dvirlabs/observability-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add oidc to grafana

Browse Source
This commit is contained in:
dvirlabs 2025-06-26 02:58:59 +03:00
parent db09e40f2d
commit 3aa62cb0a6
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
charts/rancher-monitoring/my-values/values-prod.yaml
View File

@ -27,6 +27,7 @@ grafana:
storageClassName: nfs-client storageClassName: nfs-client
accessModes: ["ReadWriteOnce"] accessModes: ["ReadWriteOnce"]
size: 2Gi size: 2Gi
ingress: ingress:
enabled: true enabled: true
hosts: hosts:
@ -37,3 +38,24 @@ grafana:
- hosts: - hosts:
- grafana.dvirlabs.com - grafana.dvirlabs.com
secretName: tls-grafana secretName: tls-grafana
envFromSecret: grafana-oidc-secret
grafana.ini:
server:
root_url: https://grafana.dvirlabs.com
auth:
disable_login_form: true
disable_signout_menu: false
auth.generic_oauth:
enabled: true
name: Keycloak
allow_sign_up: true
client_id: grafana
client_secret: ${client_secret}
scopes: openid profile email
auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
allow_assign_grafana_admin: true