├── .gitignore ├── LICENSE.md ├── README.md ├── defaults └── main.yaml ├── handlers └── main.yaml ├── meta └── main.yml ├── tasks ├── apt.yaml ├── main.yaml └── yum.yaml └── templates └── grafana.ini.j2 /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/picotrading/ansible-grafana/fa5d95185a878c8eb50047f7ac85b91792417357/.gitignore -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) Jiri Tyr 2014 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | grafana 2 | ======= 3 | 4 | Role to install and configure Grafana - the metrics dashboard and graph editor. 5 | 6 | On yum/rpm based system 7 | It is installed from [RPM package](http://docs.grafana.org/installation/rpm/) 8 | available in the official [YUM repo](https://packagecloud.io/grafana/stable). 9 | 10 | On apt/deb based system 11 | It is installed from [RPM package](http://docs.grafana.org/installation/debian/) 12 | available in the official [APT repo](https://packagecloud.io/grafana/stable/debian/). 13 | 14 | The configuraton of the role is done in such way that it should not be necessary 15 | to change the role for any kind of configuration. All can be done either by 16 | changing role parameters or by declaring completely new configuration as a 17 | variable. That makes this role absolutely universal. See the examples below for 18 | more details. 19 | 20 | Please report any issues or send PR. 21 | 22 | 23 | Example 24 | ------- 25 | 26 | ``` 27 | --- 28 | 29 | # Example of how to use the role 30 | - hosts: myhost1 31 | roles: 32 | - yumrepo: 33 | # Configure the grafana YUM repo 34 | grafana: 35 | name: Grafana repo 36 | baseurl: https://packagecloud.io/grafana/stable/el/6/x86_64 37 | gpgcheck: 0 38 | - grafana 39 | 40 | # Example of how to modify the grafana configuration 41 | - hosts: myhost2 42 | roles: 43 | - yumrepo: 44 | # Configure the grafana YUM repo 45 | grafana: 46 | name: Grafana repo 47 | baseurl: https://packagecloud.io/grafana/stable/el/6/x86_64 48 | gpgcheck: 0 49 | - role: grafana 50 | # Allow grafana to bind to TCP port <1024 51 | grafana_allow_low_port: true 52 | # Changing port nunmber from the default 3000 to 80 53 | grafana_server_http_port: 80 54 | 55 | # Example how to use only certain blocks of the configuration 56 | - hosts: myhost3 57 | roles: 58 | - yumrepo: 59 | # Configure the grafana YUM repo 60 | grafana: 61 | name: Grafana repo 62 | baseurl: https://packagecloud.io/grafana/stable/el/6/x86_64 63 | gpgcheck: 0 64 | - role: grafana 65 | # Use only paths, server and database sections (the rest of values is 66 | # inherited from /usr/share/grafana/conf/defaults.ini) 67 | grafana_config: 68 | app_mode: "{{ grafana_app_mode }}" 69 | paths: "{{ grafana_paths }}" 70 | server: "{{ grafana_server }}" 71 | database: "{{ grafana_database }}" 72 | 73 | # Example of how to create completely new configuration 74 | - hosts: myhost4 75 | roles: 76 | - yumrepo: 77 | # Configure the grafana YUM repo 78 | grafana: 79 | name: Grafana repo 80 | baseurl: https://packagecloud.io/grafana/stable/el/6/x86_64 81 | gpgcheck: 0 82 | - role: grafana 83 | # Very simple configuration (the rest of values is inherited from 84 | # /usr/share/grafana/conf/defaults.ini) 85 | grafana_config: 86 | app_mode: production 87 | server: 88 | http_port: 8080 89 | 90 | 91 | # Example of how to install grafana 3.0.0-beta 92 | - hosts: myhost5 93 | roles: 94 | - role: grafana 95 | grafana_apt_repo: https://packagecloud.io/grafana/testing/debian/ wheezy main 96 | 97 | ``` 98 | 99 | 100 | Role variables 101 | -------------- 102 | 103 | List of variables used by the role: 104 | 105 | ``` 106 | # Package to be installed (you can force a specific version here) 107 | grafana_pkg: grafana 108 | 109 | # Allow grafana to bind to TCP port <1024 110 | grafana_allow_low_port: false 111 | 112 | 113 | # Default environment 114 | grafana_app_mode: