Add grafana playbook and machine #69
2 changed files with 11 additions and 8 deletions
|
@ -15,5 +15,10 @@
|
|||
host: "re2o-ldap.adm.auro.re ldap-replica-ovh.adm.auro.re 10.128.0.21 10.128.0.149"
|
||||
bind_dn: cn=grafana,ou=service-users,dc=auro,dc=re
|
||||
bind_password: "{{ vault_ldap_grafana_password }}"
|
||||
search_base_dns: "cn=Utilisateurs,dc=auro,dc=re"
|
||||
group_search_base_dns: "ou=posix,ou=groups,dc=auro,dc=re"
|
||||
editors_group_dn:
|
||||
- cn=sudoldap,ou=posix,ou=groups,dc=auro,dc=re
|
||||
- cn=technicien,ou=posix,ou=groups,dc=auro,dc=re
|
||||
roles:
|
||||
- grafana
|
||||
|
|
|
@ -30,12 +30,12 @@ bind_password = '{{ grafana.ldap.bind_password }}'
|
|||
search_filter = "(cn=%s)"
|
||||
|
||||
# An array of base dns to search through
|
||||
search_base_dns = ["cn=Utilisateurs,dc=auro,dc=re"]
|
||||
search_base_dns = ["{{ grafana.ldap.search_base_dns }}"]
|
||||
|
||||
## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
|
||||
## Please check grafana LDAP docs for examples
|
||||
group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
|
||||
group_search_base_dns = ["ou=posix,ou=groups,dc=auro,dc=re"]
|
||||
group_search_base_dns = ["{{ grafana.ldap.group_search_base_dns }}"]
|
||||
group_search_filter_user_attribute = "cn"
|
||||
|
||||
# Specify names of the ldap attributes your ldap uses
|
||||
|
@ -46,14 +46,12 @@ username = "cn"
|
|||
member_of = "dn"
|
||||
email = "mail"
|
||||
|
||||
# Editors (RT and technicien)
|
||||
# Editors
|
||||
{% for group_dn in grafana.ldap.editors_group_dn %}
|
||||
[[servers.group_mappings]]
|
||||
group_dn = "cn=sudoldap,ou=posix,ou=groups,dc=auro,dc=re"
|
||||
org_role = "Editor"
|
||||
|
||||
[[servers.group_mappings]]
|
||||
group_dn = "cn=technicien,ou=posix,ou=groups,dc=auro,dc=re"
|
||||
group_dn = "{{ group_dn }}"
|
||||
org_role = "Editor"
|
||||
{% endfor %}
|
||||
|
||||
# Viewers
|
||||
[[servers.group_mappings]]
|
||||
|
|
Loading…
Reference in a new issue