├── .bumpversion.cfg ├── .gitignore ├── .travis.yml ├── CONTRIBUTORS ├── LICENSE ├── Makefile ├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── configure.yml ├── grafana.yml ├── install.deb.yml └── main.yml ├── templates ├── grafana.ini.j2 └── nginx.conf.j2 └── test.yml /.bumpversion.cfg: -------------------------------------------------------------------------------- 1 | [bumpversion] 2 | commit = True 3 | current_version = 3.1.1 4 | tag = True 5 | tag_name = {new_version} 6 | 7 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /todo 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | before_install: 5 | - sudo apt-get update -qq 6 | - sudo apt-get install -qq python-apt python-pycurl 7 | 8 | install: 9 | - pip install ansible>=1.6.0 10 | script: 11 | # Prepare tests 12 | - echo localhost > inventory 13 | 14 | # Check syntax 15 | - ansible-playbook --syntax-check -i inventory test.yml 16 | 17 | # First run 18 | - ansible-playbook -i inventory test.yml --connection=local --sudo 19 | 20 | # Second run Idempotence test 21 | - > 22 | ansible-playbook -i inventory test.yml --connection=local --sudo 23 | | grep -q 'changed=0.*failed=0' 24 | && (echo 'Idempotence test: pass' && exit 0) 25 | || (echo 'Idempotence test: fail' && exit 1) 26 | 27 | - ps -ef | grep [g]rafana || exit 1 28 | -------------------------------------------------------------------------------- /CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | Contributors: 2 | 3 | * Cemalettin Koc (https://github.com/cemo) 4 | * Dariusz Łuksza (https://github.com/dluksza) 5 | * Erno Aapa (https://github.com/ernoaapa) 6 | * Kirill Klenov (http://klen.github.io/) 7 | * Stefan Warman (https://github.com/warmans) 8 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2014 Stouts 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | .PHONY: release major minor patch 2 | 3 | VERSION?=minor 4 | release: 5 | @bumpversion $(VERSION) 6 | @git checkout master 7 | @git merge develop 8 | @git checkout develop 9 | @git push --all 10 | @git push --tags 11 | @git checkout develop 12 | 13 | major: 14 | make release VERSION=major 15 | 16 | minor: 17 | make release VERSION=minor 18 | 19 | patch: 20 | make release VERSION=patch 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Stouts.grafana 2 | ============== 3 | 4 | [![Build Status](http://img.shields.io/travis/Stouts/Stouts.grafana.svg?style=flat-square)](https://travis-ci.org/Stouts/Stouts.grafana) 5 | [![Galaxy](http://img.shields.io/badge/galaxy-Stouts.grafana-blue.svg?style=flat-square)](https://galaxy.ansible.com/list#/roles/1907) 6 | 7 | Ansible role which manage [Grafana](http://http://grafana.org/) 8 | 9 | * Install and configure Grafana 10 | 11 | 12 | #### Variables 13 | 14 | Here is the list of all variables and their default values: 15 | 16 | ```yaml 17 | grafana_enabled: true # The role is enabled 18 | grafana_apt_repository: deb https://packagecloud.io/grafana/stable/debian/ jessie main 19 | grafana_apt_key: https://packagecloud.io/gpg.key 20 | 21 | grafana_version: 3.1.1-* # Set version (set to latest to install latest version) 22 | 23 | grafana_app_mode: production 24 | 25 | # Paths 26 | grafana_data: /var/lib/grafana 27 | grafana_logs: /var/log/grafana 28 | grafana_plugins: "{{ grafana_data }}/plugins" 29 | grafana_plugins_install: [] 30 | 31 | # Server 32 | grafana_protocol: http 33 | grafana_http_addr: 0.0.0.0 # The ip address to bind to 34 | grafana_http_port: 3000 # The http port to use 35 | grafana_domain: localhost # The public facing domain name used to access grafana from a browser 36 | grafana_enforce_domain: false 37 | grafana_root_url: "%(protocol)s://%(domain)s:%(http_port)s/" 38 | grafana_router_logging: false # Log web requests 39 | grafana_static_root_path: public # the path relative working path 40 | grafana_enable_gzip: false # enable gzip 41 | grafana_cert_file: # https certs & key file 42 | grafana_cert_key: 43 | 44 | # Database 45 | grafana_type: sqlite3 # Either "mysql", "postgres" or "sqlite3" 46 | grafana_host: 127.0.0.1:3306 47 | grafana_name: grafana 48 | grafana_user: root 49 | grafana_password: 50 | grafana_ssl_mode: disable # For "postgres" only, either "disable", "require" or "verify-full" 51 | grafana_path: grafana.db # For "sqlite3" only, path relative to data_path setting 52 | 53 | # Session 54 | grafana_provider: file # Either "memory", "file", "redis", "mysql", default is "memory" 55 | grafana_provider_config: sessions 56 | grafana_cookie_name: grafana_sess # Session cookie name 57 | grafana_cookie_secure: false # If you use session in https only 58 | grafana_session_life_time: 86400 # Session life time, default is 86400 59 | 60 | # Analytics 61 | grafana_reporting_enabled: true # Server reporting, sends usage counters to stats.grafana.org every 24 hours. 62 | grafana_check_for_updates: true # Set to false to disable all checks to https://grafana.net 63 | grafana_google_analytics_ua_id: # Google Analytics universal tracking code, only enabled if you specify an id here 64 | 65 | # Security 66 | grafana_admin_user: admin # Default admin username 67 | grafana_admin_password: admin # Default admin password 68 | grafana_secret_key: ECaamBjja2CChzAp # Used for signing 69 | grafana_login_remember_days: 7 70 | grafana_cookie_username: grafana_user 71 | grafana_cookie_remember_name: grafana_remember 72 | grafana_disable_gravatar: false # disable gravatar profile images 73 | grafana_data_source_proxy_whitelist: # data source proxy whitelist (ip_or_domain:port seperated by spaces) 74 | 75 | # Snapshots 76 | grafana_external_enabled: true 77 | grafana_external_snapshot_url: https://snapshots-origin.raintank.io 78 | grafana_external_snapshot_name: Publish to snapshot.raintank.io 79 | 80 | # Users 81 | grafana_allow_sign_up: true # Disable user signup/registration 82 | grafana_allow_org_create: true # Allow falsen admin users to create organizations 83 | grafana_auto_assign_org: true # Set to true to automatically assign new users to the default organization (id 1) 84 | grafana_auto_assign_org_role: Viewer # Default role new users will be automatically assigned 85 | grafana_login_hint: email or username # Background text for the user field on the login page 86 | 87 | # Anonymous Auth 88 | grafana_anonymous_enabled: false # Enable Anonymous access 89 | grafana_anonymous_org_name: Main Org. # Specify organization name that should be used for unauthenticated users 90 | grafana_anonymous_org_role: Viewer # Specify role for unauthenticated users 91 | 92 | # Github Auth 93 | grafana_github_enabled: false # Enable Github Auth 94 | grafana_github_client_id: some_id 95 | grafana_github_client_secret: some_secret 96 | grafana_github_scopes: user:email 97 | grafana_github_auth_url: https://github.com/login/oauth/authorize 98 | grafana_github_token_url: https://github.com/login/oauth/access_token 99 | grafana_github_api_url: https://api.github.com/user 100 | grafana_github_team_ids: 101 | grafana_github_allowed_organizations: 102 | grafana_github_auth_allow_sign_up: true 103 | 104 | # Google Auth 105 | grafana_google_enabled: false # Enable Google Auth 106 | grafana_google_client_id: some_id 107 | grafana_google_client_secret: some_secret 108 | grafana_google_scopes: https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email 109 | grafana_google_auth_url: https://accounts.google.com/o/oauth2/auth 110 | grafana_google_token_url: https://accounts.google.com/o/oauth2/token 111 | grafana_google_api_url: https://www.googleapis.com/oauth2/v1/userinfo 112 | grafana_google_allowed_domains: mycompany.com othercompany.com 113 | grafana_google_auth_allow_sign_up: true 114 | 115 | # Basic Auth 116 | grafana_auth_basic_enabled: true 117 | 118 | # Auth Proxy 119 | grafana_auth_proxy_enabled: false 120 | grafana_auth_proxy_header_name: X-WEBAUTH-USER 121 | grafana_auth_proxy_header_property: username 122 | grafana_auth_proxy_auto_sign_up: true 123 | 124 | # Auth LDAP 125 | grafana_auth_ldap_enabled: false 126 | grafana_auth_ldap_config_file: /etc/grafana/ldap.toml 127 | 128 | # SMTP / Emailing 129 | grafana_smtp_enabled: false 130 | grafana_smtp_host: localhost:25 131 | grafana_smtp_user: 132 | grafana_smtp_password: 133 | grafana_smtp_cert_file: 134 | grafana_smtp_key_file: 135 | grafana_smtp_skip_verify: false 136 | grafana_smtp_from_address: admin@grafana.localhost 137 | grafana_emails_welcome_email_on_sign_up: false 138 | 139 | # Logging 140 | grafana_log_mode: console, file 141 | grafana_log_buffer_len: 10000 142 | grafana_log_level: Info 143 | 144 | # AMPQ Event Publisher 145 | grafana_ampq_enabled: false 146 | grafana_ampq_rabbitmq_url: amqp://localhost/ 147 | grafana_ampq_exchange: grafana_events 148 | 149 | # Dashboard JSON files 150 | grafana_dashboard_json_enabled: false 151 | grafana_dashboard_json_path: /var/lib/grafana/dashboards 152 | 153 | # Setup nginx configuration 154 | grafana_nginx: false 155 | grafana_nginx_servername: "{{inventory_hostname}}" 156 | grafana_nginx_ssl: false 157 | grafana_nginx_ssl_crt: "" 158 | grafana_nginx_ssl_key: "" 159 | grafana_nginx_ssl_redirect: "{{grafana_nginx_ssl}}" 160 | grafana_nginx_port: 80 161 | 162 | ``` 163 | 164 | #### Usage 165 | 166 | Add `Stouts.grafana` to your roles and setup the variables in your playbook file. 167 | Example: 168 | 169 | ```yaml 170 | 171 | - hosts: all 172 | 173 | roles: 174 | - Stouts.grafana 175 | 176 | vars: 177 | ``` 178 | 179 | #### License 180 | 181 | Licensed under the MIT License. See the LICENSE file for details. 182 | 183 | #### Feedback, bug-reports, requests, ... 184 | 185 | Are [welcome](https://github.com/Stouts/Stouts.grafana/issues)! 186 | 187 | If you wish to express your appreciation for the role, you are welcome to send 188 | a postcard to: 189 | 190 | Kirill Klenov 191 | pos. Severny 8-3 192 | MO, Istra, 143500 193 | Russia 194 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | grafana_enabled: true # The role is enabled 4 | grafana_apt_repository: deb https://packagecloud.io/grafana/stable/debian/ jessie main 5 | grafana_apt_key: https://packagecloud.io/gpg.key 6 | 7 | grafana_version: 4.1.2-* # Set version (set to latest to install latest version) 8 | 9 | grafana_app_mode: production 10 | 11 | # Paths 12 | grafana_data: /var/lib/grafana 13 | grafana_logs: /var/log/grafana 14 | grafana_plugins: "{{ grafana_data }}/plugins" 15 | grafana_plugins_install: [] 16 | 17 | # Server 18 | grafana_protocol: http 19 | grafana_http_addr: 0.0.0.0 # The ip address to bind to 20 | grafana_http_port: 3000 # The http port to use 21 | grafana_domain: localhost # The public facing domain name used to access grafana from a browser 22 | grafana_enforce_domain: false 23 | grafana_root_url: "%(protocol)s://%(domain)s:%(http_port)s/" 24 | grafana_router_logging: false # Log web requests 25 | grafana_static_root_path: public # the path relative working path 26 | grafana_enable_gzip: false # enable gzip 27 | grafana_cert_file: # https certs & key file 28 | grafana_cert_key: 29 | 30 | # Database 31 | grafana_type: sqlite3 # Either "mysql", "postgres" or "sqlite3" 32 | grafana_host: 127.0.0.1:3306 33 | grafana_name: grafana 34 | grafana_user: root 35 | grafana_password: 36 | grafana_ssl_mode: disable # For "postgres" only, either "disable", "require" or "verify-full" 37 | grafana_path: grafana.db # For "sqlite3" only, path relative to data_path setting 38 | 39 | # Session 40 | grafana_provider: file # Either "memory", "file", "redis", "mysql", default is "memory" 41 | grafana_provider_config: sessions 42 | grafana_cookie_name: grafana_sess # Session cookie name 43 | grafana_cookie_secure: false # If you use session in https only 44 | grafana_session_life_time: 86400 # Session life time, default is 86400 45 | 46 | # Analytics 47 | grafana_reporting_enabled: true # Server reporting, sends usage counters to stats.grafana.org every 24 hours. 