dvirlabs/observability-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add oidc to grafana prod

Browse Source
This commit is contained in:
dvirlabs 2025-05-20 14:19:35 +03:00
parent b647098b3e
commit 61a68953be
1 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
charts/grafana/my-values/values-prod.yaml
View File

@ -1,5 +1,3 @@
# manifests/grafana/values.yaml
adminUser: admin adminUser: admin
adminPassword: admin1234 adminPassword: admin1234
@ -30,4 +28,25 @@ datasources:
type: prometheus type: prometheus
access: proxy access: proxy
url: http://prometheus-server url: http://prometheus-server
isDefault: true isDefault: true
envFromSecret: grafana-oidc-secret
grafana.ini:
server:
root_url: https://grafana.dvirlabs.com
auth:
disable_login_form: true
disable_signout_menu: false
auth.generic_oauth:
enabled: true
name: Keycloak
allow_sign_up: true
client_id: grafana
client_secret: ${client_secret}
scopes: openid profile email
auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
allow_assign_grafana_admin: true