From ff953a05e174dd31597832f0d958c194c3777243 Mon Sep 17 00:00:00 2001 From: Mike Lanyon Date: Sun, 31 May 2015 14:24:26 -0500 Subject: [PATCH] final updates for new attributes, resolves #43 --- README.md | 76 ++++++++++++++---------- attributes/default.rb | 29 ++++----- recipes/_install_file.rb | 4 +- recipes/_nginx.rb | 12 +--- recipes/default.rb | 3 + templates/default/grafana-nginx.conf.erb | 9 --- templates/default/grafana.ini.erb | 6 +- 7 files changed, 68 insertions(+), 71 deletions(-) diff --git a/README.md b/README.md index ffa69da0..44c9ee52 100644 --- a/README.md +++ b/README.md @@ -21,33 +21,52 @@ As with most cookbooks I write, this one is hopefully flexible enough to be wrap | Attribute | Default | Description | |----------------------------------------------|:--------------------------------------:|-----------------------------------| -| `node['grafana']['install_type']` | `'file'` | The type of install we are going to use either `git` or `file` | -| `node['grafana']['version']` | `'2.0.2'` | the version to install. | -| `node['grafana']['file']['url']` | `'http://grafanarel.s3.amazonaws.com/grafana-1.9.1.tar.gz'` | The file URL for the latest Grafana build | -| `node['grafana']['file']['checksum']` | `'c328c7a002622f672affbcaabd5e64ae279be1051ee27c62ba22bfed63680508'`| The sha256 of the Grafana file | -| `node['grafana']['admin_password']` | `'admin'` | This is a password used when saving dashboard | -| `node['grafana']['graphite_server']` | `'127.0.0.1'` | The ipaddress or hostname of your graphite server | -| `node['grafana']['graphite_port']` | `'80'` | The port of your graphite server's http interface | -| `node['grafana']['graphite_role']` | `'graphite_server'` | eventually for wiring up discovery of your graphite server, set to `nil` to prevent any search | -| `node['grafana']['graphite_scheme']` | `'http://'` | Scheme helper if graphite is outside of this cookbook `http://` or `https://` | -| `node['grafana']['graphite_user']` | `''` | Graphite authentication user | -| `node['grafana']['graphite_password']` | `''` | Graphite authentication password | -| `node['grafana']['user']` | `''` | The user who will own the files from the git checkout. | -| `node['grafana']['config_template']` | `'config.js.erb'` | The template to use for Grafana's `config.js` | -| `node['grafana']['webserver']` | `'nginx'` | Which webserver to use: nginx or '' | -| `node['grafana']['webserver_hostname']` | `node.name` | The primary vhost the web server will use for Grafana | +| `node['grafana']['install_type']` | `'file'` | The type of install: `file`, `package` or `source` | +| `node['grafana']['version']` | `'2.0.2'` | The version to install | +| `node['grafana']['file']['url']` | `'https://grafanarel.s3.amazonaws.com/builds/grafana'` | The file URL for Grafana builds | +| `node['grafana']['package']['repo']` | `'https://packagecloud.io/grafana/stable/'` | The grafana package repo | +| `node['grafana']['package']['key']` | `'https://packagecloud.io/gpg.key'` | The package repo GPG key | +| `node['grafana']['package']['components']` | `['main']` | The package repo components | +| `node['grafana']['user']` | `'grafana'` | The grafana user | +| `node['grafana']['group']` | `'grafana'` | The grafana group | +| `node['grafana']['home']` | `'/usr/share/grafana'` | The value set to GRAFANA_HOME | +| `node['grafana']['data_dir']` | `'/var/lib/grafana'` | The path grafana can use to store temp files, sessions, and the sqlite3 db | +| `node['grafana']['log_dir']` | `'/var/log/grafana'` | Grafana's log directory | +| `node['grafana']['env_dir']` | `'/etc/default'` or `'/etc/sysconfig'` | The location for environment variables - autoconfigured for rhel and debian systems | +| `node['grafana']['conf_dir']` | `'/etc/grafana'` | The location to store the `grafana.ini` file | +| `node['grafana']['http_addr']` | `nil` | The ip address to bind to, empty will bind to all interfaces | +| `node['grafana']['http_protocol']` | `'http'` | The http protocol: `'http'` or `'https'` | +| `node['grafana']['http_port']` | `3000` | The http port grafana binds to | +| `node['grafana']['http_domain']` | `'localhost'` | The public-facing domain name used to access grafana | +| `node['grafana']['http_root_url']` | `'%(protocol)s://%(domain)s:%(http_port)s/'`| Full url used for auth callbacks or with reverse proxies | +| `node['grafana']['database']['type']` | `'sqlite3'` | The database type: `'mysql'`, `'postgres'`, `'sqlite3'` | +| `node['grafana']['database']['host']` | `'127.0.0.1:3306'` | The database host and port | +| `node['grafana']['database']['name']` | `'grafana'` | The database name | +| `node['grafana']['database']['user']` | `'root'` | The database user | +| `node['grafana']['database']['password']` | `''` | The database user's password | +| `node['grafana']['admin_user']` | `'admin'` | The username used to administer Grafana | +| `node['grafana']['admin_password']` | `'admin'` | The password for the `admin_user` | +| `node['grafana']['sec_secret_key']` | `'SW2YcwTIb9zpOOhoPsMm'` | CHANGE THIS! Used for signing remember me cookies | +| `node['grafana']['session_provider']` | `'memory'` | Session provider: `'memory'`, `'file'`, `'redis'`, `'mysql'` | +| `node['grafana']['session_provider_config']` | `'sessions'` | See [Grafana documentation](http://docs.grafana.org/installation/configuration/) for further details. | +| `node['grafana']['session_life_time']` | `86400` | The session life time in seconds | +| `node['grafana']['reporting_enabled']` | `true` | Enable Grafana to send anonymous usage statistics to `stats.grafana.org` | +| `node['grafana']['google_analytics_ua_id']` | `nil` | Google Analytics universal tracking code | +| `node['grafana']['allow_sign_up']` | `true` | Allow user signup / registration | +| `node['grafana']['allow_org_create']` | `true` | Allow non-admin users to create organizations | +| `node['grafana']['auto_assign_org']` | `true` | Automatically assign new users to the default organization (id 1) | +| `node['grafana']['auto_assign_org_role']` | `'Viewer'` | The role new users will be given if `allow_sign_up` is `true` | +| `node['grafana']['anon_auth_enabled']` | `false` | Enable anonymous access | +| `node['grafana']['anon_auth_org_name']` | `'Main Org.'` | The organization used by unauthenticated users | +| `node['grafana']['anon_auth_org_role']` | `'Viewer'` | The role used by unauthenticated users | +| `node['grafana']['log_level']` | `'Info'` | Log level: `'Trace'`, `'Debug'`, `'Info'`, `'Warn'`, `'Error'`, `'Critical'` | +| `node['grafana']['log_daily_rotate']` | `true` | Rotate the logs daily | +| `node['grafana']['log_max_days']` | `7` | Number of days to keep the logs | +| `node['grafana']['webserver']` | `'nginx'` | Which webserver to use: `'nginx'` or `''` | +| `node['grafana']['webserver_hostname']` | `node.name` | The server_name used in the webserver config | | `node['grafana']['webserver_aliases']` | `[node['ipaddress']]` | Array of any secondary hostnames that are valid vhosts | | `node['grafana']['webserver_listen']` | `node['ipaddress']` | The ip address the web server will listen on | | `node['grafana']['webserver_port']` | `80` | The port the webserver will listen on | -| `node['grafana']['webserver_scheme']` | `'http://'` | Scheme helper if webserver is outside of this cookbook `http://` or `https://` | -| `node['grafana']['default_route']` | `'/dashboard/file/default.json'` | Default route config, set start dashboard | -| `node['grafana']['timezone_offset']` | `'null'` | Timezone offset config, example: "-0500" (for UTC-5 hours) | -| `node['grafana']['grafana_index']` | `'grafana-index'` | Elasticsearch index to use for Grafana | -| `node['grafana']['unsaved_changes_warning']` | `'true'` | Enable disable unsaved changes warning in UI | -| `node['grafana']['playlist_timespan']` | `'1m'` | Playlist timespan config | -| `node['grafana']['window_title_prefix']` | `'Grafana - '` | Window title prefix config | -| `node['grafana']['search_max_results']` | `20` | Search maximuyum result config | - **NOTE** Any derived attributes should be wrapped in a lambda if you expect to change @@ -202,14 +221,7 @@ Contributing TODO ---- -- Finish implementation of the dashboard resource -- Implement user resource via the API -- Continue to template out the `grafana.ini.erb` and `grafana-env.erb` templates -- Test with Graphie datasource -- Remove Elasticsearch references -- Complete the `source` recipe -- Allow SSL to be enabled on Nginx -- Implement organization reource via the API +To see the current todos, please view the open issues for the [chef-grafana 2.0 milestone](https://github.com/JonathanTron/chef-grafana/milestones/chef-grafana%202.0). License and Authors ------------------- diff --git a/attributes/default.rb b/attributes/default.rb index fcb174ea..f03d3a86 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -18,14 +18,12 @@ default['grafana']['install_type'] = 'file' # file | package | source default['grafana']['version'] = '2.0.2' -default['grafana']['file']['url'] = 'http://grafanarel.s3.amazonaws.com/grafana-%{version}.