説明なし
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

etc_grafana_grafana.j2 16KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518
  1. ##################### Grafana Configuration Example #####################
  2. #
  3. # Everything has defaults so you only need to uncomment things you want to
  4. # change
  5. # possible values : production, development
  6. ;app_mode = production
  7. # instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
  8. instance_name = {{ domain }}
  9. #################################### Paths ####################################
  10. [paths]
  11. # Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
  12. data = /data/grafana
  13. # Temporary files in `data` directory older than given duration will be removed
  14. ;temp_data_lifetime = 24h
  15. # Directory where grafana can store logs
  16. ;logs = /var/log/grafana
  17. # Directory where grafana will automatically scan and look for plugins
  18. ;plugins = /var/lib/grafana/plugins
  19. # folder that contains provisioning config files that grafana will apply on startup and while running.
  20. ;provisioning = conf/provisioning
  21. #################################### Server ####################################
  22. [server]
  23. # Protocol (http, https, socket)
  24. protocol = http
  25. # The ip address to bind to, empty will bind to all interfaces
  26. http_addr = 127.0.0.1
  27. # The http port to use
  28. http_port = {{ grafana_internal_port }}
  29. # The public facing domain name used to access grafana from a browser
  30. domain = {{ grafana_domain }}
  31. # Redirect to correct domain if host header does not match domain
  32. # Prevents DNS rebinding attacks
  33. enforce_domain = true
  34. # The full public facing url you use in browser, used for redirects and emails
  35. # If you use reverse proxy and sub path specify full url (with sub path)
  36. root_url = https://{{ grafana_domain }}
  37. # Log web requests
  38. ;router_logging = false
  39. # the path relative working path
  40. ;static_root_path = public
  41. # enable gzip
  42. ;enable_gzip = false
  43. # https certs & key file
  44. ;cert_file =
  45. ;cert_key =
  46. # Unix socket path
  47. ;socket =
  48. #################################### Database ####################################
  49. [database]
  50. # You can configure the database connection by specifying type, host, name, user and password
  51. # as separate properties or as on string using the url properties.
  52. # Either "mysql", "postgres" or "sqlite3", it's your choice
  53. type = postgres
  54. host = 127.0.0.1:5432
  55. name = {{ grafana_db_database }}
  56. user = {{ grafana_db_username }}
  57. # If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
  58. password = """{{ grafana_db_password }}"""
  59. # Use either URL or the previous fields to configure the database
  60. # Example: mysql://user:secret@host:port/database
  61. ;url =
  62. # For "postgres" only, either "disable", "require" or "verify-full"
  63. ssl_mode = disable
  64. # For "sqlite3" only, path relative to data_path setting
  65. ;path = grafana.db
  66. # Max idle conn setting default is 2
  67. ;max_idle_conn = 2
  68. # Max conn setting default is 0 (mean not set)
  69. ;max_open_conn =
  70. # Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
  71. ;conn_max_lifetime = 14400
  72. # Set to true to log the sql calls and execution times.
  73. log_queries =
  74. # For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
  75. ;cache_mode = private
  76. #################################### Session ####################################
  77. [session]
  78. # Either "memory", "file", "redis", "mysql", "postgres", default is "file"
  79. ;provider = file
  80. # Provider config options
  81. # memory: not have any config yet
  82. # file: session dir path, is relative to grafana data_path
  83. # redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana`
  84. # mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name`
  85. # postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable
  86. ;provider_config = sessions
  87. # Session cookie name
  88. ;cookie_name = grafana_sess
  89. # If you use session in https only, default is false
  90. ;cookie_secure = false
  91. # Session life time, default is 86400
  92. ;session_life_time = 86400
  93. #################################### Data proxy ###########################
  94. [dataproxy]
  95. # This enables data proxy logging, default is false
  96. ;logging = false
  97. # How long the data proxy should wait before timing out default is 30 (seconds)
  98. ;timeout = 30
  99. #################################### Analytics ####################################
  100. [analytics]
  101. # Server reporting, sends usage counters to stats.grafana.org every 24 hours.
  102. # No ip addresses are being tracked, only simple counters to track
  103. # running instances, dashboard and error counts. It is very helpful to us.