production 115 | 116 | 117 | # Default data path 118 | grafana_paths_data: /var/lib/grafana 119 | 120 | # Default logs path 121 | grafana_paths_logs: /var/log/grafana 122 | 123 | grafana_paths: 124 | data: "{{ grafana_paths_data }}" 125 | logs: "{{ grafana_paths_logs }}" 126 | 127 | 128 | # Protocol (http or https) 129 | grafana_server_protocol: http 130 | 131 | # The ip address to bind to, empty will bind to all interfaces 132 | grafana_server_http_addr: "" 133 | 134 | # The http port to use 135 | grafana_server_http_port: 3000 136 | 137 | # The public facing domain name used to access grafana from a browser 138 | grafana_server_domain: localhost 139 | 140 | # The full public facing url 141 | grafana_server_root_url: "%(protocol)s://%(domain)s:%(http_port)s/" 142 | grafana_server_router_logging: "false" 143 | 144 | # The path relative to the binary where the static (html/js/css) files are placed 145 | grafana_server_static_root_path: public 146 | 147 | # Enable gzip 148 | grafana_server_enable_gzip: "false" 149 | 150 | # SSL cert & key file if grafana_server_protocol is https 151 | grafana_server_cert_file: "" 152 | grafana_server_cert_key: "" 153 | 154 | grafana_server: 155 | protocol: "{{ grafana_server_protocol }}" 156 | http_addr: "{{ grafana_server_http_addr }}" 157 | http_port: "{{ grafana_server_http_port }}" 158 | domain: "{{ grafana_server_domain }}" 159 | root_url: "{{ grafana_server_root_url }}" 160 | router_logging: "{{ grafana_server_router_logging }}" 161 | static_root_path: "{{ grafana_server_static_root_path }}" 162 | enable_gzip: "{{ grafana_server_enable_gzip }}" 163 | cert_file: "{{ grafana_server_cert_file }}" 164 | cert_key: "{{ grafana_server_cert_key }}" 165 | 166 | 167 | # Either "mysql", "postgres" or "sqlite3", it's your choice 168 | grafana_database_type: sqlite3 169 | grafana_database_host: 127.0.0.1:3306 170 | grafana_database_name: grafana 171 | grafana_database_user: root 172 | grafana_database_password: "" 173 | 174 | # For "postgres" only, either "disable", "require" or "verify-full" 175 | grafana_database_ssl_mode: disable 176 | 177 | # For "sqlite3" only, path relative to data_path setting 178 | grafana_database_path: grafana.db 179 | 180 | grafana_database: 181 | type: "{{ grafana_database_type }}" 182 | host: "{{ grafana_database_host }}" 183 | name: "{{ grafana_database_name }}" 184 | user: "{{ grafana_database_user }}" 185 | password: "{{ grafana_database_password }}" 186 | ssl_mode: "{{ grafana_database_ssl_mode }}" 187 | path: "{{ grafana_database_path }}" 188 | 189 | 190 | # Either "memory", "file", "redis", "mysql", default is "memory" 191 | grafana_session_provider: file 192 | 193 | # Provider config options 194 | # memory: not have any config yet 195 | # file: session dir path, is relative to grafana data_path 196 | # redis: config like redis server addr, poolSize, password, e.g. `127.0.0.1:6379,100,grafana` 197 | # mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1)/database_name` 198 | grafana_session_provider_config: sessions 199 | 200 | # Session cookie name 201 | grafana_session_cookie_name: grafana_sess 202 | 203 | # If you use session in https only, default is false 204 | grafana_session_cookie_secure: "false" 205 | 206 | # Session life time, default is 86400 207 | grafana_session_session_life_time: 86400 208 | 209 | grafana_session: 210 | provider: "{{ grafana_session_provider }}" 211 | provider_config: "{{ grafana_session_provider_config }}" 212 | cookie_name: "{{ grafana_session_cookie_name }}" 213 | cookie_secure: "{{ grafana_session_cookie_secure }}" 214 | session_life_time: "{{ grafana_session_session_life_time }}" 215 | 216 | 217 | # Server reporting, sends usage counters to stats.grafana.org every 24 hours. 218 | # No ip addresses are being tracked, only simple counters to track 219 | # running instances, dashboard and error counts. It is very helpful to us. 220 | 221 | # Change this option to false to disable reporting. 