From 12de7d27783b0d0e0be42571a0f17c6c5315a02a Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 20 Dec 2021 11:37:05 +0100 Subject: [PATCH] Remove grafana --- docker-compose.yml | 11 -------- grafana/Dockerfile | 19 -------------- grafana/ldap.toml | 62 ---------------------------------------------- 3 files changed, 92 deletions(-) delete mode 100644 grafana/Dockerfile delete mode 100644 grafana/ldap.toml diff --git a/docker-compose.yml b/docker-compose.yml index 19fae4f..3709a47 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -20,17 +20,6 @@ services: ports: - 8081:3000 - grafana: - build: grafana - restart: always - environment: - ENV_PASSWORD: "${GRAFANA_LDAP_PASSWORD}" - GF_DATABASE_PASSWORD: "${GRAFANA_DB_PASSWORD}" - volumes: - - ./grafana_data:/var/lib/grafana - ports: - - 8082:3000 - privatebin: image: privatebin/nginx-fpm-alpine:1.3.4 restart: always diff --git a/grafana/Dockerfile b/grafana/Dockerfile deleted file mode 100644 index 034c6c0..0000000 --- a/grafana/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM grafana/grafana:8.0.0 - -ENV GF_SERVER_ROOT_URL=https://grafana.auro.re -ENV GF_SESSION_COOKIE_SECURE=true -ENV GF_ANALYTICS_REPORTING_ENABLED=false -ENV GF_SNAPSHOTS_EXTERNAL_ENABLED=false -ENV GF_USERS_ALLOW_SIGN_UP=false -ENV GF_USERS_ALLOW_ORG_CREATE=false -ENV GF_AUTH_BASIC_ENABLED=false -ENV GF_AUTH_LDAP_ENABLED=true -ENV GF_AUTH_LDAP_CONFIG_FILE=/etc/grafana/ldap.toml -ENV GF_DATABASE_TYPE=postgres -ENV GF_DATABASE_HOST=10.128.0.96 -ENV GF_DATABASE_USER=grafana -ENV GF_DATABASE_NAME=grafana -ENV GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION=true -ENV GF_DISABLE_GRAVATAR=true - -COPY ldap.toml /etc/grafana/ldap.toml diff --git a/grafana/ldap.toml b/grafana/ldap.toml deleted file mode 100644 index 2885cac..0000000 --- a/grafana/ldap.toml +++ /dev/null @@ -1,62 +0,0 @@ -# To troubleshoot and get more log info enable ldap debug logging in grafana.ini -# [log] -# filters = ldap:debug - -[[servers]] -# Ldap server host (specify multiple hosts space separated) -host = "re2o-ldap.adm.auro.re ldap-replica-ovh.adm.auro.re 10.128.0.21 10.128.0.149" -# Default port is 389 or 636 if use_ssl = true -port = 389 -# Set to true if ldap server supports TLS -use_ssl = false -# Set to true if connect ldap server with STARTTLS pattern (create connection in insecure, then upgrade to secure connection with TLS) -start_tls = false -# set to true if you want to skip ssl cert validation -ssl_skip_verify = false -# set to the path to your root CA certificate or leave unset to use system defaults -# root_ca_cert = "/path/to/certificate.crt" -# Authentication against LDAP servers requiring client certificates -# client_cert = "/path/to/client.crt" -# client_key = "/path/to/client.key" - -# Search user bind dn -bind_dn = "cn=grafana,ou=service-users,dc=auro,dc=re" -# Search user bind password -# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;""" -bind_password = '${ENV_PASSWORD}' - -# User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)" -search_filter = "(cn=%s)" - -# An array of base dns to search through -search_base_dns = ["cn=Utilisateurs,dc=auro,dc=re"] - -## For Posix or LDAP setups that does not support member_of attribute you can define the below settings -## Please check grafana LDAP docs for examples -group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))" -group_search_base_dns = ["ou=posix,ou=groups,dc=auro,dc=re"] -group_search_filter_user_attribute = "cn" - -# Specify names of the ldap attributes your ldap uses -[servers.attributes] -name = "sn" -surname = "" -username = "cn" -member_of = "dn" -email = "mail" - -# Mapping pour les Responsables Techniques -[[servers.group_mappings]] -group_dn = "cn=sudoldap,ou=posix,ou=groups,dc=auro,dc=re" -org_role = "Admin" - -# Mapping pour les techniciens (Apprentis) -[[servers.group_mappings]] -group_dn = "cn=technicien,ou=posix,ou=groups,dc=auro,dc=re" -org_role = "Editor" - -# Mapping pour les adhérents -[[servers.group_mappings]] -# If you want to match all (or no ldap groups) then you can use wildcard -group_dn = "*" -org_role = "Viewer"