I create a configuration module for nixos to provision grafana.
There we want to seperate secrets from configuration and therefore have the option
to load secrets from external files at service startup.
I stumbled over secret_key,
where it says:
Used for signing some datasource settings like secrets and passwords. Cannot be changed without requiring an update to datasource settings to re-encode them.
What does signing mean? What does this protect against?