From 06c1005560a8cf83c2963b8d76f84dbfe683015f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A1szl=C3=B3=20Szalma?= Date: Fri, 15 Sep 2017 10:54:45 +0200 Subject: [PATCH] adding users from list --- README.md | 4 ++++ defaults/main.yml | 4 ++++ tasks/grafana.yml | 4 ++++ tasks/users.yml | 21 +++++++++++++++++++++ templates/grafana.ini.j2 | 2 ++ 5 files changed, 35 insertions(+) create mode 100644 tasks/users.yml diff --git a/README.md b/README.md index 61ec1ba..72f7033 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,7 @@ grafana_protocol: http grafana_http_addr: 0.0.0.0 # The ip address to bind to grafana_http_port: 3000 # The http port to use grafana_domain: localhost # The public facing domain name used to access grafana from a browser +grafana_api_base_url: "http://{{ grafana_domain }}" grafana_enforce_domain: false grafana_root_url: "%(protocol)s://%(domain)s:%(http_port)s/" grafana_router_logging: false # Log web requests @@ -159,6 +160,9 @@ grafana_nginx_ssl_key: "" grafana_nginx_ssl_redirect: "{{grafana_nginx_ssl}}" grafana_nginx_port: 80 +# Grafana users (add using api) +grafana_users: [] # list of dict with format: {username: 'user1', password: 'pass1'} + ``` #### Usage diff --git a/defaults/main.yml b/defaults/main.yml index 210d128..4189e79 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -19,6 +19,7 @@ grafana_protocol: http grafana_http_addr: 0.0.0.0 # The ip address to bind to grafana_http_port: 3000 # The http port to use grafana_domain: localhost # The public facing domain name used to access grafana from a browser +grafana_api_base_url: "http://{{ grafana_domain }}" grafana_enforce_domain: false grafana_root_url: "%(protocol)s://%(domain)s:%(http_port)s/" grafana_router_logging: false # Log web requests @@ -145,4 +146,7 @@ grafana_nginx_ssl_key: "" grafana_nginx_ssl_redirect: "{{grafana_nginx_ssl}}" grafana_nginx_port: 80 +# Grafana users (add using api) +grafana_users: [] # list of dict with format: {username: 'user1', password: 'pass1'} + # vim:sw=2 diff --git a/tasks/grafana.yml b/tasks/grafana.yml index 12544bf..8a05a87 100644 --- a/tasks/grafana.yml +++ b/tasks/grafana.yml @@ -6,3 +6,7 @@ - include: configure.yml tags: [grafana, grafana-configure] + +- include: users.yml + tags: [grafana, grafana-users] + when: grafana_users|length > 0 diff --git a/tasks/users.yml b/tasks/users.yml new file mode 100644 index 0000000..778d2a4 --- /dev/null +++ b/tasks/users.yml @@ -0,0 +1,21 @@ +--- + +# if admin user is set up in this run, we depend on application run with recent config +- meta: flush_handlers + +- name: Add users using API + uri: + url: "{{ grafana_api_base_url }}/api/admin/users" + method: POST + body_format: json + # can't use api-key for this at the moment: http://docs.grafana.org/http_api/admin/ + force_basic_auth: true + user: "{{ grafana_admin_user }}" + password: "{{ grafana_admin_password }}" + body: + name: "{{ item.username }}" + #email: "{{ item.username }}@domain" # not mandatory, users will have email = name in this case + login: "{{ item.username }}" + password: "{{ item.password }}" + status_code: 200,500 # existing users are not checked, inserting existing user causing 500 internal server error + with_items: "{{ grafana_users }}" diff --git a/templates/grafana.ini.j2 b/templates/grafana.ini.j2 index 1a46efa..449ecba 100644 --- a/templates/grafana.ini.j2 +++ b/templates/grafana.ini.j2 @@ -113,12 +113,14 @@ google_analytics_ua_id = {{ grafana_google_analytics_ua_id }} #################################### Security #################################### [security] +{% if grafana_admin_user and grafana_admin_password %} # default admin user, created on startup admin_user = {{ grafana_admin_user }} # default admin password, can be changed before first start of grafana, or in profile settings admin_password = {{ grafana_admin_password }} +{% endif %} # used for signing secret_key = {{ grafana_secret_key }}