222 | grafana_analytics_reporting_enabled: "true" 223 | 224 | # Google Analytics universal tracking code, only enabled if you specify an id here 225 | grafana_analytics_google_analytics_ua_id: "" 226 | 227 | grafana_analytics: 228 | reporting_enabled: "{{ grafana_analytics_reporting_enabled }}" 229 | google_analytics_ua_id: "{{ grafana_analytics_google_analytics_ua_id }}" 230 | 231 | 232 | # Default admin user, created on startup 233 | grafana_security_admin_user: admin 234 | 235 | # Default admin password, can be changed before first start of grafana, or in profile settings 236 | grafana_security_admin_password: admin 237 | 238 | # Used for signing 239 | grafana_security_secret_key: SW2YcwTIb9zpOOhoPsMm 240 | 241 | # Auto-login remember days 242 | grafana_security_login_remember_days: 7 243 | grafana_security_cookie_username: grafana_user 244 | grafana_security_cookie_remember_name: grafana_remember 245 | 246 | grafana_security: 247 | admin_user: "{{ grafana_security_admin_user }}" 248 | admin_password: "{{ grafana_security_admin_password }}" 249 | secret_key: "{{ grafana_security_secret_key }}" 250 | login_remember_days: "{{ grafana_security_login_remember_days }}" 251 | cookie_username: "{{ grafana_security_cookie_username }}" 252 | cookie_remember_name: "{{ grafana_security_cookie_remember_name }}" 253 | 254 | 255 | # Disable user signup / registration 256 | grafana_users_allow_sign_up: "true" 257 | 258 | # Allow non admin users to create organizations 259 | grafana_users_allow_org_create: "true" 260 | 261 | # Set to true to automatically assign new users to the default organization (id 1) 262 | grafana_users_auto_assign_org: "true" 263 | 264 | # Default role new users will be automatically assigned (if disabled above is set to true) 265 | grafana_users_auto_assign_org_role: Viewer 266 | 267 | grafana_users: 268 | allow_sign_up: "{{ grafana_users_allow_sign_up }}" 269 | allow_org_create: "{{ grafana_users_allow_org_create }}" 270 | auto_assign_org: "{{ grafana_users_auto_assign_org }}" 271 | auto_assign_org_role: "{{ grafana_users_auto_assign_org_role }}" 272 | 273 | 274 | # Enable anonymous access 275 | grafana_auth__anonymous_enabled: "false" 276 | 277 | # Specify organization name that should be used for unauthenticated users 278 | grafana_auth__anonymous_org_name: Main Org. 279 | 280 | # Specify role for unauthenticated users 281 | grafana_auth__anonymous_org_role: Viewer 282 | 283 | grafana_auth__anonymous: 284 | enabled: "{{ grafana_auth__anonymous_enabled }}" 285 | org_name: "{{ grafana_auth__anonymous_org_name }}" 286 | org_role: "{{ grafana_auth__anonymous_org_role }}" 287 | 288 | 289 | grafana_auth__github_enabled: "false" 290 | grafana_auth__github_client_id: some_id 291 | grafana_auth__github_client_secret: some_secret 292 | grafana_auth__github_scopes: user:email 293 | grafana_auth__github_auth_url: https://github.com/login/oauth/authorize 294 | grafana_auth__github_token_url: https://github.com/login/oauth/access_token 295 | grafana_auth__github_api_url: https://api.github.com/user 296 | grafana_auth__github_allowed_domains: "" 297 | grafana_auth__github_allow_sign_up: "false" 298 | 299 | grafana_auth__github: 300 | enabled: "{{ grafana_auth__github_enabled }}" 301 | client_id: "{{ grafana_auth__github_client_id }}" 302 | client_secret: "{{ grafana_auth__github_client_secret }}" 303 | scopes: "{{ grafana_auth__github_scopes }}" 304 | auth_url: "{{ grafana_auth__github_auth_url }}" 305 | token_url: "{{ grafana_auth__github_token_url }}" 306 | api_url: "{{ grafana_auth__github_api_url }}" 307 | allowed_domains: "{{ grafana_auth__github_allowed_domains }}" 308 | allow_sign_up: "{{ grafana_auth__github_allow_sign_up }}" 309 | 310 | 311 | grafana_auth__google_enabled: "false" 312 | grafana_auth__google_client_id: some_client_id 313 | grafana_auth__google_client_secret: some_client_secret 314 | grafana_auth__google_scopes: https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email 315 | grafana_auth__google_auth_url: https://accounts.google.com/o/oauth2/auth 316 | grafana_auth__google_token_url: https://accounts.google.com/o/oauth2/token 317 | grafana_auth__google_api_url: https://www.googleapis.com/oauth2/v1/userinfo 318 | grafana_auth__google_allowed_domains: "" 319 | grafana_auth__google_allow_sign_up: "false" 320 | 321 | grafana_auth__google: 322 | enabled: "{{ grafana_auth__google_enabled }}" 323 | client_id: "{{ grafana_auth__google_client_id }}" 324 | client_secret: "{{ grafana_auth__google_client_secret }}" 325 | scopes: "{{ grafana_auth__google_scopes }}" 326 | auth_url: "{{ grafana_auth__google_auth_url }}" 327 | token_url: "{{ grafana_auth__google_token_url }}" 328 | api_url: "{{ grafana_auth__google_api_url }}" 329 | allowed_domains: "{{ grafana_auth__google_allowed_domains }}" 330 | allow_sign_up: "{{ grafana_auth__google_allow_sign_up }}" 331 | 332 | 333 | # Either "console", "file", default is "console" 334 | # Use comma to separate multiple modes, e.g. "console, file" 335 | grafana_log_mode: console 336 | 337 | # Buffer length of channel, keep it as it is if you don't know what it is. 338 | grafana_log_buffer_len: 10000 339 | 340 | # Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" 341 | grafana_log_level: Info 342 | 343 | grafana_log: 344 | mode: "{{ grafana_log_mode }}" 345 | buffer_len: "{{ grafana_log_buffer_len }}" 346 | level: "{{ grafana_log_level }}" 347 | 348 | 349 | # Log level for "console" mode only 350 | grafana_log__console_level: "" 351 | 352 | grafana_log__console: 353 | level: "{{ grafana_log__console_level }}" 354 | 355 | 356 | # Log level for "file" mode only 357 | grafana_log__file_level: "" 358 | 359 | # This enables automated log rotate(switch of following options), default is true 360 | grafana_log__file_log_rotate: "true" 361 | 362 | # Max line number of single file, default is 1000000 363 | grafana_log__file_max_lines: 1000000 364 | 365 | # Max size shift of single file, default is 28 means 1 << 28, 256MB 366 | grafana_log__file_max_lines_shift: 28 367 | 368 | # Segment log daily, default is true 369 | grafana_log__file_daily_rotate: "true" 370 | 371 | # Expired days of log file(delete after max days), default is 7 372 | grafana_log__file_max_days: 7 373 | 374 | grafana_log__file: 375 | level: "{{ grafana_log__file_level }}" 376 | log_rotate: "{{ grafana_log__file_log_rotate }}" 377 | max_lines: "{{ grafana_log__file_max_lines }}" 378 | max_lines_shift: "{{ grafana_log__file_max_lines_shift }}" 379 | daily_rotate: "{{ grafana_log__file_daily_rotate }}" 380 | max_days: "{{ grafana_log__file_max_days }}" 381 | 382 | 383 | grafana_event_publisher_enabled: "false" 384 | grafana_event_publisher_rabbitmq_url: amqp://localhost/ 385 | grafana_event_publisher_exchange: grafana_events 386 | 387 | grafana_event_publisher: 388 | enabled: "{{ grafana_event_publisher_enabled }}" 389 | rabbitmq_url: "{{ grafana_event_publisher_rabbitmq_url }}" 390 | exchange: "{{ grafana_event_publisher_exchange }}" 391 | 392 | 393 | grafana_config: 394 | app_mode: "{{ grafana_app_mode }}" 395 | paths: "{{ grafana_paths }}" 396 | server: "{{ grafana_server }}" 397 | database: "{{ grafana_database }}" 398 | session: "{{ grafana_session }}" 399 | analytics: "{{ grafana_analytics }}" 400 | security: "{{ grafana_security }}" 401 | users: "{{ grafana_users }}" 402 | auth.anonymous: "{{ grafana_auth__anonymous }}" 403 | auth.github: "{{ grafana_auth__github }}" 404 | auth.google: "{{ grafana_auth__google }}" 405 | log: "{{ grafana_log }}" 406 | log.console: "{{ grafana_log__console }}" 407 | log.file: "{{ grafana_log__file }}" 408 | event_publisher: "{{ grafana_event_publisher }}" 409 | ``` 410 | 411 | 412 | Dependencies 413 | ------------ 414 | 415 | * [`yumrepo`](https://github.com/picotrading/ansible-yumrepo) role 416 | 417 | 418 | License 419 | ------- 420 | 421 | MIT 422 | 423 | 424 | Author 425 | ------ 426 | 427 | Jiri Tyr 428 | -------------------------------------------------------------------------------- /defaults/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # Package to be installed (you can force a specific version here) 4 | grafana_pkg: grafana 5 | 6 | # Allow grafana to bind to TCP port <1024 7 | grafana_allow_low_port: false 8 | 9 | 10 | # Default environment 11 | grafana_app_mode: production 12 | 13 | 14 | # Default data path 15 | grafana_paths_data: /var/lib/grafana 16 | 17 | # Default logs path 18 | grafana_paths_logs: /var/log/grafana 19 | 20 | grafana_paths: 21 | data: "{{ grafana_paths_data }}" 22 | logs: "{{ grafana_paths_logs }}" 23 | 24 | 25 | # Protocol (http or https) 26 | grafana_server_protocol: http 27 | 28 | # The ip address to bind to, empty will bind to all interfaces 29 | grafana_server_http_addr: "" 30 | 31 | # The http port to use 32 | grafana_server_http_port: 3000 33 | 34 | # The public facing domain name used to access grafana from a browser 35 | grafana_server_domain: localhost 36 | 37 | # The full public facing url 38 | grafana_server_root_url: "%(protocol)s://%(domain)s:%(http_port)s/" 39 | grafana_server_router_logging: "false" 40 | 41 | # The path relative to the binary where the static (html/js/css) files are placed 42 | grafana_server_static_root_path: public 43 | 44 | # Enable gzip 45 | grafana_server_enable_gzip: "false" 46 | 47 | # SSL cert & key file if grafana_server_protocol is https 48 | grafana_server_cert_file: "" 49 | grafana_server_cert_key: "" 50 | 51 | grafana_server: 52 | protocol: "{{ grafana_server_protocol }}" 53 | http_addr: "{{ grafana_server_http_addr }}" 54 | http_port: "{{ grafana_server_http_port }}" 55 | domain: "{{ grafana_server_domain }}" 56 | root_url: "{{ grafana_server_root_url }}" 57 | router_logging: "{{ grafana_server_router_logging }}" 58 | static_root_path: "{{ grafana_server_static_root_path }}" 59 | enable_gzip: "{{ grafana_server_enable_gzip }}" 60 | cert_file: "{{ grafana_server_cert_file }}" 61 | cert_key: "{{ grafana_server_cert_key }}" 62 | 63 | 64 | # Either "mysql", "postgres" or "sqlite3", it's your choice 65 | grafana_database_type: sqlite3 66 | grafana_database_host: 127.0.0.1:3306 67 | grafana_database_name: grafana 68 | grafana_database_user: root 69 | grafana_database_password: "" 70 | 71 | # For "postgres" only, either "disable", "require" or "verify-full" 72 | grafana_database_ssl_mode: disable 73 | 74 | # For "sqlite3" only, path relative to data_path setting 75 | grafana_database_path: grafana.db 76 | 77 | grafana_database: 78 | type: "{{ grafana_database_type }}" 79 | host: "{{ grafana_database_host }}" 80 | name: "{{ grafana_database_name }}" 81 | user: "{{ grafana_database_user }}" 82 | password: "{{ grafana_database_password }}" 83 | ssl_mode: "{{ grafana_database_ssl_mode }}" 84 | path: "{{ grafana_database_path }}" 85 | 86 | 87 | # Either "memory", "file", "redis", "mysql", default is "memory" 88 | grafana_session_provider: file 89 | 90 | # Provider config options 91 | # memory: not have any config yet 92 | # file: session dir path, is relative to grafana data_path 93 | # redis: config like redis server addr, poolSize, password, e.g. `127.0.0.1:6379,100,grafana` 94 | # mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1)/database_name` 95 | grafana_session_provider_config: sessions 96 | 97 | # Session cookie name 98 | grafana_session_cookie_name: grafana_sess 99 | 100 | # If you use session in https only, default is false 101 | grafana_session_cookie_secure: "false" 102 | 103 | # Session life time, default is 86400 104 | grafana_session_session_life_time: 86400 105 | 106 | grafana_session: 107 | provider: "{{ grafana_session_provider }}" 108 | provider_config: "{{ grafana_session_provider_config }}" 109 | cookie_name: "{{ grafana_session_cookie_name }}" 110 | cookie_secure: "{{ grafana_session_cookie_secure }}" 111 | session_life_time: "{{ grafana_session_session_life_time }}" 112 | 113 | 114 | # Server reporting, sends usage counters to stats.grafana.org every 24 hours. 