DeveloperDurp/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test auth

Browse Source
This commit is contained in:
DeveloperDurp
2022-11-17 17:33:56 -06:00
parent 15458f0c58
commit a044702345
1 changed files with 11 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
kube-prometheus-stack/values.yaml
View File

@@ -75,20 +75,17 @@ kube-prometheus-stack:
- secretName: grafana-tls - secretName: grafana-tls
hosts: hosts:
- grafana.durp.info - grafana.durp.info
env: grafana.ini:
GF_AUTH_GENERIC_OAUTH_ENABLED: "true" server:
GF_AUTH_GENERIC_OAUTH_NAME: "authentik" root_url: https://grafana.durp.info
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "6a7eadea9bc68f7a59712a0365bd0822de9a6946" auth.generic_oauth:
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "c8105547137367e4fe0ba6b5c022ff322569a0b2ea93c9652b77762eb4a094558f9edf98f81aa7329ad724d569b126ff2e281989ebe289bbd7b855f5e80bad5d" enabled: true
GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email" client_id: 6a7eadea9bc68f7a59712a0365bd0822de9a6946
GF_AUTH_GENERIC_OAUTH_AUTH_URL: "https://authentik.durp.info/application/o/authorize/" client_secret: c8105547137367e4fe0ba6b5c022ff322569a0b2ea93c9652b77762eb4a094558f9edf98f81aa7329ad724d569b126ff2e281989ebe289bbd7b855f5e80bad5d
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "https://authentik.durp.info/application/o/token/" scopes: openid profile email
GF_AUTH_GENERIC_OAUTH_API_URL: "https://authentik.durp.info/application/o/userinfo/" auth_url: https://authentik.durp.info/application/o/authorize/
GF_AUTH_SIGNOUT_REDIRECT_URL: "https://authentik.durp.info/application/o/grafana/end-session/" token_url: https://authentik.durp.info/application/o/token/
# Optionally enable auto-login (bypasses Grafana login screen) api_url: https://authentik.durp.info/application/o/userinfo/
#GF_AUTH_OAUTH_AUTO_LOGIN: "true"
# Optionally map user groups to Grafana roles
#GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'"
kubeApiServer: kubeApiServer:
enabled: true enabled: true