48 | grafana_check_for_updates: true # Set to false to disable all checks to https://grafana.net 49 | grafana_google_analytics_ua_id: # Google Analytics universal tracking code, only enabled if you specify an id here 50 | 51 | # Security 52 | grafana_admin_user: admin # Default admin username 53 | grafana_admin_password: admin # Default admin password 54 | grafana_secret_key: ECaamBjja2CChzAp # Used for signing 55 | grafana_login_remember_days: 7 56 | grafana_cookie_username: grafana_user 57 | grafana_cookie_remember_name: grafana_remember 58 | grafana_disable_gravatar: false # disable gravatar profile images 59 | grafana_data_source_proxy_whitelist: # data source proxy whitelist (ip_or_domain:port seperated by spaces) 60 | 61 | # Snapshots 62 | grafana_external_enabled: true 63 | grafana_external_snapshot_url: https://snapshots-origin.raintank.io 64 | grafana_external_snapshot_name: Publish to snapshot.raintank.io 65 | 66 | # Users 67 | grafana_allow_sign_up: true # Disable user signup/registration 68 | grafana_allow_org_create: true # Allow falsen admin users to create organizations 69 | grafana_auto_assign_org: true # Set to true to automatically assign new users to the default organization (id 1) 70 | grafana_auto_assign_org_role: Viewer # Default role new users will be automatically assigned 71 | grafana_login_hint: email or username # Background text for the user field on the login page 72 | 73 | # Anonymous Auth 74 | grafana_anonymous_enabled: false # Enable Anonymous access 75 | grafana_anonymous_org_name: Main Org. # Specify organization name that should be used for unauthenticated users 76 | grafana_anonymous_org_role: Viewer # Specify role for unauthenticated users 77 | 78 | # Github Auth 79 | grafana_github_enabled: false # Enable Github Auth 80 | grafana_github_client_id: some_id 81 | grafana_github_client_secret: some_secret 82 | grafana_github_scopes: user:email 83 | grafana_github_auth_url: https://github.com/login/oauth/authorize 84 | grafana_github_token_url: https://github.com/login/oauth/access_token 85 | grafana_github_api_url: https://api.github.com/user 86 | grafana_github_team_ids: 87 | grafana_github_allowed_organizations: 88 | grafana_github_auth_allow_sign_up: true 89 | 90 | # Google Auth 91 | grafana_google_enabled: false # Enable Google Auth 92 | grafana_google_client_id: some_id 93 | grafana_google_client_secret: some_secret 94 | grafana_google_scopes: https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email 95 | grafana_google_auth_url: https://accounts.google.com/o/oauth2/auth 96 | grafana_google_token_url: https://accounts.google.com/o/oauth2/token 97 | grafana_google_api_url: https://www.googleapis.com/oauth2/v1/userinfo 98 | grafana_google_allowed_domains: mycompany.com othercompany.com 99 | grafana_google_auth_allow_sign_up: true 100 | 101 | # Basic Auth 102 | grafana_auth_basic_enabled: true 103 | 104 | # Auth Proxy 105 | grafana_auth_proxy_enabled: false 106 | grafana_auth_proxy_header_name: X-WEBAUTH-USER 107 | grafana_auth_proxy_header_property: username 108 | grafana_auth_proxy_auto_sign_up: true 109 | 110 | # Auth LDAP 111 | grafana_auth_ldap_enabled: false 112 | grafana_auth_ldap_config_file: /etc/grafana/ldap.toml 113 | 114 | # SMTP / Emailing 115 | grafana_smtp_enabled: false 116 | grafana_smtp_host: localhost:25 117 | grafana_smtp_user: 118 | grafana_smtp_password: 119 | grafana_smtp_cert_file: 120 | grafana_smtp_key_file: 121 | grafana_smtp_skip_verify: false 122 | grafana_smtp_from_address: admin@grafana.localhost 123 | grafana_emails_welcome_email_on_sign_up: false 124 | 125 | # Logging 126 | grafana_log_mode: console, file 127 | grafana_log_buffer_len: 10000 128 | grafana_log_level: Info 129 | 130 | # AMPQ Event Publisher 131 | grafana_ampq_enabled: false 132 | grafana_ampq_rabbitmq_url: amqp://localhost/ 133 | grafana_ampq_exchange: grafana_events 134 | 135 | # Dashboard JSON files 136 | grafana_dashboard_json_enabled: false 137 | grafana_dashboard_json_path: /var/lib/grafana/dashboards 138 | 139 | # Setup nginx configuration 140 | grafana_nginx: false 141 | grafana_nginx_servername: "{{inventory_hostname}}" 142 | grafana_nginx_ssl: false 143 | grafana_nginx_ssl_crt: "" 144 | grafana_nginx_ssl_key: "" 145 | grafana_nginx_ssl_redirect: "{{grafana_nginx_ssl}}" 146 | grafana_nginx_port: 80 147 | 148 | # vim:sw=2 149 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: grafana restart 4 | service: name=grafana-server state=restarted 5 | 6 | - name: nginx reload 7 | service: name=nginx state=reloaded 8 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: klen 4 | company: Stouts 5 | description: Installs and setup Grafana metrics dashboard 6 | license: MIT 7 | platforms: 8 | - name: Ubuntu 9 | versions: 10 | - all 11 | categories: 12 | - system 13 | - monitoring 14 | dependencies: [] 15 | -------------------------------------------------------------------------------- /tasks/configure.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: grafana-configure | Setup grafana 4 | template: src=grafana.ini.j2 dest=/etc/grafana/grafana.ini 5 | notify: grafana restart 6 | 7 | - name: grafana-configure | Ensure that Grafana-Server is started 8 | service: name=grafana-server state=started enabled=yes 9 | 10 | - name: grafana-configure | Install plugins 11 | command: "grafana-cli plugins install {{item}}" 12 | with_items: "{{grafana_plugins_install}}" 13 | notify: grafana restart 14 | 15 | # - name: grafana-configure | Setup passlib 16 | # apt: pkg=python-passlib 17 | # when: grafana_proxy_auth 18 | 19 | # - name: grafana-configure | Encrypt http auth passwords 20 | # htpasswd: path={{grafana_home}}/.htpasswd name={{item.name}} password={{item.password}} 21 | # with_items: grafana_proxy_auth_users 22 | # when: grafana_proxy_auth 23 | 24 | - name: grafana-configure | Compile Nginx configuration 25 | template: src=nginx.conf.j2 dest={{nginx_dir|default('/etc/nginx')}}/sites-enabled/grafana.conf 26 | when: grafana_nginx 27 | notify: nginx reload 28 | -------------------------------------------------------------------------------- /tasks/grafana.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include_tasks: install.deb.yml 4 | when: ansible_os_family == 'Debian' 5 | tags: [grafana, grafana-install] 6 | 7 | - include_tasks: configure.yml 8 | tags: [grafana, grafana-configure] 9 | -------------------------------------------------------------------------------- /tasks/install.deb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: grafana-install-prerequisites | Install Prerequisites 4 | apt: name="apt-transport-https" 5 | 6 | - name: grafana-install | Add debian repository pt. 1 7 | apt_key: url='{{grafana_apt_key}}' id=D59097AB 8 | 9 | - name: grafana-install | Add debian repository pt. 2 10 | apt_repository: repo='{{grafana_apt_repository}}' 11 | 12 | - set_fact: grafana_release='grafana={{grafana_version}}' 13 | 14 | - name: grafana-install | Install Grafana Release 15 | apt: name="{{grafana_release}}" 16 | when: grafana_version != "latest" 17 | notify: 18 | - grafana restart 19 | 20 | - name: grafana-install | Install Grafana Latest 21 | apt: name="grafana" 22 | when: grafana_version == "latest" 23 | notify: 24 | - grafana restart 25 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include_tasks: grafana.yml 4 | when: grafana_enabled 5 | tags: [grafana] 6 | -------------------------------------------------------------------------------- /templates/grafana.ini.j2: -------------------------------------------------------------------------------- 1 | # This file was generated by Ansible for {{ansible_fqdn}} 2 | # Do NOT modify this file by hand! 3 | 4 | ##################### Grafana Configuration Example ##################### 5 | # 6 | # Everything has defaults so you only need to uncomment things you want to 7 | # change 8 | 9 | app_mode = {{ grafana_app_mode }} 10 | 11 | #################################### Paths #################################### 12 | [paths] 13 | # Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is useD) 14 | # 15 | data = {{ grafana_data }} 16 | # 17 | # Directory where grafana can store logs 18 | # 19 | logs = {{ grafana_logs }} 20 | # 21 | # Directory where grafana will automatically scan and look