Stage Grafana Authentik cutover
Some checks failed
secret-guardrails / artifact-secret-scan (push) Has been cancelled
secret-guardrails / gitleaks (push) Has been cancelled

This commit is contained in:
Fizzlepoof
2026-05-23 20:10:32 +00:00
parent ab348932ff
commit 406efa102d
4 changed files with 9 additions and 14 deletions

View File

@@ -1,12 +1,8 @@
users: users:
john: fizzlepoof:
disabled: false disabled: false
displayname: John displayname: John
email: john@example.com email: admin@paccoco.com
password: '$argon2id$v=19$m=65536,t=3,p=4$REPLACE$REPLACE' password: $argon2id$v=19$m=65536,t=3,p=4$REPLACE$REPLACE
groups: groups:
- admins - admins
# future examples:
# - infra
# - media
# - family

View File

@@ -21,7 +21,6 @@ http:
service: grafana service: grafana
middlewares: middlewares:
- security-headers - security-headers
- authelia-forwardauth
technitium: technitium:
rule: Host(`dns.paccoco.com`) rule: Host(`dns.paccoco.com`)

View File

@@ -5,7 +5,7 @@ GF_ADMIN_USER=admin
GF_ADMIN_PASS=CHANGE_ME GF_ADMIN_PASS=CHANGE_ME
GF_HOST=grafana.paccoco.com GF_HOST=grafana.paccoco.com
LOKI_HOST=loki.paccoco.com LOKI_HOST=loki.paccoco.com
AUTHENTIK_HOST=auth.paccoco.com AUTHENTIK_URL=https://auth.paccoco.com
GF_AUTHENTIK_APP_SLUG=grafana GF_AUTHENTIK_APP_SLUG=grafana
GF_AUTH_GENERIC_OAUTH_ENABLED=true GF_AUTH_GENERIC_OAUTH_ENABLED=true
GF_AUTH_GENERIC_OAUTH_NAME=Authentik GF_AUTH_GENERIC_OAUTH_NAME=Authentik

View File

@@ -49,10 +49,10 @@ services:
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: ${GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET} GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: ${GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET}
GF_AUTH_GENERIC_OAUTH_SCOPES: ${GF_AUTH_GENERIC_OAUTH_SCOPES} GF_AUTH_GENERIC_OAUTH_SCOPES: ${GF_AUTH_GENERIC_OAUTH_SCOPES}
GF_AUTH_GENERIC_OAUTH_EMPTY_SCOPES: ${GF_AUTH_GENERIC_OAUTH_EMPTY_SCOPES} GF_AUTH_GENERIC_OAUTH_EMPTY_SCOPES: ${GF_AUTH_GENERIC_OAUTH_EMPTY_SCOPES}
GF_AUTH_GENERIC_OAUTH_AUTH_URL: https://${AUTHENTIK_HOST}/application/o/authorize/ GF_AUTH_GENERIC_OAUTH_AUTH_URL: ${AUTHENTIK_URL}/application/o/authorize/
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: https://${AUTHENTIK_HOST}/application/o/token/ GF_AUTH_GENERIC_OAUTH_TOKEN_URL: ${AUTHENTIK_URL}/application/o/token/
GF_AUTH_GENERIC_OAUTH_API_URL: https://${AUTHENTIK_HOST}/application/o/userinfo/ GF_AUTH_GENERIC_OAUTH_API_URL: ${AUTHENTIK_URL}/application/o/userinfo/
GF_AUTH_SIGNOUT_REDIRECT_URL: https://${AUTHENTIK_HOST}/application/o/${GF_AUTHENTIK_APP_SLUG}/end-session/ GF_AUTH_SIGNOUT_REDIRECT_URL: ${AUTHENTIK_URL}/application/o/${GF_AUTHENTIK_APP_SLUG}/end-session/
GF_AUTH_GENERIC_OAUTH_USE_PKCE: ${GF_AUTH_GENERIC_OAUTH_USE_PKCE} GF_AUTH_GENERIC_OAUTH_USE_PKCE: ${GF_AUTH_GENERIC_OAUTH_USE_PKCE}
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: ${GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP} GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: ${GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP}
GF_AUTH_GENERIC_OAUTH_AUTO_LOGIN: ${GF_AUTH_GENERIC_OAUTH_AUTO_LOGIN} GF_AUTH_GENERIC_OAUTH_AUTO_LOGIN: ${GF_AUTH_GENERIC_OAUTH_AUTO_LOGIN}