Merge pull request 'feature/grafana_openid' (#1 ) from feature/grafana_openid into main

Reviewed-on: #1
FIX SSO Login setting from Grafana
2026-04-18 19:56:46 +00:00 · 2026-04-18 21:51:27 +02:00 · 2026-04-16 21:54:21 +02:00 · 2026-04-16 21:47:12 +02:00 · 2026-04-16 21:41:53 +02:00
3 changed files with 65 additions and 0 deletions
@@ -117,3 +117,15 @@ identity_providers:
          - email
          - groups
        userinfo_signed_response_alg: 'none'
      - id: grafana
        description: Grafana via Authelia
        secret: '$argon2id$v=19$m=65536,t=3,p=4$IoJjIPmtn81rI0te8lV5Yw$tptaXFfI1NOsPctEzyAYiRblzFNsWgbS9Gh160OkoqQ'
        public: false
        authorization_policy: one_factor
        redirect_uris:
          - https://grafana.quangkhai.ch/login/generic_oauth
        scopes:
          - openid
          - profile
          - email
        userinfo_signed_response_alg: 'none'        
@@ -0,0 +1,28 @@
 #!/bin/bash
 # Deploy Authelia configuration
 # Copies all files from authelia folder to /home/quangkhai/authelia
 set -e
 SOURCE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/authelia" && pwd)"
 DEST_DIR="/home/quangkhai/authelia"
 echo "Starting deployment..."
 echo "Source: $SOURCE_DIR"
 echo "Destination: $DEST_DIR"
 # Create destination directory if it doesn't exist
 if [ ! -d "$DEST_DIR" ]; then
    echo "Creating destination directory: $DEST_DIR"
    mkdir -p "$DEST_DIR"
 fi
 # Copy all files
 echo "Copying files..."
 cp -rv "$SOURCE_DIR"/* "$DEST_DIR/"
 echo "✓ Deployment completed successfully!"
 echo "Files copied to: $DEST_DIR"
@@ -0,0 +1,25 @@
 GF_SERVER_ROOT_URL=https://grafana.quangkhai.ch
 GF_AUTH_ANONYMOUS_ENABLED=false
 GF_AUTH_DISABLE_LOGIN_FORM=true
 GF_AUTH_GENERIC_OAUTH_ENABLED=true
 GF_AUTH_GENERIC_OAUTH_NAME=Authelia
 GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=true
 GF_AUTH_GENERIC_OAUTH_CLIENT_ID=grafana
 GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=VeNuocNuocVe26!
 GF_AUTH_GENERIC_OAUTH_SCOPES="openid profile email"
 GF_AUTH_GENERIC_OAUTH_USE_ID_TOKEN=true
 GF_AUTH_GENERIC_OAUTH_AUTH_URL=https://auth.quangkhai.ch/api/oidc/authorization
 GF_AUTH_GENERIC_OAUTH_TOKEN_URL=https://auth.quangkhai.ch/api/oidc/token
 GF_AUTH_GENERIC_OAUTH_API_URL=https://auth.quangkhai.ch/api/oidc/userinfo
 # 2. Map the ID (used for login)
 # Many OIDC providers use 'preferred_username' or 'sub'
 GF_AUTH_GENERIC_OAUTH_LOGIN_ATTRIBUTE_PATH=preferred_username
 # 3. Map the Email
 GF_AUTH_GENERIC_OAUTH_EMAIL_ATTRIBUTE_PATH=email
 # 4. Map the Name (optional, but good for profile)
 GF_AUTH_GENERIC_OAUTH_NAME_ATTRIBUTE_PATH=name
Author	SHA1	Message	Date
quangkhai	c2e93355ec	Merge pull request 'feature/grafana_openid' (#1 ) from feature/grafana_openid into main Reviewed-on: #1	2026-04-18 19:56:46 +00:00
quangkhai	68e55131b5	FIX SSO Login setting from Grafana	2026-04-18 21:51:27 +02:00
quangkhai	383c88defd	deployment script	2026-04-16 21:54:21 +02:00
quangkhai	edd9368fea	OpenID for Grafana	2026-04-16 21:47:12 +02:00
quangkhai	d19fae8d56	back up config.monitoring (worked)	2026-04-16 21:41:53 +02:00