for plugins 22 | # 23 | plugins = {{ grafana_plugins }} 24 | 25 | #################################### Server #################################### 26 | [server] 27 | # Protocol (http or https) 28 | protocol = {{ grafana_protocol }} 29 | 30 | # The ip address to bind to, empty will bind to all interfaces 31 | http_addr = {{ grafana_http_addr }} 32 | 33 | # The http port to use 34 | http_port = {{ grafana_http_port }} 35 | 36 | # The public facing domain name used to access grafana from a browser 37 | domain = {{ grafana_domain }} 38 | 39 | # Redirect to correct domain if host header does not match domain 40 | # Prevents DNS rebinding attacks 41 | enforce_domain = {{ grafana_enforce_domain|to_nice_json }} 42 | 43 | # The full public facing url 44 | root_url = {{ grafana_root_url }} 45 | 46 | # Log web requests 47 | router_logging = {{ grafana_router_logging|to_nice_json }} 48 | 49 | # the path relative working path 50 | static_root_path = {{ grafana_static_root_path }} 51 | 52 | # enable gzip 53 | enable_gzip = {{ grafana_enable_gzip|to_nice_json }} 54 | 55 | # https certs & key file 56 | cert_file = {{ grafana_cert_file }} 57 | cert_key = {{ grafana_cert_key }} 58 | 59 | #################################### Database #################################### 60 | [database] 61 | # Either "mysql", "postgres" or "sqlite3", it's your choice 62 | type = {{ grafana_type }} 63 | host = {{ grafana_host }} 64 | name = {{ grafana_name }} 65 | user = {{ grafana_user }} 66 | password = {{ grafana_password }} 67 | 68 | # For "postgres" only, either "disable", "require" or "verify-full" 69 | ssl_mode = {{ grafana_ssl_mode }} 70 | 71 | # For "sqlite3" only, path relative to data_path setting 72 | path = {{ grafana_path }} 73 | 74 | #################################### Session #################################### 75 | [session] 76 | # Either "memory", "file", "redis", "mysql", "postgres", default is "file" 77 | provider = {{ grafana_provider }} 78 | 79 | # Provider config options 80 | # memory: not have any config yet 81 | # file: session dir path, is relative to grafana data_path 82 | # redis: config like redis server addr, poolSize, password, e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana` 83 | # postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable 84 | # mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name` 85 | provider_config = {{ grafana_provider_config }} 86 | 87 | # Session cookie name 88 | cookie_name = {{ grafana_cookie_name }} 89 | 90 | # If you use session in https only, default is false 91 | cookie_secure = {{ grafana_cookie_secure|to_nice_json}} 92 | 93 | # Session life time, default is 86400 94 | session_life_time = {{ grafana_session_life_time }} 95 | 96 | #################################### Analytics #################################### 97 | [analytics] 98 | # Server reporting, sends usage counters to stats.grafana.org every 24 hours. 99 | # No ip addresses are being tracked, only simple counters to track 100 | # running instances, dashboard and error counts. It is very helpful to us. 101 | # Change this option to false to disable reporting. 102 | reporting_enabled = {{ grafana_reporting_enabled|to_nice_json }} 103 | 104 | # Set to false to disable all checks to https://grafana.net 105 | # for new vesions (grafana itself and plugins), check is used 106 | # in some UI views to notify that grafana or plugin update exists 107 | # This option does not cause any auto updates, nor send any information 108 | # only a GET request to http://grafana.net to get latest versions 109 | check_for_updates = {{ grafana_check_for_updates|to_nice_json }} 110 | 111 | # Google Analytics universal tracking code, only enabled if you specify an id here 112 | google_analytics_ua_id = {{ grafana_google_analytics_ua_id }} 113 | 114 | #################################### Security #################################### 115 | [security] 116 | # default admin user, created on startup 117 | admin_user = {{ grafana_admin_user }} 118 | 119 | # default admin