%{type}' -default['grafana']['file']['checksum'] = 'c328c7a002622f672affbcaabd5e64ae279be1051ee27c62ba22bfed63680508' # sha256 ( shasum -a 256 FILENAME ) +default['grafana']['file']['url'] = 'https://grafanarel.s3.amazonaws.com/builds/grafana' default['grafana']['package']['repo'] = 'https://packagecloud.io/grafana/stable/' default['grafana']['package']['key'] = 'https://packagecloud.io/gpg.key' default['grafana']['package']['components'] = ['main'] -default['grafana']['webserver'] = 'nginx' default['grafana']['user'] = 'grafana' default['grafana']['group'] = 'grafana' default['grafana']['home'] = '/usr/share/grafana' @@ -38,43 +36,46 @@ default['grafana']['env_dir'] = '/etc/sysconfig' end default['grafana']['conf_dir'] = '/etc/grafana' +# server default['grafana']['http_addr'] = nil default['grafana']['http_protocol'] = 'http' default['grafana']['http_port'] = 3000 default['grafana']['http_domain'] = 'localhost' +default['grafana']['http_root_url'] = '%(protocol)s://%(domain)s:%(http_port)s/' +# database default['grafana']['database']['type'] = 'sqlite3' default['grafana']['database']['host'] = '127.0.0.1:3306' default['grafana']['database']['name'] = 'grafana' default['grafana']['database']['user'] = 'root' default['grafana']['database']['password'] = '' -default['grafana']['admin_user'] = 'admin' -default['grafana']['admin_password'] = 'admin' +# session default['grafana']['session_provider'] = 'memory' default['grafana']['session_provider_config'] = 'sessions' default['grafana']['session_life_time'] = 86400 +# analytics default['grafana']['reporting_enabled'] = true +default['grafana']['google_analytics_ua_id'] = nil +# security +default['grafana']['admin_user'] = 'admin' +default['grafana']['admin_password'] = 'admin' +default['grafana']['sec_secret_key'] = 'SW2YcwTIb9zpOOhoPsMm' +# users default['grafana']['allow_sign_up'] = true default['grafana']['allow_org_create'] = true default['grafana']['auto_assign_org'] = true default['grafana']['auto_assign_org_role'] = 'Viewer' +# anonymous auth default['grafana']['anon_auth_enabled'] = false default['grafana']['anon_auth_org_name'] = 'Main Org.' default['grafana']['anon_auth_org_role'] = 'Viewer' +# logging default['grafana']['log_level'] = 'Info' default['grafana']['log_daily_rotate'] = true default['grafana']['log_max_days'] = 7 -# graphite -default['grafana']['graphite_server'] = '127.0.0.1' -default['grafana']['graphite_port'] = '80' -default['grafana']['graphite_role'] = 'graphite_server' -default['grafana']['graphite_scheme'] = 'http://' -default['grafana']['graphite_user'] = '' -default['grafana']['graphite_password'] = '' - # webserver +default['grafana']['webserver'] = 'nginx' default['grafana']['webserver_hostname'] = node.name default['grafana']['webserver_aliases'] = [node['ipaddress']] default['grafana']['webserver_listen'] = node['ipaddress'] default['grafana']['webserver_port'] = 80 -default['grafana']['webserver_scheme'] = 'http://' diff --git a/recipes/_install_file.rb b/recipes/_install_file.rb index 02943b8e..b5e2b943 100644 --- a/recipes/_install_file.rb +++ b/recipes/_install_file.rb @@ -27,7 +27,7 @@ end remote_file "#{Chef::Config[:file_cache_path]}/grafana-#{node['grafana']['version']}.deb" do - source "https://grafanarel.s3.amazonaws.com/builds/grafana_#{node['grafana']['version']}_amd64.deb" + source "#{node['grafana']['file']['url']}_#{node['grafana']['version']}_amd64.deb" action :create not_if "dpkg -l | grep '^ii' | grep grafana | grep #{node['grafana']['version']}" end @@ -43,7 +43,7 @@ end remote_file "#{Chef::Config[:file_cache_path]}/grafana-#{node['grafana']['version']}.rpm" do - source "https://grafanarel.s3.amazonaws.com/builds/grafana-#{node['grafana']['version']}-1.x86_64.rpm" + source "#{node['grafana']['file']['url']}-#{node['grafana']['version']}-1.x86_64.rpm" action :create not_if "yum list installed | grep grafana | grep #{node['grafana']['version']}" end diff --git a/recipes/_nginx.rb b/recipes/_nginx.rb index 223caf5f..8eeea3ca 100644 --- a/recipes/_nginx.rb +++ b/recipes/_nginx.rb @@ -17,14 +17,8 @@ # limitations under the License. # -require 'base64' - include_recipe 'nginx' -graphite_basic_auth = if !node['grafana']['graphite_user'].empty? && !node['grafana']['graphite_password'].empty? - Base64.strict_encode64 "#{node['grafana']['graphite_user']}:#{node['grafana']['graphite_password']}" - end - template '/etc/nginx/sites-available/grafana' do source node['grafana']['nginx']['template'] cookbook node['grafana']['nginx']['template_cookbook'] @@ -34,14 +28,10 @@ group 'root' variables( grafana_port: node['grafana']['http_port'], - graphite_scheme: node['grafana']['graphite_scheme'], - graphite_server: node['grafana']['graphite_server'], - graphite_port: node['grafana']['graphite_port'], server_name: node['grafana']['webserver_hostname'], server_aliases: node['grafana']['webserver_aliases'], listen_address: node['grafana']['webserver_listen'], - listen_port: node['grafana']['webserver_port'], - graphite_basic_auth: graphite_basic_auth.to_s + listen_port: node['grafana']['webserver_port'] ) end diff --git a/recipes/default.rb b/recipes/default.rb index 52a9f248..824cdfb9 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -70,16 +70,19 @@ database_password: node['grafana']['database']['password'], admin_user: node['grafana']['admin_user'], admin_password: node['grafana']['admin_password'], + sec_secret_key: node['grafana']['sec_secret_key'], session_provider: node['grafana']['session_provider'], session_provider_config: node['grafana']['session_provider_config'], session_life_time: node['grafana']['session_life_time'], reporting_enabled: node['grafana']['reporting_enabled'], + google_analytics_ua_id: node['grafana']['google_analytics_ua_id'], log_dir: node['grafana']['log_dir'], data_dir: node['grafana']['data_dir'], http_protocol: node['grafana']['http_protocol'], http_port: node['grafana']['http_port'], http_addr: node['grafana']['http_addr'], http_domain: node['grafana']['http_domain'], + http_root_url: node['grafana']['http_root_url'], allow_sign_up: node['grafana']['allow_sign_up'], allow_org_create: node['grafana']['allow_org_create'], auto_assign_org: node['grafana']['auto_assign_org'], diff --git a/templates/default/grafana-nginx.conf.erb b/templates/default/grafana-nginx.conf.erb index abcabc74..3cf29177 100644 --- a/templates/default/grafana-nginx.conf.erb +++ b/templates/default/grafana-nginx.conf.erb @@ -16,13 +16,4 @@ server { location / { proxy_pass http://grafana; } - - location ~ ^/_graphite { - rewrite ^/_graphite/(.*)$ /$1 break; - proxy_pass <%= @graphite_scheme %><%= @graphite_server %>:<%= @graphite_port %>; - proxy_read_timeout 90; -<% unless @graphite_basic_auth.empty? -%> - proxy_set_header Authorization "Basic <%= @graphite_basic_auth %>"; -<% end -%> - } } diff --git a/templates/default/grafana.ini.erb b/templates/default/grafana.ini.erb index cd032e16..2b2c5935 100644 --- a/templates/default/grafana.ini.erb +++ b/templates/default/grafana.ini.erb @@ -34,7 +34,7 @@ http_port = <%= @http_port %> domain = <%= @http_domain %> # The full public facing url -;root_url = %(protocol)s://%(domain)s:%(http_port)s/ +;root_url = <%= @http_root_url %> # Log web requests ;router_logging = false @@ -94,7 +94,7 @@ session_life_time = <%= @session_life_time %> reporting_enabled = <%= @reporting_enabled %> # Google Analytics universal tracking code, only enabled if you specify an id here -;google_analytics_ua_id = +google_analytics_ua_id = <%= @google_analytics_ua_id %> #################################### Security #################################### [security] @@ -105,7 +105,7 @@ admin_user = <%= @admin_user %> admin_password = <%= @admin_password %> # used for signing -;secret_key = SW2YcwTIb9zpOOhoPsMm +;secret_key = <%= @sec_secret_key %> # Auto-login remember days ;login_remember_days = 7