115 | # No ip addresses are being tracked, only simple counters to track 116 | # running instances, dashboard and error counts. It is very helpful to us. 117 | 118 | # Change this option to false to disable reporting. 119 | grafana_analytics_reporting_enabled: "true" 120 | 121 | # Google Analytics universal tracking code, only enabled if you specify an id here 122 | grafana_analytics_google_analytics_ua_id: "" 123 | 124 | grafana_analytics: 125 | reporting_enabled: "{{ grafana_analytics_reporting_enabled }}" 126 | google_analytics_ua_id: "{{ grafana_analytics_google_analytics_ua_id }}" 127 | 128 | 129 | # Default admin user, created on startup 130 | grafana_security_admin_user: admin 131 | 132 | # Default admin password, can be changed before first start of grafana, or in profile settings 133 | grafana_security_admin_password: admin 134 | 135 | # Used for signing 136 | grafana_security_secret_key: SW2YcwTIb9zpOOhoPsMm 137 | 138 | # Auto-login remember days 139 | grafana_security_login_remember_days: 7 140 | grafana_security_cookie_username: grafana_user 141 | grafana_security_cookie_remember_name: grafana_remember 142 | 143 | grafana_security: 144 | admin_user: "{{ grafana_security_admin_user }}" 145 | admin_password: "{{ grafana_security_admin_password }}" 146 | secret_key: "{{ grafana_security_secret_key }}" 147 | login_remember_days: "{{ grafana_security_login_remember_days }}" 148 | cookie_username: "{{ grafana_security_cookie_username }}" 149 | cookie_remember_name: "{{ grafana_security_cookie_remember_name }}" 150 | 151 | 152 | # Disable user signup / registration 153 | grafana_users_allow_sign_up: "true" 154 | 155 | # Allow non admin users to create organizations 156 | grafana_users_allow_org_create: "true" 157 | 158 | # Set to true to automatically assign new users to the default organization (id 1) 159 | grafana_users_auto_assign_org: "true" 160 | 161 | # Default role new users will be automatically assigned (if disabled above is set to true) 162 | grafana_users_auto_assign_org_role: Viewer 163 | 164 | grafana_users: 165 | allow_sign_up: "{{ grafana_users_allow_sign_up }}" 166 | allow_org_create: "{{ grafana_users_allow_org_create }}" 167 | auto_assign_org: "{{ grafana_users_auto_assign_org }}" 168 | auto_assign_org_role: "{{ grafana_users_auto_assign_org_role }}" 169 | 170 | 171 | # Enable anonymous access 172 | grafana_auth__anonymous_enabled: "false" 173 | 174 | # Specify organization name that should be used for unauthenticated users 175 | grafana_auth__anonymous_org_name: Main Org. 176 | 177 | # Specify role for unauthenticated users 178 | grafana_auth__anonymous_org_role: Viewer 179 | 180 | grafana_auth__anonymous: 181 | enabled: "{{ grafana_auth__anonymous_enabled }}" 182 | org_name: "{{ grafana_auth__anonymous_org_name }}" 183 | org_role: "{{ grafana_auth__anonymous_org_role }}" 184 | 185 | 186 | grafana_auth__github_enabled: "false" 187 | grafana_auth__github_client_id: some_id 188 | grafana_auth__github_client_secret: some_secret 189 | grafana_auth__github_scopes: user:email 190 | grafana_auth__github_auth_url: https://github.com/login/oauth/authorize 191 | grafana_auth__github_token_url: https://github.com/login/oauth/access_token 192 | grafana_auth__github_api_url: https://api.github.com/user 193 | grafana_auth__github_allowed_domains: "" 194 | grafana_auth__github_allow_sign_up: "false" 195 | 196 | grafana_auth__github: 197 | enabled: "{{ grafana_auth__github_enabled }}" 198 | client_id: "{{ grafana_auth__github_client_id }}" 199 | client_secret: "{{ grafana_auth__github_client_secret }}" 200 | scopes: "{{ grafana_auth__github_scopes }}" 201 | auth_url: "{{ grafana_auth__github_auth_url }}" 202 | token_url: "{{ grafana_auth__github_token_url }}" 203 | api_url: "{{ grafana_auth__github_api_url }}" 204 | allowed_domains: "{{ grafana_auth__github_allowed_domains }}" 205 | allow_sign_up: "{{ grafana_auth__github_allow_sign_up }}" 206 | 207 | 208 | grafana_auth__google_enabled: "false" 209 | grafana_auth__google_client_id: some_client_id 210 | grafana_auth__google_client_secret: some_client_secret 211 | grafana_auth__google_scopes: https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email 212 | grafana_auth__google_auth_url: https://accounts.google.com/o/oauth2/auth 213 | grafana_auth__google_token_url: https://accounts.google.com/o/oauth2/token 214 | grafana_auth__google_api_url: https://www.googleapis.com/oauth2/v1/userinfo 215 | grafana_auth__google_allowed_domains: "" 216 | grafana_auth__google_allow_sign_up: "false" 217 | 218 | grafana_auth__google: 219 | enabled: "{{ grafana_auth__google_enabled }}" 220 | client_id: "{{ grafana_auth__google_client_id }}" 221 | client_secret: "{{ grafana_auth__google_client_secret }}" 222 | scopes: "{{ grafana_auth__google_scopes }}" 223 | auth_url: "{{ grafana_auth__google_auth_url }}" 224 | token_url: "{{ grafana_auth__google_token_url }}" 225 | api_url: "{{ grafana_auth__google_api_url }}" 226 | allowed_domains: "{{ grafana_auth__google_allowed_domains }}" 227 | allow_sign_up: "{{ grafana_auth__google_allow_sign_up }}" 228 | 229 | 230 | # Either "console", "file" 231 | # Use comma to separate multiple modes, e.g. "console, file" 232 | grafana_log_mode: console, file 233 | 234 | # Buffer length of channel, keep it as it is if you don't know what it is. 235 | grafana_log_buffer_len: 10000 236 | 237 | # Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" 238 | grafana_log_level: Trace 239 | 240 | grafana_log: 241 | mode: "{{ grafana_log_mode }}" 242 | buffer_len: "{{ grafana_log_buffer_len }}" 243 | level: "{{ grafana_log_level }}" 244 | 245 | 246 | # Log level for "console" mode only 247 | grafana_log__console_level: "" 248 | 249 | grafana_log__console: 250 | level: "{{ grafana_log__console_level }}" 251 | 252 | 253 | # Log level for "file" mode only 254 | grafana_log__file_level: "" 255 | 256 | # This enables automated log rotate(switch of following options), default is true 257 | grafana_log__file_log_rotate: "true" 258 | 259 | # Max line number of single file, default is 1000000 260 | grafana_log__file_max_lines: 1000000 261 | 262 | # Max size shift of single file, default is 28 means 1 << 28, 256MB 263 | grafana_log__file_max_lines_shift: 28 264 | 265 | # Segment log daily, default is true 266 | grafana_log__file_daily_rotate: "true" 267 | 268 | # Expired days of log file(delete after max days), default is 7 269 | grafana_log__file_max_days: 7 270 | 271 | grafana_log__file: 272 | level: "{{ grafana_log__file_level }}" 273 | log_rotate: "{{ grafana_log__file_log_rotate }}" 274 | max_lines: "{{ grafana_log__file_max_lines }}" 275 | max_lines_shift: "{{ grafana_log__file_max_lines_shift }}" 276 | daily_rotate: "{{ grafana_log__file_daily_rotate }}" 277 | max_days: "{{ grafana_log__file_max_days }}" 278 | 279 | 280 | grafana_event_publisher_enabled: "false" 281 | grafana_event_publisher_rabbitmq_url: amqp://localhost/ 282 | grafana_event_publisher_exchange: grafana_events 283 | 284 | grafana_event_publisher: 285 | enabled: "{{ grafana_event_publisher_enabled }}" 286 | rabbitmq_url: "{{ grafana_event_publisher_rabbitmq_url }}" 287 | exchange: "{{ grafana_event_publisher_exchange }}" 288 | 289 | 290 | grafana_config: 291 | app_mode: "{{ grafana_app_mode }}" 292 | paths: "{{ grafana_paths }}" 293 | server: "{{ grafana_server }}" 294 | database: "{{ grafana_database }}" 295 | session: "{{ grafana_session }}" 296 | analytics: "{{ grafana_analytics }}" 297 | security: "{{ grafana_security }}" 298 | users: "{{ grafana_users }}" 299 | auth.anonymous: "{{ grafana_auth__anonymous }}" 300 | auth.github: "{{ grafana_auth__github }}" 301 | auth.google: "{{ grafana_auth__google }}" 302 | log: "{{ grafana_log }}" 303 | log.console: "{{ grafana_log__console }}" 304 | log.file: "{{ grafana_log__file }}" 305 | event_publisher: "{{ grafana_event_publisher }}" 306 | 307 | grafana_apt_repo: deb https://packagecloud.io/grafana/stable/debian/ wheezy main 308 | -------------------------------------------------------------------------------- /handlers/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart grafana 4 | service: 5 | name: grafana-server 6 | state: restarted 7 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | galaxy_info: 4 | author: Jiri Tyr 5 | description: Role to install and configure Grafana 6 | license: MIT 7 | min_ansible_version: 1.9 8 | platforms: 9 | - name: EL 10 | versions: 11 | - all 12 | categories: 13 | - system 14 | dependencies: [] 15 | -------------------------------------------------------------------------------- /tasks/apt.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install package cloud gpg key 3 | apt_key: url=https://packagecloud.io/gpg.key state=present 4 | 5 | - name: Add apt repository 6 | apt_repository: 7 | repo: 'deb https://packagecloud.io/grafana/stable/debian/ wheezy main' 8 | state: present 9 | 10 | - name: Install Grafana package 11 | apt: 12 | name: "{{ grafana_pkg }}" 13 | state: present 14 | notify: 15 | - Restart grafana 16 | -------------------------------------------------------------------------------- /tasks/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: yum.yaml 4 | when: ansible_pkg_mgr == "yum" 5 | tags: 6 | - grafana_pkg 7 | 8 | - include: apt.yaml 9 | when: ansible_pkg_mgr == "apt" 10 | tags: 11 | - grafana_pkg 12 | 13 | - name: Configure Grafana 14 | template: 15 | src: grafana.ini.j2 16 | dest: /etc/grafana/grafana.ini 17 | notify: 18 | - Restart grafana 19 | tags: 20 | - grafana_config 21 | 22 | - name: Check if the binary can bind to TCP port <1024 23 | shell: getcap /usr/sbin/grafana-server | grep cap_net_bind_service 24 | register: grafana_bind_cap 25 | failed_when: False 26 | changed_when: False 27 | when: grafana_allow_low_port 28 | tags: 29 | - grafana_config 30 | 31 | - name: Set capability on the binary file to be able to bind to TCP port <1024 32 | shell: setcap 'cap_net_bind_service=+ep' /usr/sbin/grafana-server 33 | when: grafana_allow_low_port and grafana_bind_cap.rc > 0 34 | notify: 35 | - Restart grafana 36 | tags: 37 | - grafana_config 38 | 39 | - name: Make sure grafana service is enabled and running 40 | service: 41 | name: grafana-server 42 | enabled: yes 43 | state: running 44 | -------------------------------------------------------------------------------- /tasks/yum.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Grafana package for RedHat 3 | yum: 4 | name: "{{ grafana_pkg }}" 5 | state: present 6 | notify: 7 | - Restart grafana 8 | -------------------------------------------------------------------------------- /templates/grafana.ini.j2: -------------------------------------------------------------------------------- 1 | # 2 | # This file is managed by Ansible. 3 | # Do not edit this file manually. 4 | # Any changes will be automatically reverted. 5 | # 6 | 7 | {% from "templates/encoder/macros/ini_encode_macro.j2" import ini_encode with context -%} 8 | 9 | {{ ini_encode(grafana_config, delimiter=" = ") }} 10 | --------------------------------------------------------------------------------