
Subject: [PATCH] grafana: fix ldap login when someone changed their mail

---
 hosts/grafana/default.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hosts/grafana/default.nix b/hosts/grafana/default.nix
index 0c8ccf26..c87fea99 100644
--- a/hosts/grafana/default.nix
+++ b/hosts/grafana/default.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, pkgs, ... }:
 
 {
   microvm.mem = 4096;
@@ -57,6 +57,7 @@
           disable_login_form = true; # only allow OAuth
           icon = "signin";
           name = "auth.c3d2.de";
+          oauth_allow_insecure_email_lookup = true;
           oauth_auto_login = true; # redirect automatically to the only oauth provider
           role_attribute_path = "contains(groups[*], 'grafana-admins') && 'Admin'";
           # https://dexidp.io/docs/custom-scopes-claims-clients/