grafana.ini.tmpl 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411
  1. #
  2. # /etc/grafana/grafana.ini (salt managed)
  3. #
  4. #
  5. # Everything has defaults so you only need to uncomment things you want to
  6. # change
  7. # possible values : production, development
  8. ; app_mode = production
  9. # instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
  10. ; instance_name = ${HOSTNAME}
  11. #################################### Paths ####################################
  12. [paths]
  13. # Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
  14. #
  15. ;data = /var/lib/grafana
  16. #
  17. # Directory where grafana can store logs
  18. #
  19. ;logs = /var/log/grafana
  20. #
  21. # Directory where grafana will automatically scan and look for plugins
  22. #
  23. ;plugins = /var/lib/grafana/plugins
  24. #
  25. #################################### Server ####################################
  26. [server]
  27. # Protocol (http or https)
  28. protocol = https
  29. # The ip address to bind to, empty will bind to all interfaces
  30. ;http_addr =
  31. # The http port to use
  32. ;http_port = 3000
  33. # The public facing domain name used to access grafana from a browser
  34. domain = {{ grains.id }}
  35. # Redirect to correct domain if host header does not match domain
  36. # Prevents DNS rebinding attacks
  37. ;enforce_domain = false
  38. # The full public facing url you use in browser, used for redirects and emails
  39. # If you use reverse proxy and sub path specify full url (with sub path)
  40. ;root_url = http://localhost:3000
  41. # Log web requests
  42. ;router_logging = false
  43. # the path relative working path
  44. ;static_root_path = public
  45. # enable gzip
  46. ;enable_gzip = false
  47. # https certs & key file
  48. cert_file = "/etc/ssl/certs/{{ grains.id }}.cert.pem"
  49. cert_key = "/etc/ssl/private/{{ grains.id }}.key.pem"
  50. #################################### Database ####################################
  51. [database]
  52. # You can configure the database connection by specifying type, host, name, user and password
  53. # as seperate properties or as on string using the url propertie.
  54. # Either "mysql", "postgres" or "sqlite3", it's your choice
  55. ;type = sqlite3
  56. ;host = 127.0.0.1:3306
  57. ;name = grafana
  58. ;user = root
  59. # If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
  60. ;password =
  61. # Use either URL or the previous fields to configure the database
  62. # Example: mysql://user:secret@host:port/database
  63. ;url =
  64. # For "postgres" only, either "disable", "require" or "verify-full"
  65. ;ssl_mode = disable
  66. # For "sqlite3" only, path relative to data_path setting
  67. ;path = grafana.db
  68. # Max conn setting default is 0 (mean not set)
  69. ;max_conn =
  70. ;max_idle_conn =
  71. ;max_open_conn =
  72. #################################### Session ####################################
  73. [session]
  74. # Either "memory", "file", "redis", "mysql", "postgres", default is "file"
  75. ;provider = file
  76. # Provider config options
  77. # memory: not have any config yet
  78. # file: session dir path, is relative to grafana data_path
  79. # redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana`
  80. # mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name`
  81. # postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable
  82. ;provider_config = sessions
  83. # Session cookie name
  84. ;cookie_name = grafana_sess
  85. # If you use session in https only, default is false
  86. ;cookie_secure = false
  87. # Session life time, default is 86400
  88. ;session_life_time = 86400
  89. #################################### Data proxy ###########################
  90. [dataproxy]
  91. # This enables data proxy logging, default is false
  92. ;logging = false
  93. #################################### Analytics ####################################
  94. [analytics]
  95. # Server reporting, sends usage counters to stats.grafana.org every 24 hours.
  96. # No ip addresses are being tracked, only simple counters to track
  97. # running instances, dashboard and error counts. It is very helpful to us.
  98. # Change this option to false to disable reporting.
