[feature] GitHub OAuth2

Every one in one of these organisation is viewer:
- epfl-dojo
- epfl-enacit2
- EPFL-IC
- epfl-fsd
- epfl-scitas
- epfl-sdf
- epfl-si
- epfl-sti

and members of https://github.com/orgs/epfl-fsd/teams/noc-grafana-admins 
are Admins.

roles/grafana/templates/grafana/conf/grafana.ini

@@ -27,6 +27,7 @@ allow_sign_up = false
 auto_assign_org = true
 auto_assign_org_role = Viewer
 
+# https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/github/
 [auth.github]
 enabled = true
 allow_sign_up = true
@@ -41,8 +42,15 @@ scopes = user:email,read:org
 auth_url = https://github.com/login/oauth/authorize
 token_url = https://github.com/login/oauth/access_token
 api_url = https://api.github.com/user
-allowed_organizations = epfl-idevfsd epfl-sdf epfl-sti epfl-dojo epfl-enacit2 EPFL-IC epfl-scitas epfl-si
+# allowed_organizations as viewers. Most important are epfl-si and epfl-fsd
+allowed_organizations = epfl-dojo epfl-enacit2 EPFL-IC epfl-fsd epfl-scitas epfl-sdf epfl-si epfl-sti
 ;team_ids =
+# https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/github/#map-roles
+# Mapped on https://github.com/orgs/epfl-fsd/teams/noc-grafana-admins
+role_attribute_path = contains(groups[*], '@epfl-fsd/noc-grafana-admins') && 'Admin' || 'Viewer'
+;role_attribute_path = [login==ponsfrilus] && 'Admin' || 'Viewer'
+allow_assign_grafana_admin = true
+skip_org_role_sync = false
 
 # https://grafana.com/docs/grafana/next/alerting/unified-alerting/opt-in/
 # https://grafana.com/docs/grafana/next/administration/configuration/#alerting
@@ -409,9 +417,11 @@ log_queries =
 
 # Either "debug", "info", "warn", "error", "critical", default is "info"
 ;level = info
+level = info
 
 # optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
 ;filters =
+filters = auth.github:debug
 
 # For "console" mode only
 [log.console]