Skip to content

Commit

Permalink
auth: Link authentik to grafana
Browse files Browse the repository at this point in the history
  • Loading branch information
@raimannma
raimannma committed Oct 9, 2024
1 parent abffc74 commit 7543fbe
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .env-example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,3 +26,7 @@ CLICKHOUSE_TCP_PORT=9000
CLICKHOUSE_DB=default
CLICKHOUSE_USER=default
CLICKHOUSE_PASSWORD=

# Authentik Clients
GF_AUTH_GENERIC_OAUTH_CLIENT_ID=
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=
11 changes: 11 additions & 0 deletions monitoring/docker-compose.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,17 @@ services:
LETSENCRYPT_HOST: grafana.devlock.net
GF_SERVER_DOMAIN: grafana.devlock.net
GF_SERVER_ROOT_URL: https://grafana.devlock.net
GF_AUTH_GENERIC_OAUTH_ENABLED: "true"
GF_AUTH_GENERIC_OAUTH_NAME: "authentik"
GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email offline_access"
GF_AUTH_GENERIC_OAUTH_AUTH_URL: "https://auth.devlock.net/application/o/authorize/"
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "https://auth.devlock.net/application/o/token/"
GF_AUTH_GENERIC_OAUTH_API_URL: "https://auth.devlock.net/application/o/userinfo/"
GF_AUTH_SIGNOUT_REDIRECT_URL: "https://auth.devlock.net/application/o/grafana/end-session/"
GF_AUTH_OAUTH_AUTO_LOGIN: "true"
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups, 'Grafana Admins') && 'Admin'\
\ || contains(groups, 'Grafana Editors') && 'Editor' || contains(groups, 'Grafana Viewers')\
\ && 'Viewer' || 'None'"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
interval: 10s
Expand Down

0 comments on commit 7543fbe

Please sign in to comment.