commit 9d379dd69447bea03c636e0ddfdf3cbaf0e58578 Author: Alex Date: Wed May 27 19:31:09 2020 +0200 Initial commit diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..38923ad --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,9 @@ +- name: Copy grafana config + template: + follow: yes + src: 'grafana.ini.j2' + dest: '/etc/grafana/grafana.ini' + notify: Run service actions + tags: + - grafana + - vault diff --git a/templates/grafana.ini.j2 b/templates/grafana.ini.j2 new file mode 100644 index 0000000..bdda5e5 --- /dev/null +++ b/templates/grafana.ini.j2 @@ -0,0 +1,75 @@ +## Server +[server] +protocol = 'http' +http_addr = '{{ ansible_ens10.ipv4.address }}' +http_port = '{{ grafana.listen.port }}' +domain = '{{ grafana.listen.domain }}' +root_url = 'https://{{ grafana.listen.domain }}' +enable_gzip = 'false' + +## Database +[database] +type = '{{ grafana.database.type }}' +host = '{{ grafana.database.host }}' +name = '{{ grafana.database.name }}' +user = '{{ grafana.database.user }}' +ssl_mode = "{{ grafana.database.ssl }}" +password = "{{ grafana.database.password }}" + +## Remote cache +[remote_cache] +type = '{{ grafana.cache.type }}' +connstr = '{{ grafana.cache.connstr }}' + +## Security +[security] +cookie_secure = 'true' +cookie_samesite = 'strict' + +## Users +[users] +allow_sign_up = 'false' + +## Anonymous auth +[auth] +disable_login_form = 'false' +oauth_auto_login = 'false' + +[auth.anonymous] +enabled = 'true' +org_name = 'RedXen' +org_role = 'Viewer' + +## LDAP Auth +# [auth.ldap] +# enabled = true +# config_file = /etc/grafana/ldap.toml +# allow_sign_up = true + +## OAuth +{% for entry in grafana.auth.generic_oauth %} +[auth.generic_oauth] +name = '{{ entry.name }}' +enabled = '{{ entry.enabled }}' +allow_sign_up = '{{ entry.allow_sign_up }}' +client_id = '{{ entry.client_id }}' +client_secret = '{{ entry.client_secret }}' +scopes = '{{ entry.scopes }}' +auth_url = '{{ entry.auth_url }}' +token_url = '{{ entry.token_url }}' +api_url = '{{ entry.api_url }}' + +{% endfor %} + +## Session (legacy) +# session_provider = 'redis' +# session_provider_config = 'addr=db_redis:6379,pool_size=100,db=grafana' +# session_cookie_secure = 'true' + +## Snapshots +[snapshots] +external_enabled = 'false' + +## Alpha panels +[panels] +enable_alpha = 'true'