password, can be changed before first start of grafana, or in profile settings 120 | admin_password = {{ grafana_admin_password }} 121 | 122 | # used for signing 123 | secret_key = {{ grafana_secret_key }} 124 | 125 | # Auto-login remember days 126 | login_remember_days = {{ grafana_login_remember_days }} 127 | cookie_username = {{ grafana_cookie_username }} 128 | cookie_remember_name = {{ grafana_cookie_remember_name }} 129 | 130 | # disable gravatar profile images 131 | disable_gravatar = {{ grafana_disable_gravatar|to_nice_json}} 132 | 133 | # data source proxy whitelist (ip_or_domain:port seperated by spaces) 134 | data_source_proxy_whitelist = {{ grafana_data_source_proxy_whitelist }} 135 | 136 | [snapshots] 137 | # snapshot sharing options 138 | external_enabled = {{ grafana_external_enabled|to_nice_json }} 139 | external_snapshot_url = {{ grafana_external_snapshot_url }} 140 | external_snapshot_name = {{ grafana_external_snapshot_name }} 141 | 142 | #################################### Users #################################### 143 | [users] 144 | # disable user signup / registration 145 | allow_sign_up = {{ grafana_allow_sign_up|to_nice_json }} 146 | 147 | # Allow non admin users to create organizations 148 | allow_org_create = {{ grafana_allow_org_create|to_nice_json }} 149 | 150 | # Set to true to automatically assign new users to the default organization (id 1) 151 | auto_assign_org = {{ grafana_auto_assign_org|to_nice_json }} 152 | 153 | # Default role new users will be automatically assigned (if disabled above is set to true) 154 | auto_assign_org_role = {{ grafana_auto_assign_org_role }} 155 | 156 | # Background text for the user field on the login page 157 | login_hint = {{ grafana_login_hint }} 158 | 159 | #################################### Anonymous Auth ########################## 160 | [auth.anonymous] 161 | # enable anonymous access 162 | enabled = {{ grafana_anonymous_enabled|to_nice_json }} 163 | 164 | # specify organization name that should be used for unauthenticated users 165 | org_name = {{ grafana_anonymous_org_name }} 166 | 167 | # specify role for unauthenticated users 168 | org_role = {{ grafana_anonymous_org_role }} 169 | 170 | #################################### Github Auth ########################## 171 | [auth.github] 172 | enabled = {{ grafana_github_enabled|to_nice_json }} 173 | allow_sign_up = {{ grafana_github_auth_allow_sign_up }} 174 | client_id = {{ grafana_github_client_id }} 175 | client_secret = {{ grafana_github_client_secret }} 176 | scopes = {{ grafana_github_scopes }} 177 | auth_url = {{ grafana_github_auth_url }} 178 | token_url = {{ grafana_github_token_url }} 179 | api_url = {{ grafana_github_api_url }} 180 | team_ids = {{ grafana_github_team_ids }} 181 | allowed_organizations = {{ grafana_github_allowed_organizations }} 182 | 183 | #################################### Google Auth ########################## 184 | [auth.google] 185 | enabled = {{ grafana_google_enabled|to_nice_json }} 186 | allow_sign_up = {{ grafana_google_auth_allow_sign_up }} 187 | client_id = {{ grafana_google_client_id }} 188 | client_secret = {{ grafana_google_client_secret }} 189 | scopes = {{ grafana_google_scopes }} 190 | auth_url = {{ grafana_google_auth_url }} 191 | token_url = {{ grafana_google_token_url }} 192 | api_url = {{ grafana_google_api_url }} 193 | allowed_domains = {{ grafana_google_allowed_domains }} 194 | 195 | #################################### Auth Proxy ########################## 196 | [auth.proxy] 197 | enabled = {{ grafana_auth_proxy_enabled|to_nice_json}} 198 | header_name = {{ grafana_auth_proxy_header_name }} 199 | header_property = {{ grafana_auth_proxy_header_property }} 200 | auto_sign_up = {{ grafana_auth_proxy_auto_sign_up|to_nice_json}} 201 | 202 | #################################### Basic Auth ########################## 203 | [auth.basic] 204 | enabled = {{ grafana_auth_basic_enabled|to_nice_json}} 205 | 206 | #################################### Auth LDAP ########################## 207 | [auth.ldap] 208 | enabled = {{ grafana_auth_ldap_enabled|to_nice_json}} 209 | config_file = {{ grafana_auth_ldap_config_file }} 210 | 211 | #################################### SMTP / Emailing ########################## 212 | [smtp] 213 | enabled = {{ grafana_smtp_enabled|to_nice_json}} 214 | host = {{ grafana_smtp_host }} 215 | user = {{ grafana_smtp_user }} 216 | password = {{ grafana_smtp_password }} 217 | cert_file = {{ grafana_smtp_cert_file }} 218 | key_file = {{ grafana_smtp_key_file }} 219 | skip_verify = {{ grafana_smtp_skip_verify|to_nice_json}} 220 | from_address = {{ grafana_smtp_from_address }} 221 | 222 | [emails] 223 | welcome_email_on_sign_up = {{ grafana_emails_welcome_email_on_sign_up|to_nice_json}} 224 | 225 | #################################### Logging ########################## 226 | [log] 227 | # Either "console", "file", default is "console" 228 | # Use comma to separate multiple modes, e.g. "console, file" 229 | mode = {{ grafana_log_mode }} 230 | 231 | # Buffer length of channel, keep it as it is if you don't know what it is. 232 | buffer_len = {{ grafana_log_buffer_len }} 233 | 234 | # Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" 235 | level = {{ grafana_log_level }} 236 | 237 | # For "console" mode only 238 | [log.console] 239 | ;level = 240 | 241 | # For "file" mode only 242 | [log.file] 243 | ;level = 244 | # This enables automated log rotate(switch of following options), default is true 245 | ;log_rotate = true 246 | 247 | # Max line number of single file, default is 1000000 248 | ;max_lines = 1000000 249 | 250 | # Max size shift of single file, default is 28 means 1 << 28, 256MB 251 | ;max_lines_shift = 28 252 | 253 | # Segment log daily, default is true 254 | ;daily_rotate = true 255 | 256 | # Expired days of log file(delete after max days), default is 7 257 | ;max_days = 7 258 | 259 | #################################### AMPQ Event Publisher ########################## 260 | [event_publisher] 261 | enabled = {{ grafana_ampq_enabled|to_nice_json }} 262 | rabbitmq_url = {{ grafana_ampq_rabbitmq_url }} 263 | exchange = {{ grafana_ampq_exchange }} 264 | 265 | #################################### Dashboard JSON files ########################## 266 | [dashboards.json] 267 | enabled = {{ grafana_dashboard_json_enabled|to_nice_json}} 268 | path = {{ grafana_dashboard_json_path }} 269 | -------------------------------------------------------------------------------- /templates/nginx.conf.j2: -------------------------------------------------------------------------------- 1 | # This file was generated by Ae for {{ansible_fqdn}} 2 | # Do NOT modify this file by hand! 3 | 4 | {% if grafana_nginx_ssl_redirect -%} 5 | # Redirect HTTP to SSL 6 | server { 7 | listen 80; 8 | server_name {{grafana_nginx_servername}}; 9 | rewrite ^(.*) https://$host$1 permanent; 10 | } 11 | {% endif %} 12 | 13 | server { 14 | listen {{grafana_nginx_port}}; 15 | server_name {{grafana_nginx_servername}}; 16 | client_max_body_size 8m; 17 | ignore_invalid_headers off; 18 | 19 | {% if grafana_nginx_ssl %} 20 | ssl on; 21 | ssl_certificate {{ grafana_nginx_ssl_crt }}; 22 | ssl_certificate_key {{ grafana_nginx_ssl_key }}; 23 | {% endif %} 24 | 25 | location / { 26 | proxy_pass http://127.0.0.1:{{grafana_http_port}}; 27 | proxy_set_header X-Real-IP $remote_addr; 28 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 29 | proxy_set_header X-Forwarded-Proto $scheme; 30 | proxy_set_header Host $http_host; 31 | 32 | } 33 | 34 | error_log {{grafana_logs}}/nginx-error.log; 35 | access_log {{grafana_logs}}/nginx-access.log; 36 | 37 | } 38 | -------------------------------------------------------------------------------- /test.yml: -------------------------------------------------------------------------------- 1 | - hosts: all 2 | tasks: 3 | - include: tasks/main.yml 4 | handlers: 5 | - include: handlers/main.yml 6 | vars_files: 7 | - defaults/main.yml 8 | - .travis.yml 9 | --------------------------------------------------------------------------------