1
0
Fork 0
mirror of synced 2024-11-21 16:35:34 -05:00

Add user invite max lifetime duration parameter (#43)

* Add option to configure domain and root_url in grafana config

* Add external_image_storage S3 in grafana config

* Revert external_image_storage settings

* Update ldap.toml to work with salt 2018.3

See 8393560642/doc/topics/releases/2018.3.0.rst

* Add recurse option when creating grafana dirs.

Should not hurt if they are empty and can avoid issues when moving data between servers

* Make compatible with Salt 2019.2.0

* Change to items for py3 compat

Signed-off-by: Felipe Zipitria <fzipitria@perceptyx.com>

* Add user_invite_max_lifetime_duration configuration parameter

Co-authored-by: abednarik <alejandro.bednarik@gmail.com>
Co-authored-by: Felipe Zipitria <fzipitria@perceptyx.com>
Co-authored-by: Nicolas Fernandez <nookynet@gmail.com>
This commit is contained in:
Marcin 2021-10-18 18:21:06 +10:00 committed by GitHub
parent b863646e71
commit 1d8fd0a106
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 17 additions and 4 deletions

View file

@ -579,7 +579,7 @@ def _dashboard_diff(_new_dashboard, _old_dashboard):
def _stripped(d):
'''Strip falsey entries.'''
ret = {}
for k, v in six.iteritems(d):
for k, v in six.items(d):
if v:
ret[k] = v
return ret

View file

@ -29,14 +29,16 @@ http_addr = {{ server.bind.address }}
http_port = {{ server.bind.port }}
# The public facing domain name used to access grafana from a browser
domain = {{ server.domain }}
domain = {{ server.server.domain }}
# Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks
;enforce_domain = false
# The full public facing url
root_url = {{ server.root_url }}
root_url = {{ server.server.root_url }}
# Log web requests
;router_logging = false
@ -142,6 +144,8 @@ allow_org_create = {{ server.allow_org_create|lower }}
;auto_assign_org_role = Viewer
auto_assign_org_role = {{ server.auto_assign_role }}
user_invite_max_lifetime_duration = 5d
#################################### Anonymous Auth ##########################
[auth.anonymous]
{%- if server.auth.engine == 'anonymous' or server.auth.get('anonymous', {}).get('enabled', False) %}

View file

@ -27,7 +27,7 @@ bind_password = "{{ ldap_params.bind_password }}"
search_filter = "{{ ldap_params.user_search_filter }}"
# An array of base dns to search through
search_base_dns = {{ ldap_params.user_search_base_dns }}
search_base_dns = {{ ldap_params.user_search_base_dns | yaml }}
# In POSIX LDAP schemas, without memberOf attribute a secondary query must be made for groups.
# This is done by enabling group_search_filter below. You must also set member_of= "cn"

View file

@ -14,6 +14,9 @@ Debian:
data: /var/lib/grafana
logs: /var/log/grafana
pid_file_dir: /var/run/grafana
server:
domain: localhost
root_url: "%(protocol)s://%(domain)s:%(http_port)s/"
bind:
address: 0.0.0.0
port: 3000

View file

@ -83,6 +83,9 @@ grafana_{{ theme_name }}_css_override:
- mode: 755
- user: {{ server.user }}
- group: {{ server.group }}
- recurse:
- user
- group
{{server.path.logs}}:
file.directory:
@ -90,6 +93,9 @@ grafana_{{ theme_name }}_css_override:
- mode: 755
- user: {{ server.user }}
- group: {{ server.group }}
- recurse:
- user
- group
grafana_service:
service.running: