From fc0416b49df828269b5793a791c01db940b8c445 Mon Sep 17 00:00:00 2001 From: Infinidoge Date: Thu, 13 Mar 2025 13:07:58 -0400 Subject: [PATCH] fixup! Infini-DL360/grafana: init --- hosts/Infini-DL360/grafana.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/hosts/Infini-DL360/grafana.nix b/hosts/Infini-DL360/grafana.nix index 0597c1c..0cbaece 100644 --- a/hosts/Infini-DL360/grafana.nix +++ b/hosts/Infini-DL360/grafana.nix @@ -14,6 +14,8 @@ in settings = { server = { inherit domain; + root_url = "https://${domain}"; + http_port = 3101; }; security = { admin_email = common.email.withUser "admin"; @@ -21,8 +23,9 @@ in secret_key = secret "secret_key"; }; auth = { - signout_redirect_url = "https://auth.inx.moe/application/o/grafana/end-session"; - auto_login = "authentik"; + signout_redirect_url = "https://auth.inx.moe/application/o/grafana/end-session/"; + auto_login = "generic_oauth"; + disable_login_form = true; }; "auth.anonymous".enabled = true; "auth.basic".enabled = false; @@ -35,7 +38,9 @@ in auth_url = "https://auth.inx.moe/application/o/authorize/"; token_url = "https://auth.inx.moe/application/o/token/"; api_url = "https://auth.inx.moe/application/o/userinfo/"; - role_attribute_path = "contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"; + role_attribute_path = "contains(groups, 'Grafana Superadmins') && 'GrafanaAdmin' || contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"; + role_attribute_strict = true; + allow_assign_grafana_admin = true; }; smtp = with common.email; { user = outgoing;