· 6 years ago · Jun 02, 2019, 09:34 AM
1##################### Grafana Configuration Example #####################
2#
3# Everything has defaults so you only need to uncomment things you want to
4# change
5
6# possible values : production, development
7;app_mode = production
8
9# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
10;instance_name = ${HOSTNAME}
11
12#################################### Paths ####################################
13[paths]
14# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
15;data = /var/lib/grafana
16
17# Temporary files in `data` directory older than given duration will be removed
18;temp_data_lifetime = 24h
19
20# Directory where grafana can store logs
21;logs = /var/log/grafana
22
23# Directory where grafana will automatically scan and look for plugins
24;plugins = /var/lib/grafana/plugins
25
26# folder that contains provisioning config files that grafana will apply on startup and while running.
27;provisioning = conf/provisioning
28
29#################################### Server ####################################
30[server]
31# Protocol (http, https, socket)
32;protocol = https
33
34# The ip address to bind to, empty will bind to all interfaces
35;http_addr =
36
37# The http port to use
38;http_port = 3000
39
40# The public facing domain name used to access grafana from a browser
41;domain = stats.liamxdev.ovh
42
43# Redirect to correct domain if host header does not match domain
44# Prevents DNS rebinding attacks
45;enforce_domain = false
46
47# The full public facing url you use in browser, used for redirects and emails
48# If you use reverse proxy and sub path specify full url (with sub path)
49root_url = https://stats.liamxdev.ovh/
50
51# Log web requests
52;router_logging = false
53
54# the path relative working path
55;static_root_path = public
56
57# enable gzip
58;enable_gzip = false
59
60# https certs & key file
61;cert_file = /etc/grafana/cert.pem
62;cert_key = /etc/grafana/privkey.pem
63
64# Unix socket path
65;socket =
66
67#################################### Database ####################################
68[database]
69# You can configure the database connection by specifying type, host, name, user and password
70# as separate properties or as on string using the url properties.
71
72# Either "mysql", "postgres" or "sqlite3", it's your choice
73;type = sqlite3
74;host = 127.0.0.1:3306
75;name = grafana
76;user = root
77# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
78;password =
79
80# Use either URL or the previous fields to configure the database
81# Example: mysql://user:secret@host:port/database
82;url =
83
84# For "postgres" only, either "disable", "require" or "verify-full"
85;ssl_mode = disable
86
87# For "sqlite3" only, path relative to data_path setting
88;path = grafana.db
89
90# Max idle conn setting default is 2
91;max_idle_conn = 2
92
93# Max conn setting default is 0 (mean not set)
94;max_open_conn =
95
96# Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
97;conn_max_lifetime = 14400
98
99# Set to true to log the sql calls and execution times.
100log_queries =
101
102# For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
103;cache_mode = private
104
105#################################### Cache server #############################
106[remote_cache]
107# Either "redis", "memcached" or "database" default is "database"
108;type = database
109
110# cache connectionstring options
111# database: will use Grafana primary database.
112# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana`
113# memcache: 127.0.0.1:11211
114;connstr =
115
116#################################### Session ####################################
117[session]
118# Either "memory", "file", "redis", "mysql", "postgres", default is "file"
119;provider = file
120
121# Provider config options
122# memory: not have any config yet
123# file: session dir path, is relative to grafana data_path
124# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana`
125# mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name`
126# postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable
127;provider_config = sessions
128
129# Session cookie name
130;cookie_name = grafana_sess
131
132# If you use session in https only, default is false
133;cookie_secure = false
134
135# Session life time, default is 86400
136;session_life_time = 86400
137
138#################################### Data proxy ###########################
139[dataproxy]
140
141# This enables data proxy logging, default is false
142;logging = false
143
144# How long the data proxy should wait before timing out default is 30 (seconds)
145;timeout = 30
146
147# If enabled and user is not anonymous, data proxy will add X-Grafana-User header with username into the request, default is false.
148;send_user_header = false
149
150#################################### Analytics ####################################
151[analytics]
152# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
153# No ip addresses are being tracked, only simple counters to track
154# running instances, dashboard and error counts. It is very helpful to us.
155# Change this option to false to disable reporting.
156;reporting_enabled = true
157
158# Set to false to disable all checks to https://grafana.net
159# for new vesions (grafana itself and plugins), check is used
160# in some UI views to notify that grafana or plugin update exists
161# This option does not cause any auto updates, nor send any information
162# only a GET request to http://grafana.com to get latest versions
163;check_for_updates = true
164
165# Google Analytics universal tracking code, only enabled if you specify an id here
166;google_analytics_ua_id =
167
168# Google Tag Manager ID, only enabled if you specify an id here
169;google_tag_manager_id =
170
171#################################### Security ####################################
172[security]
173# default admin user, created on startup
174;admin_user = admin
175
176# default admin password, can be changed before first start of grafana, or in profile settings
177;admin_password = admin
178
179# used for signing
180;secret_key = SW2YcwTIb9zpOOhoPsMm
181
182# disable gravatar profile images
183;disable_gravatar = false
184
185# data source proxy whitelist (ip_or_domain:port separated by spaces)
186;data_source_proxy_whitelist =
187
188# disable protection against brute force login attempts
189;disable_brute_force_login_protection = false
190
191# set to true if you host Grafana behind HTTPS. default is false.