  99. reporting_enabled = false
  100. # Set to false to disable all checks to https://grafana.net
  101. # for new vesions (grafana itself and plugins), check is used
  102. # in some UI views to notify that grafana or plugin update exists
  103. # This option does not cause any auto updates, nor send any information
  104. # only a GET request to http://grafana.net to get latest versions
  105. ;check_for_updates = true
  106. # Google Analytics universal tracking code, only enabled if you specify an id here
  107. ;google_analytics_ua_id =
  108. #################################### Security ####################################
  109. [security]
  110. # default admin user, created on startup
  111. admin_user = {{ config.admin_user }}
  112. # default admin password, can be changed before first start of grafana, or in profile settings
  113. admin_password = {{ config.admin_password }}
  114. # used for signing
  115. secret_key = {{ config.secret_key }}
  116. # Auto-login remember days
  117. ;login_remember_days = 7
  118. ;cookie_username = grafana_user
  119. ;cookie_remember_name = grafana_remember
  120. # disable gravatar profile images
  121. ;disable_gravatar = false
  122. # data source proxy whitelist (ip_or_domain:port separated by spaces)
  123. ;data_source_proxy_whitelist =
  124. [snapshots]
  125. # snapshot sharing options
  126. ;external_enabled = true
  127. ;external_snapshot_url = https://snapshots-origin.raintank.io
  128. ;external_snapshot_name = Publish to snapshot.raintank.io
  129. # remove expired snapshot
  130. ;snapshot_remove_expired = true
  131. # remove snapshots after 90 days
  132. ;snapshot_TTL_days = 90
  133. #################################### Users ####################################
  134. [users]
  135. # disable user signup / registration
  136. allow_sign_up = false
  137. # Allow non admin users to create organizations
  138. ;allow_org_create = true
  139. # Set to true to automatically assign new users to the default organization (id 1)
  140. ;auto_assign_org = true
  141. # Default role new users will be automatically assigned (if disabled above is set to true)
  142. ;auto_assign_org_role = Viewer
  143. # Background text for the user field on the login page
  144. login_hint = username
  145. # Default UI theme ("dark" or "light")
  146. ;default_theme = dark
  147. [auth]
  148. # Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
  149. ;disable_login_form = false
  150. #################################### Anonymous Auth ##########################
  151. [auth.anonymous]
  152. # enable anonymous access
  153. enabled = true
  154. # specify organization name that should be used for unauthenticated users
  155. org_name = Freifunk Hochstift
  156. # specify role for unauthenticated users
  157. org_role = Viewer
  158. #################################### Github Auth ##########################
  159. [auth.github]
  160. ;enabled = false
  161. ;allow_sign_up = true
  162. ;client_id = some_id
  163. ;client_secret = some_secret
  164. ;scopes = user:email,read:org
  165. ;auth_url = https://github.com/login/oauth/authorize
  166. ;token_url = https://github.com/login/oauth/access_token
  167. ;api_url = https://api.github.com/user
  168. ;team_ids =
  169. ;allowed_organizations =
  170. #################################### Google Auth ##########################
  171. [auth.google]
  172. ;enabled = false
  173. ;allow_sign_up = true
  174. ;client_id = some_client_id
  175. ;client_secret = some_client_secret
  176. ;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
  177. ;auth_url = https://accounts.google.com/o/oauth2/auth
  178. ;token_url = https://accounts.google.com/o/oauth2/token
  179. ;api_url = https://www.googleapis.com/oauth2/v1/userinfo
  180. ;allowed_domains =
  181. #################################### Generic OAuth ##########################
  182. [auth.generic_oauth]
  183. ;enabled = false
  184. ;name = OAuth
  185. ;allow_sign_up = true
  186. ;client_id = some_id
  187. ;client_secret = some_secret
  188. ;scopes = user:email,read:org
  189. ;auth_url = https://foo.bar/login/oauth/authorize
  190. ;token_url = https://foo.bar/login/oauth/access_token
  191. ;api_url = https://foo.bar/user
  192. ;team_ids =
  193. ;allowed_organizations =
  194. #################################### Grafana.net Auth ####################
  195. [auth.grafananet]
  196. ;enabled = false
  197. ;allow_sign_up = true
  198. ;client_id = some_id
  199. ;client_secret = some_secret
  200. ;scopes = user:email
  201. ;allowed_organizations =
  202. #################################### Auth Proxy ##########################
