Provision and manage grafana instances.
Compatibility : debian >= 12
All variables which can be overridden are stored in defaults/main.yml file as well as in the table below.
| Name | Default | Description |
|---|---|---|
| grafana_address | 0.0.0.0 | Address on which grafana listens |
| grafana_port | 3000 | Port on which grafana listens |
| grafana_admin_user | ansible | The name of the default Grafana Admin user, who has full permissions |
| grafana_admin_password | "" | The password of the default Grafana Admin. Automatically generated and pushed to hashicorpvault if empty. |
| grafana_instance | "{{ ansible_hostname }}" | Set the name of the grafana-server instance. Used in logging, internal metrics, and clustering info. |
| grafana_url | "http://{{ grafana_address }}:{{ grafana_port }}" | Full URL used to access Grafana from a web browser |
| grafana_api_url | "{{ grafana_url }}" | URL used for API calls in provisioning if different from public URL. |
| grafana_logs_dir | /var/log/grafana | Path to logs directory |
| grafana_data_dir | /var/lib/grafana | Path to data directory |
| grafana_plugins | [] | List of Grafana plugins which should be installed |
| grafana_organizations | [] | List of grafana organizations names that should be created |
| grafana_ldap | {} | ldap configuration section. group_mappings are expanded |
| grafana_datasources | [] | List of datasources which should be configured |
| grafana_dashboards | [] | List of dashboards which should be configured |
| grafana_teams | [] | List of teams that should be created |
| grafana_users | [] | List of users that should be created |
| grafana_alerting | {} | alerting configuration section |
| grafana_snapshots | {"external_enabled": False} | snapshots configuration section |
| grafana_custom_icon | False | Use a custom UI icon in the web UI, must be present as files/grafana_icon.svg |
grafana_datasources:
- name: Zabbix
type: alexanderzobnin-zabbix-datasource
access: proxy
url: https://myzabbixservr.com/api_jsonrpc.php
isDefault: true
jsonData:
username: grafana_api_ro
password: "{{ lookup('hashi_vault', 'secret=toto/data/services/zabbix')['grafana_api_ro'] }}"
trends: true
trendsFrom: "30d"
trendsRange: "7d"
cacheTTL: "1h"
alerting: false
addThresholds: false
dbConnectionEnable: false
disableReadOnlyUsersAck: true
disableDataAlignment: false
useZabbixValueMapping: true
version: 1
editable: false
If orgId is not set, the datasource will be added to all available organizations.
grafana_organizations:
- Org2
- Org3
The first organization "Main Org." (the default) can be omitted as it is always created.
grafana_teams:
- name: Team2
org: Org2
home_dashboard: "My Dashboard"
members:
- "User1"
- "User2"
- name: Team3
org: Org3
home_dashboard: "My second Dashboard"
members:
- "User3"
grafana_users:
- name: "Titi Tester"
email: "ttester@example.com"
login: tititester
org: Org2
- name: ""
email: ""
login: "tototester"
org: Org3
grafana_dashboards:
- org: Main Org.
allowUiUpdates: True
files:
- "dashboard_1.json"
- "dashboard_2.json"
- "dashboard_3.json"
- org: Org2
files:
- "dashboard_2.json"
- org: Org3
files:
- "dashboard_3.json"
allowUiUpdate: True enables dashboard edition through the UIuid json statement should be removed if importing a json previously exported with grafana UIgrafana_ldap:
servers:
host: "myldap.com"
port: 389
start_tls: true
bind_dn: "uid=server,ou=servers,dc=example,dc=com"
bind_password: "XXXXXX"
search_filter: "(uid=%s)"
search_base_dns:
- "dc=example,dc=com"
group_search_filter: "(&(objectClass=posixGroup)(memberUid=%s))"
group_search_base_dns:
- "ou=groups,dc=example,dc=com"
attributes:
name: givenName
surname: sn
username: uid
member_of: memberOf
email: mail
group_mappings:
- name: Grafana admins for all organizations
org_name: Org2 # Optional; use it if the name of your group is not the same as the name of the org in which you want to map this group
groups:
- group_dn: "cn=mygroup,ou=groups,dc=example,dc=com"
org_role: Admin
grafana_admin: true