192;cookie_secure = false
193
194# set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict" and "none"
195;cookie_samesite = lax
196
197#################################### Snapshots ###########################
198[snapshots]
199# snapshot sharing options
200;external_enabled = true
201;external_snapshot_url = https://snapshots-origin.raintank.io
202;external_snapshot_name = Publish to snapshot.raintank.io
203
204# remove expired snapshot
205;snapshot_remove_expired = true
206
207#################################### Dashboards History ##################
208[dashboards]
209# Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1
210;versions_to_keep = 20
211
212#################################### Users ###############################
213[users]
214# disable user signup / registration
215;allow_sign_up = true
216
217# Allow non admin users to create organizations
218;allow_org_create = true
219
220# Set to true to automatically assign new users to the default organization (id 1)
221;auto_assign_org = true
222
223# Default role new users will be automatically assigned (if disabled above is set to true)
224;auto_assign_org_role = Viewer
225
226# Background text for the user field on the login page
227;login_hint = email or username
228;password_hint = password
229
230# Default UI theme ("dark" or "light")
231;default_theme = dark
232
233# External user management, these options affect the organization users view
234;external_manage_link_url =
235;external_manage_link_name =
236;external_manage_info =
237
238# Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard.
239;viewers_can_edit = false
240
241# Editors can administrate dashboard, folders and teams they create
242;editors_can_admin = false
243
244[auth]
245# Login cookie name
246;login_cookie_name = grafana_session
247
248# The lifetime (days) an authenticated user can be inactive before being required to login at next visit. Default is 7 days,
249;login_maximum_inactive_lifetime_days = 7
250
251# The maximum lifetime (days) an authenticated user can be logged in since login time before being required to login. Default is 30 days.
252;login_maximum_lifetime_days = 30
253
254# How often should auth tokens be rotated for authenticated users when being active. The default is each 10 minutes.
255;token_rotation_interval_minutes = 10
256
257# Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
258disable_login_form = false
259
260# Set to true to disable the signout link in the side menu. useful if you use auth.proxy, defaults to false
261;disable_signout_menu = false
262
263# URL to redirect the user to after sign out
264;signout_redirect_url =
265
266# Set to true to attempt login with OAuth automatically, skipping the login screen.
267# This setting is ignored if multiple OAuth providers are configured.
268;oauth_auto_login = false
269
270#################################### Anonymous Auth ######################
271[auth.anonymous]
272# enable anonymous access
273enabled = true
274
275# specify organization name that should be used for unauthenticated users
276org_name = Main Org.
277
278# specify role for unauthenticated users
279;org_role = Viewer
280
281#################################### Github Auth ##########################
282[auth.github]
283;enabled = false
284;allow_sign_up = true
285;client_id = some_id
286;client_secret = some_secret
287;scopes = user:email,read:org
288;auth_url = https://github.com/login/oauth/authorize
289;token_url = https://github.com/login/oauth/access_token
290;api_url = https://api.github.com/user
291;team_ids =
292;allowed_organizations =
293
294#################################### Google Auth ##########################
295[auth.google]
296;enabled = false
297;allow_sign_up = true
298;client_id = some_client_id
299;client_secret = some_client_secret
300;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
301;auth_url = https://accounts.google.com/o/oauth2/auth
302;token_url = https://accounts.google.com/o/oauth2/token
303;api_url = https://www.googleapis.com/oauth2/v1/userinfo
304;allowed_domains =
305
306#################################### Generic OAuth ##########################
307[auth.generic_oauth]
308;enabled = false
309;name = OAuth
310;allow_sign_up = true
311;client_id = some_id
312;client_secret = some_secret
313;scopes = user:email,read:org
314;auth_url = https://foo.bar/login/oauth/authorize
315;token_url = https://foo.bar/login/oauth/access_token
316;api_url = https://foo.bar/user
317;team_ids =
318;allowed_organizations =
319;tls_skip_verify_insecure = false
320;tls_client_cert =
321;tls_client_key =
322;tls_client_ca =
323
324; Set to true to enable sending client_id and client_secret via POST body instead of Basic authentication HTTP header
325; This might be required if the OAuth provider is not RFC6749 compliant, only supporting credentials passed via POST payload
326;send_client_credentials_via_post = false
327
328#################################### Grafana.com Auth ####################
329[auth.grafana_com]
330;enabled = false
331;allow_sign_up = true
332;client_id = some_id
333;client_secret = some_secret
334;scopes = user:email
335;allowed_organizations =
336
337#################################### Auth Proxy ##########################
338[auth.proxy]
339;enabled = false
340;header_name = X-WEBAUTH-USER
341;header_property = username
342;auto_sign_up = true
343;ldap_sync_ttl = 60
344;whitelist = 192.168.1.1, 192.168.2.1
345;headers = Email:X-User-Email, Name:X-User-Name
346
347#################################### Basic Auth ##########################
348[auth.basic]
349;enabled = true
350
351#################################### Auth LDAP ##########################
