grafana: move Aurore specific variables out of the role
This commit is contained in:
parent
fdfed1a05a
commit
a791cda652
2 changed files with 11 additions and 8 deletions
|
@ -15,5 +15,10 @@
|
||||||
host: "re2o-ldap.adm.auro.re ldap-replica-ovh.adm.auro.re 10.128.0.21 10.128.0.149"
|
host: "re2o-ldap.adm.auro.re ldap-replica-ovh.adm.auro.re 10.128.0.21 10.128.0.149"
|
||||||
bind_dn: cn=grafana,ou=service-users,dc=auro,dc=re
|
bind_dn: cn=grafana,ou=service-users,dc=auro,dc=re
|
||||||
bind_password: "{{ vault_ldap_grafana_password }}"
|
bind_password: "{{ vault_ldap_grafana_password }}"
|
||||||
|
search_base_dns: "cn=Utilisateurs,dc=auro,dc=re"
|
||||||
|
group_search_base_dns: "ou=posix,ou=groups,dc=auro,dc=re"
|
||||||
|
editors_group_dn:
|
||||||
|
- cn=sudoldap,ou=posix,ou=groups,dc=auro,dc=re
|
||||||
|
- cn=technicien,ou=posix,ou=groups,dc=auro,dc=re
|
||||||
roles:
|
roles:
|
||||||
- grafana
|
- grafana
|
||||||
|
|
|
@ -30,12 +30,12 @@ bind_password = '{{ grafana.ldap.bind_password }}'
|
||||||
search_filter = "(cn=%s)"
|
search_filter = "(cn=%s)"
|
||||||
|
|
||||||
# An array of base dns to search through
|
# An array of base dns to search through
|
||||||
search_base_dns = ["cn=Utilisateurs,dc=auro,dc=re"]
|
search_base_dns = ["{{ grafana.ldap.search_base_dns }}"]
|
||||||
|
|
||||||
## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
|
## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
|
||||||
## Please check grafana LDAP docs for examples
|
## Please check grafana LDAP docs for examples
|
||||||
group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
|
group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
|
||||||
group_search_base_dns = ["ou=posix,ou=groups,dc=auro,dc=re"]
|
group_search_base_dns = ["{{ grafana.ldap.group_search_base_dns }}"]
|
||||||
group_search_filter_user_attribute = "cn"
|
group_search_filter_user_attribute = "cn"
|
||||||
|
|
||||||
# Specify names of the ldap attributes your ldap uses
|
# Specify names of the ldap attributes your ldap uses
|
||||||
|
@ -46,14 +46,12 @@ username = "cn"
|
||||||
member_of = "dn"
|
member_of = "dn"
|
||||||
email = "mail"
|
email = "mail"
|
||||||
|
|
||||||
# Editors (RT and technicien)
|
# Editors
|
||||||
|
{% for group_dn in grafana.ldap.editors_group_dn %}
|
||||||
[[servers.group_mappings]]
|
[[servers.group_mappings]]
|
||||||
group_dn = "cn=sudoldap,ou=posix,ou=groups,dc=auro,dc=re"
|
group_dn = "{{ group_dn }}"
|
||||||
org_role = "Editor"
|
|
||||||
|
|
||||||
[[servers.group_mappings]]
|
|
||||||
group_dn = "cn=technicien,ou=posix,ou=groups,dc=auro,dc=re"
|
|
||||||
org_role = "Editor"
|
org_role = "Editor"
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
# Viewers
|
# Viewers
|
||||||
[[servers.group_mappings]]
|
[[servers.group_mappings]]
|
||||||
|
|
Loading…
Reference in a new issue