Fix: Update Grafana OAuth2 client configuration for improved authentication

apps/monitoring/grafana/values.yaml

@@ -1,9 +1,5 @@
 grafana:
 
-  adminUser: admin
-  adminPassword: changeme  # TODO: Use secret management
-
-  # Disable local persistence - using PostgreSQL database
   persistence:
     enabled: false
 
@@ -20,8 +16,6 @@ grafana:
       mountPath: /secrets/my-db
       readOnly: true
 
-  envFromSecret: authentik-client-secret-grafana
-
   datasources:
     datasources.yaml:
       apiVersion: 1
@@ -108,13 +102,15 @@ grafana:
     auth.generic_oauth:
       enabled: true
       name: Authentik
-      client_id: "$__from_env{GF_AUTH_GENERIC_OAUTH_CLIENT_ID}"
-      scopes: openid profile email
-      auth_url: https://auth.noxxos.nl/application/o/authorize/
-      token_url: https://auth.noxxos.nl/application/o/token/
-      api_url: https://auth.noxxos.nl/application/o/userinfo/
-      role_attribute_path: contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
+      client_id: 0pmpT3FgXys01i0LovzVQdJPZ6nBD6ev6C8mJcKl
+      client_secret: Dl9RB84iba62VpL/ybD+plyu7Nt+7rv/S4gIwVFsG2c=
+      scopes: openid profile email groups
+      auth_url: https://sso.noxxos.nl/application/o/authorize/
+      token_url: https://sso.noxxos.nl/application/o/token/
+      api_url: https://sso.noxxos.nl/application/o/userinfo/
+      role_attribute_path: contains(groups[*], 'Admin') && 'GrafanaAdmin' || 'Viewer'
       allow_sign_up: true
+      allow_assign_grafana_admin: true
     
     analytics:
       reporting_enabled: false