  104. # Change this option to false to disable reporting.
  105. reporting_enabled = false
  106. # Set to false to disable all checks to https://grafana.net
  107. # for new vesions (grafana itself and plugins), check is used
  108. # in some UI views to notify that grafana or plugin update exists
  109. # This option does not cause any auto updates, nor send any information
  110. # only a GET request to http://grafana.com to get latest versions
  111. ;check_for_updates = true
  112. # Google Analytics universal tracking code, only enabled if you specify an id here
  113. ;google_analytics_ua_id =
  114. # Google Tag Manager ID, only enabled if you specify an id here
  115. ;google_tag_manager_id =
  116. #################################### Security ####################################
  117. [security]
  118. # default admin user, created on startup
  119. admin_user = {{ grafana_main_user }}
  120. # default admin password, can be changed before first start of grafana, or in profile settings
  121. admin_password = {{ grafana_main_user_password }}
  122. # used for signing
  123. secret_key = {{ grafana_signing_key }}
  124. # disable gravatar profile images
  125. ;disable_gravatar = false
  126. # data source proxy whitelist (ip_or_domain:port separated by spaces)
  127. ;data_source_proxy_whitelist =
  128. # disable protection against brute force login attempts
  129. ;disable_brute_force_login_protection = false
  130. # set to true if you host Grafana behind HTTPS. default is false.
  131. cookie_secure = true
  132. # set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict" and "none"
  133. cookie_samesite = strict
  134. #################################### Snapshots ###########################
  135. [snapshots]
  136. # snapshot sharing options
  137. ;external_enabled = true
  138. ;external_snapshot_url = https://snapshots-origin.raintank.io
  139. ;external_snapshot_name = Publish to snapshot.raintank.io
  140. # remove expired snapshot
  141. ;snapshot_remove_expired = true
  142. #################################### Dashboards History ##################
  143. [dashboards]
  144. # Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1
  145. ;versions_to_keep = 20
  146. #################################### Users ###############################
  147. [users]
  148. # disable user signup / registration
  149. allow_sign_up = false
  150. # Allow non admin users to create organizations
  151. ;allow_org_create = true
  152. # Set to true to automatically assign new users to the default organization (id 1)
  153. ;auto_assign_org = true
  154. # Default role new users will be automatically assigned (if disabled above is set to true)
  155. ;auto_assign_org_role = Viewer
  156. # Background text for the user field on the login page
  157. ;login_hint = email or username
  158. # Default UI theme ("dark" or "light")
  159. ;default_theme = dark
  160. # External user management, these options affect the organization users view
  161. ;external_manage_link_url =
  162. ;external_manage_link_name =
  163. ;external_manage_info =
  164. # Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard.
  165. ;viewers_can_edit = false
  166. [auth]
  167. # Login cookie name
  168. ;login_cookie_name = grafana_session
  169. # The lifetime (days) an authenticated user can be inactive before being required to login at next visit. Default is 7 days,
  170. ;login_maximum_inactive_lifetime_days = 7
  171. # The maximum lifetime (days) an authenticated user can be logged in since login time before being required to login. Default is 30 days.
  172. ;login_maximum_lifetime_days = 30
  173. # How often should auth tokens be rotated for authenticated users when being active. The default is each 10 minutes.
  174. ;token_rotation_interval_minutes = 10
  175. # Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
  176. ;disable_login_form = false
  177. # Set to true to disable the signout link in the side menu. useful if you use auth.proxy, defaults to false
  178. ;disable_signout_menu = false
  179. # URL to redirect the user to after sign out
  180. ;signout_redirect_url =
  181. # Set to true to attempt login with OAuth automatically, skipping the login screen.
  182. # This setting is ignored if multiple OAuth providers are configured.
  183. ;oauth_auto_login = false
  184. #################################### Anonymous Auth ######################
  185. [auth.anonymous]
  186. # enable anonymous access
  187. enabled = true
  188. # specify organization name that should be used for unauthenticated users
  189. ;org_name = Main Org.
