Fixed SSO grafana authentication

Changed command for shell to delete all files
2024-10-21 11:10:50 +02:00 · 2024-10-21 11:09:58 +02:00
3 changed files with 15 additions and 2 deletions
--- a/bootstrap.yml
+++ b/bootstrap.yml
@ -110,3 +110,15 @@
      client_authenticator_type: client-secret
      id: a6960246-4aa9-495f-8843-69d664dba0ea
      secret: "{{ grafana_kc_client_secret }}"
+
+  - name: Updating ca certificates of Grafana container
+    community.docker.docker_container_exec:
+      user: 0
+      command: update-ca-certificates
+      container: infra-grafana
+
+  - name: Restarting grafana container
+    community.docker.docker_container:
+      name: infra-grafana
+      state: started
+      restart: true
--- a/teardown.yml
+++ b/teardown.yml
@ -12,4 +12,4 @@
      remove_volumes: true

  - name: Deleting infra folder contents
-    ansible.builtin.command: rm -r /opt/infra/*
+    ansible.builtin.shell: rm -r /opt/infra/*
--- a/templates/compose.yml
+++ b/templates/compose.yml
@ -59,7 +59,7 @@ services:
      - grafana-storage:/var/lib/grafana
      - type: bind
        source: ./grafana/mforcen.crt
-        target: /etc/ssl/mforcen.crt
+        target: /usr/local/share/ca-certificates/mforcen.crt
      - type: bind
        source: ./grafana/ssl
        target: /ssl
@ -86,6 +86,7 @@ services:
      GF_AUTH_GENERIC_OAUTH_ENABLED: true
      GF_AUTH_GENERIC_OAUTH_CLIENT_ID: grafana
      GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: {{ grafana_kc_client_secret }}
+      GF_AUTH_GENERIC_OAUTH_SCOPES: openid email profile offline_access roles
      GF_AUTH_GENERIC_OAUTH_EMAIL_ATTRIBUTE_PATH: email
      GF_AUTH_GENERIC_OAUTH_LOGIN_ATTRIBUTE_PATH: username
      GF_AUTH_GENERIC_OAUTH_NAME_ATTRIBUTE_PATH: full_name
Author	SHA1	Message	Date
Manuel Forcén Muñoz	e2e7f4c511	Fixed SSO grafana authentication	2024-10-21 11:10:50 +02:00
Manuel Forcén Muñoz	71dc4ee53b	Changed command for shell to delete all files	2024-10-21 11:09:58 +02:00