352[auth.ldap]
353;enabled = false
354;config_file = /etc/grafana/ldap.toml
355;allow_sign_up = true
356
357#################################### SMTP / Emailing ##########################
358[smtp]
359;enabled = false
360;host = localhost:25
361;user =
362# If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
363;password =
364;cert_file =
365;key_file =
366;skip_verify = false
367;from_address = admin@grafana.localhost
368;from_name = Grafana
369# EHLO identity in SMTP dialog (defaults to instance_name)
370;ehlo_identity = dashboard.example.com
371
372[emails]
373;welcome_email_on_sign_up = false
374
375#################################### Logging ##########################
376[log]
377# Either "console", "file", "syslog". Default is console and file
378# Use space to separate multiple modes, e.g. "console file"
379;mode = console file
380
381# Either "debug", "info", "warn", "error", "critical", default is "info"
382;level = info
383
384# optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
385;filters =
386
387# For "console" mode only
388[log.console]
389;level =
390
391# log line format, valid options are text, console and json
392;format = console
393
394# For "file" mode only
395[log.file]
396;level =
397
398# log line format, valid options are text, console and json
399;format = text
400
401# This enables automated log rotate(switch of following options), default is true
402;log_rotate = true
403
404# Max line number of single file, default is 1000000
405;max_lines = 1000000
406
407# Max size shift of single file, default is 28 means 1 << 28, 256MB
408;max_size_shift = 28
409
410# Segment log daily, default is true
411;daily_rotate = true
412
413# Expired days of log file(delete after max days), default is 7
414;max_days = 7
415
416[log.syslog]
417;level =
418
419# log line format, valid options are text, console and json
420;format = text
421
422# Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
423;network =
424;address =
425
426# Syslog facility. user, daemon and local0 through local7 are valid.
427;facility =
428
429# Syslog tag. By default, the process' argv[0] is used.
430;tag =
431
432#################################### Alerting ############################
433[alerting]
434# Disable alerting engine & UI features
435;enabled = true
436# Makes it possible to turn off alert rule execution but alerting UI is visible
437;execute_alerts = true
438
439# Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)
440;error_or_timeout = alerting
441
442# Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok)
443;nodata_or_nullvalues = no_data
444
445# Alert notifications can include images, but rendering many images at the same time can overload the server
446# This limit will protect the server from render overloading and make sure notifications are sent out quickly
447;concurrent_render_limit = 5
448
449#################################### Explore #############################
450[explore]
451# Enable the Explore section
452;enabled = true
453
454#################################### Internal Grafana Metrics ##########################
455# Metrics available at HTTP API Url /metrics
456[metrics]
457# Disable / Enable internal metrics
458;enabled = true
459
460# Publish interval
461;interval_seconds = 10
462
463# Send internal metrics to Graphite
464[metrics.graphite]
465# Enable by setting the address setting (ex localhost:2003)
466;address =
467;prefix = prod.grafana.%(instance_name)s.
468
469#################################### Distributed tracing ############
470[tracing.jaeger]
471# Enable by setting the address sending traces to jaeger (ex localhost:6831)
472;address = localhost:6831
473# Tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2)
474;always_included_tag = tag1:value1
475# Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
476;sampler_type = const
477# jaeger samplerconfig param
478# for "const" sampler, 0 or 1 for always false/true respectively
479# for "probabilistic" sampler, a probability between 0 and 1
480# for "rateLimiting" sampler, the number of spans per second
481# for "remote" sampler, param is the same as for "probabilistic"
482# and indicates the initial sampling rate before the actual one
483# is received from the mothership
484;sampler_param = 1
485
486#################################### Grafana.com integration ##########################
487# Url used to import dashboards directly from Grafana.com
488[grafana_com]
489;url = https://grafana.com
490
491#################################### External image storage ##########################
492[external_image_storage]
493# Used for uploading images to public servers so they can be included in slack/email messages.
494# you can choose between (s3, webdav, gcs, azure_blob, local)
495;provider =
496
497[external_image_storage.s3]
498;bucket =
499;region =
500;path =
501;access_key =
502;secret_key =
503
504[external_image_storage.webdav]
505;url =
506;public_url =
507;username =
508;password =
509
510[external_image_storage.gcs]
511;key_file =
512;bucket =
513;path =
514
515[external_image_storage.azure_blob]
516;account_name =
517;account_key =
518;container_name =
519
520[external_image_storage.local]
521# does not require any configuration
522
523[rendering]
524# Options to configure external image rendering server like https://github.com/grafana/grafana-image-renderer
525;server_url =
526;callback_url =
527
528[enterprise]
529# Path to a valid Grafana Enterprise license.jwt file
530;license_path =
531
532[panels]
533;enable_alpha = false
534# If set to true Grafana will allow script tags in text panels. Not recommended as it enable XSS vulnerabilities.
535;disable_sanitize_html = false