  190. # specify role for unauthenticated users
  191. ;org_role = Viewer
  192. #################################### Github Auth ##########################
  193. [auth.github]
  194. ;enabled = false
  195. ;allow_sign_up = true
  196. ;client_id = some_id
  197. ;client_secret = some_secret
  198. ;scopes = user:email,read:org
  199. ;auth_url = https://github.com/login/oauth/authorize
  200. ;token_url = https://github.com/login/oauth/access_token
  201. ;api_url = https://api.github.com/user
  202. ;team_ids =
  203. ;allowed_organizations =
  204. #################################### Google Auth ##########################
  205. [auth.google]
  206. ;enabled = false
  207. ;allow_sign_up = true
  208. ;client_id = some_client_id
  209. ;client_secret = some_client_secret
  210. ;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
  211. ;auth_url = https://accounts.google.com/o/oauth2/auth
  212. ;token_url = https://accounts.google.com/o/oauth2/token
  213. ;api_url = https://www.googleapis.com/oauth2/v1/userinfo
  214. ;allowed_domains =
  215. #################################### Generic OAuth ##########################
  216. [auth.generic_oauth]
  217. ;enabled = false
  218. ;name = OAuth
  219. ;allow_sign_up = true
  220. ;client_id = some_id
  221. ;client_secret = some_secret
  222. ;scopes = user:email,read:org
  223. ;auth_url = https://foo.bar/login/oauth/authorize
  224. ;token_url = https://foo.bar/login/oauth/access_token
  225. ;api_url = https://foo.bar/user
  226. ;team_ids =
  227. ;allowed_organizations =
  228. ;tls_skip_verify_insecure = false
  229. ;tls_client_cert =
  230. ;tls_client_key =
  231. ;tls_client_ca =
  232. ; Set to true to enable sending client_id and client_secret via POST body instead of Basic authentication HTTP header
  233. ; This might be required if the OAuth provider is not RFC6749 compliant, only supporting credentials passed via POST payload
  234. ;send_client_credentials_via_post = false
  235. #################################### Grafana.com Auth ####################
  236. [auth.grafana_com]
  237. ;enabled = false
  238. ;allow_sign_up = true
  239. ;client_id = some_id
  240. ;client_secret = some_secret
  241. ;scopes = user:email
  242. ;allowed_organizations =
  243. #################################### Auth Proxy ##########################
  244. [auth.proxy]
  245. ;enabled = false
  246. ;header_name = X-WEBAUTH-USER
  247. ;header_property = username
  248. ;auto_sign_up = true
  249. ;ldap_sync_ttl = 60
  250. ;whitelist = 192.168.1.1, 192.168.2.1
  251. ;headers = Email:X-User-Email, Name:X-User-Name
  252. #################################### Basic Auth ##########################
  253. [auth.basic]
  254. ;enabled = true
  255. #################################### Auth LDAP ##########################
  256. [auth.ldap]
  257. ;enabled = false
  258. ;config_file = /etc/grafana/ldap.toml
  259. ;allow_sign_up = true
  260. #################################### SMTP / Emailing ##########################
  261. [smtp]
  262. enabled = true
  263. ;host = localhost:25
  264. ;user =
  265. # If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
  266. ;password =
  267. ;cert_file =
  268. ;key_file =
  269. skip_verify = true
  270. from_address = grafana@{{ domain }}
  271. ;from_name = Grafana
  272. # EHLO identity in SMTP dialog (defaults to instance_name)
  273. ehlo_identity = {{ domain }}
  274. [emails]
  275. welcome_email_on_sign_up = true
  276. #################################### Logging ##########################
  277. [log]
  278. # Either "console", "file", "syslog". Default is console and file
  279. # Use space to separate multiple modes, e.g. "console file"
  280. ;mode = console file
  281. # Either "debug", "info", "warn", "error", "critical", default is "info"
  282. ;level = info
  283. # optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
  284. ;filters =
  285. # For "console" mode only
  286. [log.console]
  287. ;level =
  288. # log line format, valid options are text, console and json
  289. ;format = console
  290. # For "file" mode only
  291. [log.file]
  292. ;level =
  293. # log line format, valid options are text, console and json
  294. ;format = text
  295. # This enables automated log rotate(switch of following options), default is true
  296. ;log_rotate = true
  297. # Max line number of single file, default is 1000000
  298. ;max_lines = 1000000
  299. # Max size shift of single file, default is 28 means 1 << 28, 256MB
  300. ;max_size_shift = 28
  301. # Segment log daily, default is true
  302. ;daily_rotate = true
  303. # Expired days of log file(delete after max days), default is 7
  304. ;max_days = 7
  305. [log.syslog]
  306. ;level =
  307. # log line format, valid options are text, console and json
  308. ;format = text
  309. # Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
  310. ;network =
  311. ;address =
  312. # Syslog facility. user, daemon and local0 through local7 are valid.
