homelab/rke2-single-node
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Füge OAuth-Authentifizierung für Grafana in der Helm-Konfiguration hinzu

Browse Source
This commit is contained in:
Matthias Hinrichs
2026-01-16 11:28:54 +01:00
parent 6638585f9c
commit a412f21102
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
09_homelab_apps/homelab-apps/templates/kube-prometheus-stack.yaml
+13
View File
@@ -20,6 +20,19 @@ spec:
grafana.ini:
server:
root_url: https://grafana.k8s.hnrx.net
auth.generic_oauth:
enabled: true
name: "authentik"
allow_sign_up: true
auto_login: false # Auf true setzen, wenn das Standard-Login-Formular übersprungen werden soll
client_id: "4JtTfw2apna4ZnnXgPH6mnDfLCPoW6qy5fXiC03z"
client_secret: "MI7Fsw22Fl6ruiOhG3Z55F1QhuMoQKzF2GR3qGO3x41encrmubcGeqJc0JpQIKEFiVIUiNXQkQU0FGiaTshEZx5HK8qzPBMz8VbR2gGmcNy7szHkTrBfNsosHDFndvWi" # Am besten via Secret einbinden (siehe unten)
scopes: "openid profile email"
auth_url: "https://auth.hnrx.net/application/o/authorize/"
token_url: "https://auth.hnrx.net/application/o/token/"
api_url: "https://auth.hnrx.net/application/o/userinfo/"
role_attribute_path: "contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"
adminPassword: "DeinSicheresPasswort"
persistence:
enabled: true