CHORE(grafana): disable local auth, add SSO

- Enable anonymous auth with Admin role - Disable login form - Add Authelia middleware to ingress
2026-01-01 22:48:40 +09:00
parent e4b477a510
commit 939ae13c5d
2 changed files with 5 additions and 7 deletions
--- a/grafana/helm-values.yaml
+++ b/grafana/helm-values.yaml
@@ -111,15 +111,16 @@ dashboards:

 grafana.ini:
  server:
-    root_url: "http://grafana0213.kro.kr"
+    root_url: "https://grafana0213.kro.kr"
  auth.anonymous:
-    enabled: false
+    enabled: true
+    org_role: Admin
  security:
    allow_embedding: true
  auth.basic:
    enabled: false
  auth:
-    disable_login_form: false
+    disable_login_form: true
    disable_signout_menu: true
  news:
    news_feed_enabled: false
--- a/grafana/ingress.yaml
+++ b/grafana/ingress.yaml
@@ -4,11 +4,8 @@ metadata:
  name: grafana-ingress
  namespace: grafana
  annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
-    # HTTP를 HTTPS로 자동 리다이렉트
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    # cert-manager가 인증서를 자동으로 발급하도록 설정
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
 spec:
  ingressClassName: traefik
  # TLS 설정