  203. [auth.proxy]
  204. ;enabled = false
  205. ;header_name = X-WEBAUTH-USER
  206. ;header_property = username
  207. ;auto_sign_up = true
  208. ;ldap_sync_ttl = 60
  209. ;whitelist = 192.168.1.1, 192.168.2.1
  210. #################################### Basic Auth ##########################
  211. [auth.basic]
  212. ;enabled = true
  213. #################################### Auth LDAP ##########################
  214. [auth.ldap]
  215. {%- if 'ldap' in config %}
  216. enabled = true
  217. {%- else %}
  218. enabled = false
  219. {%- endif %}
  220. config_file = /etc/grafana/ldap.toml
  221. allow_sign_up = true
  222. #################################### SMTP / Emailing ##########################
  223. [smtp]
  224. ;enabled = false
  225. ;host = localhost:25
  226. ;user =
  227. # If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
  228. ;password =
  229. ;cert_file =
  230. ;key_file =
  231. ;skip_verify = false
  232. ;from_address = admin@grafana.localhost
  233. ;from_name = Grafana
  234. [emails]
  235. ;welcome_email_on_sign_up = false
  236. #################################### Logging ##########################
  237. [log]
  238. # Either "console", "file", "syslog". Default is console and file
  239. # Use space to separate multiple modes, e.g. "console file"
  240. ;mode = console file
  241. # Either "trace", "debug", "info", "warn", "error", "critical", default is "info"
  242. ;level = info
  243. # optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
  244. ;filters =
  245. # For "console" mode only
  246. [log.console]
  247. ;level =
  248. # log line format, valid options are text, console and json
  249. ;format = console
  250. # For "file" mode only
  251. [log.file]
  252. ;level =
  253. # log line format, valid options are text, console and json
  254. ;format = text
  255. # This enables automated log rotate(switch of following options), default is true
  256. ;log_rotate = true
  257. # Max line number of single file, default is 1000000
  258. ;max_lines = 1000000
  259. # Max size shift of single file, default is 28 means 1 << 28, 256MB
  260. ;max_size_shift = 28
  261. # Segment log daily, default is true
  262. ;daily_rotate = true
  263. # Expired days of log file(delete after max days), default is 7
  264. ;max_days = 7
  265. [log.syslog]
  266. ;level =
  267. # log line format, valid options are text, console and json
  268. ;format = text
  269. # Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
  270. ;network =
  271. ;address =
  272. # Syslog facility. user, daemon and local0 through local7 are valid.
  273. ;facility =
  274. # Syslog tag. By default, the process' argv[0] is used.
  275. ;tag =
  276. #################################### AMQP Event Publisher ##########################
  277. [event_publisher]
  278. ;enabled = false
  279. ;rabbitmq_url = amqp://localhost/
  280. ;exchange = grafana_events
  281. #################################### Dashboard JSON files ##########################
  282. [dashboards.json]
  283. ;enabled = false
  284. ;path = /var/lib/grafana/dashboards
  285. #################################### Alerting ############################
  286. [alerting]
  287. # Disable alerting engine & UI features
  288. ;enabled = true
  289. # Makes it possible to turn off alert rule execution but alerting UI is visible
  290. ;execute_alerts = true
  291. #################################### Internal Grafana Metrics ##########################
  292. # Metrics available at HTTP API Url /api/metrics
  293. [metrics]
  294. # Disable / Enable internal metrics
  295. ;enabled = true
  296. # Publish interval
  297. ;interval_seconds = 10
  298. # Send internal metrics to Graphite
  299. [metrics.graphite]
  300. # Enable by setting the address setting (ex localhost:2003)
  301. ;address =
  302. ;prefix = prod.grafana.%(instance_name)s.
  303. #################################### Internal Grafana Metrics ##########################
  304. # Url used to to import dashboards directly from Grafana.net
  305. [grafana_net]
  306. ;url = https://grafana.net
  307. #################################### External image storage ##########################
  308. [external_image_storage]
  309. # Used for uploading images to public servers so they can be included in slack/email messages.
  310. # you can choose between (s3, webdav)
  311. ;provider =
  312. [external_image_storage.s3]
  313. ;bucket_url =
  314. ;access_key =
  315. ;secret_key =
  316. [external_image_storage.webdav]
  317. ;url =
  318. ;username =
  319. ;password =
  320. [plugin.grafana-image-renderer]
  321. rendering_ignore_https_errors = true