Add oauth to grafana

2025-05-08 07:41:28 +03:00 · 2025-05-08 07:41:28 +03:00 · 3e8284ac63
commit 3e8284ac63
parent d9adcf3bdf
1 changed files with 19 additions and 0 deletions
--- a/charts/grafana/my-values/values-int.yaml
+++ b/charts/grafana/my-values/values-int.yaml
@ -29,3 +29,22 @@ datasources:
        access: proxy
        url: http://prometheus-server
        isDefault: true
+
+grafana.ini:
+  server:
+    root_url: https://grafana-int.dvirlabs.com
+  auth:
+    disable_login_form: true
+    disable_signout_menu: false
+  auth.generic_oauth:
+    enabled: true
+    name: Keycloak
+    allow_sign_up: true
+    client_id: grafana
+    client_secret: Tpec9uA2R6vZ3DgD74WUxN2UoZbwnKJ9
+    scopes: openid profile email
+    auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
+    token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
+    api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
+    role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
+    allow_assign_grafana_admin: true