  313. ;facility =
  314. # Syslog tag. By default, the process' argv[0] is used.
  315. ;tag =
  316. #################################### Alerting ############################
  317. [alerting]
  318. # Disable alerting engine & UI features
  319. ;enabled = true
  320. # Makes it possible to turn off alert rule execution but alerting UI is visible
  321. ;execute_alerts = true
  322. # Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)
  323. ;error_or_timeout = alerting
  324. # Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok)
  325. ;nodata_or_nullvalues = no_data
  326. # Alert notifications can include images, but rendering many images at the same time can overload the server
  327. # This limit will protect the server from render overloading and make sure notifications are sent out quickly
  328. ;concurrent_render_limit = 5
  329. #################################### Explore #############################
  330. [explore]
  331. # Enable the Explore section
  332. ;enabled = true
  333. #################################### Internal Grafana Metrics ##########################
  334. # Metrics available at HTTP API Url /metrics
  335. [metrics]
  336. # Disable / Enable internal metrics
  337. ;enabled = true
  338. # Publish interval
  339. ;interval_seconds = 10
  340. # Send internal metrics to Graphite
  341. [metrics.graphite]
  342. # Enable by setting the address setting (ex localhost:2003)
  343. ;address =
  344. ;prefix = prod.grafana.%(instance_name)s.
  345. #################################### Distributed tracing ############
  346. [tracing.jaeger]
  347. # Enable by setting the address sending traces to jaeger (ex localhost:6831)
  348. ;address = localhost:6831
  349. # Tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2)
  350. ;always_included_tag = tag1:value1
  351. # Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
  352. ;sampler_type = const
  353. # jaeger samplerconfig param
  354. # for "const" sampler, 0 or 1 for always false/true respectively
  355. # for "probabilistic" sampler, a probability between 0 and 1
  356. # for "rateLimiting" sampler, the number of spans per second
  357. # for "remote" sampler, param is the same as for "probabilistic"
  358. # and indicates the initial sampling rate before the actual one
  359. # is received from the mothership
  360. ;sampler_param = 1
  361. #################################### Grafana.com integration ##########################
  362. # Url used to import dashboards directly from Grafana.com
  363. [grafana_com]
  364. ;url = https://grafana.com
  365. #################################### External image storage ##########################
  366. [external_image_storage]
  367. # Used for uploading images to public servers so they can be included in slack/email messages.
  368. # you can choose between (s3, webdav, gcs, azure_blob, local)
  369. provider = local
  370. [external_image_storage.s3]
  371. ;bucket =
  372. ;region =
  373. ;path =
  374. ;access_key =
  375. ;secret_key =
  376. [external_image_storage.webdav]
  377. ;url =
  378. ;public_url =
  379. ;username =
  380. ;password =
  381. [external_image_storage.gcs]
  382. ;key_file =
  383. ;bucket =
  384. ;path =
  385. [external_image_storage.azure_blob]
  386. ;account_name =
  387. ;account_key =
  388. ;container_name =
  389. [external_image_storage.local]
  390. # does not require any configuration
  391. [rendering]
  392. # Options to configure external image rendering server like https://github.com/grafana/grafana-image-renderer
  393. ;server_url =
  394. ;callback_url =
  395. [enterprise]
  396. # Path to a valid Grafana Enterprise license.jwt file
  397. ;license_path =
  398. [panels]
  399. ;enable_alpha = false
  400. # If set to true Grafana will allow script tags in text panels. Not recommended as it enable XSS vulnerabilities.
  401. ;disable_sanitize_html = false