added grafana oauth
This commit is contained in:
kisfenyo
@@ -470,8 +470,34 @@ spec:
|
|||||||
key: admin-password
|
key: admin-password
|
||||||
- name: GF_SERVER_ROOT_URL
|
- name: GF_SERVER_ROOT_URL
|
||||||
value: "https://grafana.dooplex.hu"
|
value: "https://grafana.dooplex.hu"
|
||||||
- name: GF_INSTALL_PLUGINS
|
- name: GF_AUTH_GENERIC_OAUTH_ENABLED
|
||||||
value: "grafana-piechart-panel,grafana-clock-panel"
|
value: "true"
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_NAME
|
||||||
|
value: "authentik"
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: grafana-oauth
|
||||||
|
key: client-id
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: grafana-oauth
|
||||||
|
key: client-secret
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_SCOPES
|
||||||
|
value: "openid profile email"
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_AUTH_URL
|
||||||
|
value: "https://authentik.dooplex.hu/application/o/authorize/"
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_TOKEN_URL
|
||||||
|
value: "https://authentik.dooplex.hu/application/o/token/"
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_API_URL
|
||||||
|
value: "https://authentik.dooplex.hu/application/o/userinfo/"
|
||||||
|
- name: GF_AUTH_SIGNOUT_REDIRECT_URL
|
||||||
|
value: "https://authentik.dooplex.hu/application/o/grafana/end-session/"
|
||||||
|
- name: GF_AUTH_OAUTH_AUTO_LOGIN
|
||||||
|
value: "true"
|
||||||
|
- name: GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH
|
||||||
|
value: "contains(groups[*], 'Grafana Admins') && 'Admin' || 'Viewer'"
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /api/health
|
path: /api/health
|
||||||
@@ -496,8 +522,6 @@ spec:
|
|||||||
mountPath: /var/lib/grafana
|
mountPath: /var/lib/grafana
|
||||||
- name: datasources
|
- name: datasources
|
||||||
mountPath: /etc/grafana/provisioning/datasources
|
mountPath: /etc/grafana/provisioning/datasources
|
||||||
- name: dashboards-config
|
|
||||||
mountPath: /etc/grafana/provisioning/dashboards
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: data
|
- name: data
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
@@ -505,10 +529,6 @@ spec:
|
|||||||
- name: datasources
|
- name: datasources
|
||||||
configMap:
|
configMap:
|
||||||
name: grafana-datasources
|
name: grafana-datasources
|
||||||
- name: dashboards-config
|
|
||||||
configMap:
|
|
||||||
name: grafana-dashboards-config
|
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
|
|||||||
Reference in New Issue
Block a user