1
0
Fork 0
mirror of synced 2024-11-22 08:55:35 -05:00
formula-grafana/grafana/server.sls
Guillaume Thouvenin 377c14cca0 Add support for LDAP authentication
This patch adds support for LDAP authentication. It also adds support
to manage authorization. It is now possible to enable several kind of
authentication like LDAP and basic auth. So we introduce a new schema
for allowing it:

  auth:
    basic:
      enabled: true
    ldap:
      enabled: true
      [...]

instead of

  auth:
    engine: basic

The former declaration is still valid for basic, anonymous and proxy
authentication.
2016-12-08 17:15:56 +01:00

82 lines
1.9 KiB
Text

{%- from "grafana/map.jinja" import server with context %}
{%- if server.get('enabled', False) %}
grafana_packages:
pkg.installed:
- names: {{ server.pkgs }}
/etc/grafana/grafana.ini:
file.managed:
- source: salt://grafana/files/grafana.ini
- template: jinja
- user: grafana
- group: grafana
- require:
- pkg: grafana_packages
{%- if server.auth.get('ldap', {}).get('enabled', False) %}
/etc/grafana/ldap.toml:
file.managed:
- source: salt://grafana/files/ldap.toml
- template: jinja
- user: grafana
- group: grafana
- require:
- pkg: grafana_packages
- watch_in:
- service: grafana_service
{%- endif %}
{%- if server.dashboards.enabled %}
grafana_copy_default_dashboards:
file.recurse:
- name: {{ server.dashboards.path }}
- source: salt://grafana/files/dashboards
- user: grafana
- group: grafana
- require:
- pkg: grafana_packages
- require_in:
- service: grafana_service
{%- endif %}
{%- for theme_name, theme in server.get('theme', {}).iteritems() %}
{%- if theme.css_override is defined %}
grafana_{{ theme_name }}_css_override:
file.managed:
- names:
- {{ server.dir.static }}/css/grafana.{{ theme_name }}.min.css
{%- if theme.css_override.build is defined %}
- {{ server.dir.static }}/css/grafana.{{ theme_name }}.min.{{ theme.css_override.build }}.css
{%- endif %}
- source: {{ theme.css_override.source }}
{%- if theme.css_override.source_hash is defined %}
- source_hash: {{ theme.css_override.source_hash }}
{%- endif %}
- user: grafana
- group: grafana
- require:
- pkg: grafana_packages
- require_in:
- service: grafana_service
{%- endif %}
{%- endfor %}
grafana_service:
service.running:
- name: {{ server.service }}
- enable: true
# It is needed if client is trying to set datasource or dashboards before
# server is ready.
- init_delay: 5
- watch:
- file: /etc/grafana/grafana.ini
{%- endif %}