-
Notifications
You must be signed in to change notification settings - Fork 5
/
grafana.yml
174 lines (155 loc) · 7.21 KB
/
grafana.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
---
- hosts: homelab
vars:
application: grafana
grafana_home_assistant_influxdb_token: !vault |
$ANSIBLE_VAULT;1.1;AES256
32613333613534363730393162633037646336633839363261623837396138373865343666303261
6638653039366334383539633531383463633432613338660a643934316465396263643030376231
63613339376663316234333063336162356635306233346631663138666634633737613534326335
6262656139356636360a376138303161656439653262313365643335666466373631383561386230
36363737356239356261326263643131643565626462663632663539396662336265376132663731
36306165333162363830646432363465653835613937616438666639623662653765333137626632
33626366666236333936666535336164356531313135373230363762303765366538343463326563
65313563613835363566393761383831343265663466363031663235396634633731353839393366
3861
docker_network: "{{ networks.user }}"
handlers:
- name: Restart
community.docker.docker_container:
name: "{{ application }}"
restart: true
comparisons:
'*': ignore
tasks:
- name: Create folders
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "472" # grafana user
group: "{{ common_group }}"
mode: "0771"
loop:
- "{{ config_directory }}/provisioning/dashboards"
- "{{ config_directory }}/provisioning/datasources"
- "{{ config_directory }}/provisioning/plugins"
- "{{ config_directory }}/provisioning/notifiers"
- "{{ config_directory }}/provisioning/alerting"
- "{{ config_directory }}/data"
- name: Create postgres container
ansible.builtin.import_role:
name: postgres
vars:
postgres_version: 16
postgres_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
61306432333966643438373539623339333439633861636437346135333762343634363634393735
6165386163373361316437666665396639393662643163310a383065363865313736386662626564
64366562636666623362303332343334613165663130356334653131653438376335333262393031
3137316638653363620a666232666139663465626230333331333666303439313166376366336133
62663765643363393661613130383565376663623334643436333665666464666466646565373936
6261636238343765663532336233343939623631643866633832
- name: Create Thanos datasource
ansible.builtin.copy:
content: |
apiVersion: 1
datasources:
- name: Thanos Query
type: prometheus
access: proxy
url: http://thanos-query.{{ networks.user.name }}:10902
isDefault: true
jsonData:
prometheusType: Thanos
prometheusVersion: 0.31.1
dest: "{{ config_directory }}/provisioning/datasources/thanos.yml"
owner: "472" # grafana user
group: "{{ common_group }}"
mode: "0740"
notify: Restart
- name: Create Home Assistant Influx DB datasource
ansible.builtin.copy:
content: |
apiVersion: 1
datasources:
- name: Home Assistant InfluxDB
type: influxdb
access: proxy
url: https://home-assistant-influxdb.{{ common_tld }}
jsonData:
version: Flux
organization: home-assistant-org
defaultBucket: home-assistant-bucket
secureJsonData:
token: {{ grafana_home_assistant_influxdb_token }}
dest: "{{ config_directory }}/provisioning/datasources/home-assistant-influxdb.yml"
owner: "472" # grafana user
group: "{{ common_group }}"
mode: "0740"
notify: Restart
- name: Create container
ansible.builtin.include_role:
name: docker_container
vars:
image: grafana/grafana:11.3.0
env:
GF_SERVER_ROOT_URL: "https://grafana.{{ common_tld }}"
GF_SERVER_ENABLE_GZIP: "true"
GF_ANALYTICS_ENABLED: "false"
GF_ANALYTICS_REPORTING_ENABLED: "false"
GF_ANALYTICS_CHECK_FOR_UPDATES: "false"
GF_ANALYTICS_CHECK_FOR_PLUGIN_UPDATES: "false"
GF_ANALYTICS_FEEDBACK_LINKS_ENABLED: "false"
GF_SECURITY_DISABLE_GRAVATAR: "true"
GF_USERS_DEFAULT_LANGUAGE: "{{ common_locale }}"
GF_USERS_AUTO_ASSIGN_ORG_ROLE: Admin
GF_AUTH_GENERIC_OAUTH_ENABLED: "true"
GF_AUTH_GENERIC_OAUTH_NAME: Authelia
GF_AUTH_GENERIC_OAUTH_ICON: signin
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "{{ application }}"
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ ldap_oidc_apps.grafana.secret }}"
GF_AUTH_GENERIC_OAUTH_SCOPES: openid profile email
GF_AUTH_GENERIC_OAUTH_EMPTY_SCOPES: "false"
GF_AUTH_GENERIC_OAUTH_AUTH_URL: "https://authelia.{{ common_tld }}/api/oidc/authorization"
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "https://authelia.{{ common_tld }}/api/oidc/token"
GF_AUTH_GENERIC_OAUTH_API_URL: "https://authelia.{{ common_tld }}/api/oidc/userinfo"
GF_AUTH_SIGNOUT_REDIRECT_URL: "https://authelia.{{ common_tld }}/application/o/{{ application }}/end-session/"
GF_AUTH_GENERIC_OAUTH_LOGIN_ATTRIBUTE_PATH: preferred_username
GF_AUTH_GENERIC_OAUTH_GROUPS_ATTRIBUTE_PATH: groups
GF_AUTH_GENERIC_OAUTH_NAME_ATTRIBUTE_PATH: name
GF_NEWS_NEWS_FEED_ENABLED: "FALSE"
GF_DATE_FORMATS_DEFAULT_TIMEZONE: "{{ common_timezone }}"
GF_DATE_FORMATS_DEFAULT_WEEK_START: "monday"
GF_DATABASE_TYPE: "postgres"
GF_DATABASE_HOST: "{{ _postgres_hostname }}:{{ _postgres_port | string }}"
GF_DATABASE_NAME: "{{ _postgres_database }}"
GF_DATABASE_USER: "{{ _postgres_username }}"
GF_DATABASE_PASSWORD: "{{ _postgres_password }}"
volumes:
- "{{ config_directory }}/data:/var/lib/grafana"
- "{{ config_directory }}/provisioning:/etc/grafana/provisioning"
traefik:
- port: 3000
homepage:
group: Monitoring
weight: 100
description: "Dashboards"
widget:
username: !vault |
$ANSIBLE_VAULT;1.1;AES256
61373333346334636532653337323135333961643536313433653363353762333465313736376662
3466373830343936316232316664666331636336366462630a656130613266646163316261626463
39363536306639333663643937326230343862303338376535373538363466613732653232386532
3833626361323864650a316565613137336633393032626634393234616666613635373464366438
3932
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
35373162613364373165646264323930323362313136313638656365636563383864306636613232
6233343762653465643537653863663235613539373530320a333733393362623961663239666664
30353935373838323331303633633037633061653036363066663265383932616562333065323665
6230306363376636370a636435386363343132636537653839663365373037633738313130343035
39333638383636306362643362663436326462343765396533313335393335396561333663663735
6639373264373637353636393431666636633666656235323565
fields: '["dashboards", "datasources"]'
blackbox:
path: /api/health