K3S-HOME/observability
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CHORE(grafana): disable local auth, add SSO

Browse Source 
- Enable anonymous auth with Admin role
- Disable login form
- Add Authelia middleware to ingress
This commit is contained in:
Mayne0213
2026-01-01 22:48:40 +09:00
parent e4b477a510
commit 939ae13c5d
2 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
grafana/helm-values.yaml
View File

@@ -111,15 +111,16 @@ dashboards:
grafana.ini: grafana.ini:
server: server:
root_url: "http://grafana0213.kro.kr" root_url: "https://grafana0213.kro.kr"
auth.anonymous: auth.anonymous:
enabled: false enabled: true
org_role: Admin
security: security:
allow_embedding: true allow_embedding: true
auth.basic: auth.basic:
enabled: false enabled: false
auth: auth:
disable_login_form: false disable_login_form: true
disable_signout_menu: true disable_signout_menu: true
news: news:
news_feed_enabled: false news_feed_enabled: false

5
grafana/ingress.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: grafana-ingress name: grafana-ingress
namespace: grafana namespace: grafana
annotations: annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
# HTTP를 HTTPS로 자동 리다이렉트
nginx.ingress.kubernetes.io/ssl-redirect: "true"
# cert-manager가 인증서를 자동으로 발급하도록 설정
cert-manager.io/cluster-issuer: "letsencrypt-prod" cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
spec: spec:
ingressClassName: traefik ingressClassName: traefik
# TLS 설정 # TLS 설정