49 lines
1.7 KiB
YAML
49 lines
1.7 KiB
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: authentik-grafana-blueprint
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
app.kubernetes.io/part-of: authentik
|
|
app.kubernetes.io/managed-by: helm
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/component: grafana-blueprint
|
|
data:
|
|
grafana.yaml: |
|
|
version: 1
|
|
metadata:
|
|
name: grafana-sso
|
|
labels:
|
|
managed-by: helm
|
|
entries:
|
|
- model: authentik_providers_oauth2.oauth2provider
|
|
id: grafana-provider
|
|
attrs:
|
|
name: Grafana
|
|
client_id: !secret authentik-client-secret-grafana@monitoring#GF_AUTH_GENERIC_OAUTH_CLIENT_ID
|
|
client_secret: !secret authentik-client-secret-grafana@monitoring#GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
|
|
redirect_uris:
|
|
- https://grafana.noxxos.nl/login/generic_oauth
|
|
authorization_flow: !Flow default-provider-authorization-flow
|
|
invalidation_flow: !Flow default-provider-invalidation-flow
|
|
property_mappings:
|
|
- !PropertyMapping property-mapping-provider-openid-groups
|
|
signing_key: !Keypair authentik-self-signed-certificate
|
|
- model: authentik_core.application
|
|
id: grafana-app
|
|
attrs:
|
|
name: Grafana
|
|
slug: grafana
|
|
provider: !provider grafana-provider
|
|
launch_url: https://grafana.noxxos.nl
|
|
icon: https://static.goauthentik.io/img/icon/provider/grafana.png
|
|
group: Dashboards
|
|
policy_engine_mode: any
|
|
- model: authentik_policies_policybinding.policybinding
|
|
id: grafana-app-binding
|
|
attrs:
|
|
target: !application grafana-app
|
|
order: 0
|
|
enabled: true
|
|
policy: !Policy policy-everyone
|