75 lines
1.7 KiB
YAML
75 lines
1.7 KiB
YAML
---
|
|
- name: Install APT HTTPS support
|
|
apt:
|
|
name: apt-transport-https
|
|
state: present
|
|
update_cache: true
|
|
|
|
- name: Import Grafana GPG signing key
|
|
apt_key:
|
|
url: https://packages.grafana.com/gpg.key
|
|
state: present
|
|
validate_certs: false
|
|
|
|
- name: Add Grafana repository
|
|
apt_repository:
|
|
repo: deb https://packages.grafana.com/oss/deb stable main
|
|
state: present
|
|
update_cache: true
|
|
|
|
- name: Install Grafana
|
|
apt:
|
|
name: grafana
|
|
state: present
|
|
|
|
- name: Configure Grafana
|
|
ini_file:
|
|
path: /etc/grafana/grafana.ini
|
|
section: "{{ item.section }}"
|
|
option: "{{ item.option }}"
|
|
value: "{{ item.value }}"
|
|
mode: 640
|
|
loop:
|
|
- section: server
|
|
option: root_url
|
|
value: https://grafana.crans.org # TODO put var in playbook
|
|
- section: session # This will break with HTTPS
|
|
option: cookie_secure
|
|
value: "true"
|
|
- section: analytics
|
|
option: reporting_enabled
|
|
value: "false"
|
|
- section: snapshots
|
|
option: external_enabled
|
|
value: "false"
|
|
- section: users
|
|
option: allow_sign_up
|
|
value: "false"
|
|
- section: users
|
|
option: allow_org_create
|
|
value: "false"
|
|
- section: auth.basic # Only LDAP auth
|
|
option: enabled
|
|
value: "false"
|
|
- section: auth.ldap
|
|
option: enabled
|
|
value: "true"
|
|
- section: auth.ldap # We don't want registration
|
|
option: allow_sign_up
|
|
value: "false"
|
|
notify: Restart grafana
|
|
|
|
#- name: Configure Grafana LDAP
|
|
# lineinfile:
|
|
# # TODO
|
|
# loop:
|
|
# # TODO
|
|
# notify: Restart grafana
|
|
|
|
#- name: Enable and start Grafana
|
|
# systemd:
|
|
# name: grafana-server
|
|
# enabled: true
|
|
# state: started
|
|
# daemon_reload: true
|