Commit Graph

596 Commits

Author SHA1 Message Date
gotjosh
d006f7c916
Docs: SAML (#18069)
* docs: Link to SAML docs and document configuration options

- Document configuration options `defaults.ini` and `sample.ini`
- Add the SAML documentation
- Link to the SAML documentation from "what's new in 6.3"
2019-07-17 13:46:51 +01:00
Oleg Gaidarenko
e2cf7c9698
LDAP: finishing touches (#17945)
* LDAP:Docs: `active_sync_enabled` setting

Mention `active_sync_enabled` setting and enable it by default

* LDAP: move "disableExternalUser" method

Idea behind new design of the LDAP module is to minimise conflation
between other parts of the system, so it would decoupled as much as
possible from stuff like database, HTTP transport and etc.

Following "Do One Thing and Do It Well" Unix philosophy principal, other things
could be better fitted on the consumer side of things.

Which what this commit trying to archive

* LDAP: correct user/admin binding

The second binding was not happening, so if the admin login/password
in LDAP configuration was correct, anyone could had login as anyone using
incorrect password
2019-07-05 17:49:00 +03:00
gotjosh
e6b8a1529b
SAML: Configuration defaults, examples and dependencies (#17954)
* Add SAML configuration options

* Add crewjam/saml as a depdency

Needed as part of the enterprise SAML integration.

* Vendor github.com/stretchr/testify/require

The package require implements the same assertions as the `assert` package but stops test execution when a test fails.
2019-07-05 11:27:14 +01:00
Torkel Ödegaard
57c220c93d
Docs: added version notice to new ldap feature docs (#17929) 2019-07-04 14:39:11 +02:00
Sofia Papagiannaki
dc9ec7dc91
Auth: Allow expiration of API keys (#17678)
* Modify backend to allow expiration of API Keys

* Add middleware test for expired api keys

* Modify frontend to enable expiration of API Keys

* Fix frontend tests

* Fix migration and add index for `expires` field

* Add api key tests for database access

* Substitude time.Now() by a mock for test usage

* Front-end modifications

* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip

* Modify AddApiKey api call response

Expiration should be *time.Time instead of string

* Present expiration date in the selected timezone

* Use kbn for transforming intervals to seconds

* Use `assert` library for tests

* Frontend fixes

Add checks for empty/undefined/null values

* Change expires column from datetime to integer

* Restrict api key duration input

It should be interval not number

* AddApiKey must complain if SecondsToLive is negative

* Declare ErrInvalidApiKeyExpiration

* Move configuration to auth section

* Update docs

* Eliminate alias for models in modified files

* Omit expiration from api response if empty

* Eliminate Goconvey from test file

* Fix test

Do not sleep, use mocked timeNow() instead

* Remove index for expires from api_key table

The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.

* Use getTimeZone function

* Minor change in api key listing

The frontend should display a message instead of empty string
if the key does not expire.
2019-06-26 09:47:03 +03:00
Oleg Gaidarenko
31d2905490 LDAP:Docs: add information on LDAP sync feature and update LDAP sync default (#17689)
* Docs: for LDAP active sync feature
2019-06-25 12:54:13 +02:00
Sergey Goppikov
dda8b731e8 Settings: Fix typo in defaults.ini (#17707)
`backround` -> `backGround`
2019-06-23 17:38:30 +02:00
Kyle Brandt
49f0f0e89e
config: fix connstr for remote_cache (#17675)
fixes #17643 and adds test to check for commented out lines (but will only catch `;`, not `#`).
2019-06-20 10:15:21 -04:00
Oleg Gaidarenko
1c08e58605
LDAP: small improvements to various LDAP parts (#17662)
* Add multildap config example

* Publicize mocks for multildap module
2019-06-19 15:46:04 +02:00
Kyle Brandt
599514ad68
middleware: add security related HTTP(S) response headers (#17522)
* x_xss_protection
  * strict_transport_security (HSTS)
  * x_content_type_options

these are currently defaulted to false (off) until the next minor release.

fixes #17509
2019-06-12 13:15:50 +02:00
Kyle Brandt
c09fe3c3b4
remote_cache: Fix redis (#17483)
* wip: fix remote cache for redis
connstr parsing and non-negative expires for #17377
TODO: finish parse, check zero case, find out why negative duration in the first place

* finish parse.
Still TODO, find out negative value, and decide if would be better to make database specific entries in the .ini file

* update ini files

* remove accidental uncomment in defaults.ini

* auth_proxy: expiration non-negative so expiration is not in the past

* fix test, revert neg in redis

* review: use errutil
2019-06-10 15:27:08 +02:00
Tom McClellan
34f314552d Config: Add comment before log_queries in sample ini file (#17462) 2019-06-06 11:13:27 +02:00
Jonathan Rockway
02975256d1 Tracing: allow propagation with Zipkin headers (#17009)
Closes #17006
2019-06-05 13:12:05 +02:00
Abhilash Gnan
04d473b3e5 HTTP Server: Serve Grafana with a custom URL path prefix (#17048)
Adds a new [server] setting `serve_from_sub_path`. By enabling 
this setting and using a subpath in `root_url` setting, e.g.
`root_url = http://localhost:3000/grafana`, Grafana will be accessible 
on `http://localhost:3000/grafana`. By default it is set to `false` 
for compatibility reasons.

Closes #16623
2019-05-27 17:47:29 +02:00
Marcus Efraimsson
1c1427520d
Security: Add new setting allow_embedding (#16853)
When allow_embedding is false (default) the Grafana backend 
will set the http header `X-Frame-Options: deny` in all responses 
to non-static content which will instruct browser to not allow 
Grafana to be embedded in `<frame>`, `<iframe>`, 
`<embed>` or `<object>`.

Closes #14189
2019-05-06 09:56:23 +02:00
Oleg Gaidarenko
66c9297c36
Feature: introduce LdapActiveSyncEnabled setting (#16787)
* Feature: introduce LdapActiveSyncEnabled setting

We probably remove it after the active sync is done.
But at the moment we do not want to affect the current users
with not fully tested feature

* Chore: move settings in more logical order
2019-04-27 09:03:59 +03:00
Oleg Gaidarenko
62b85a886e
LDAP Refactoring to support syncronizing more than one user at a time. (#16705)
* Feature: add cron setting for the ldap settings

* Move ldap configuration read to special function

* Introduce cron setting (no docs for it yet, pending approval)

* Chore: duplicate ldap module as a service

* Feature: implement active sync

This is very early preliminary implementation of active sync.
There is only one thing that's going right for this code - it works.

Aside from that, there is no tests, error handling, docs, transactions,
it's very much duplicative and etc.

But this is the overall direction with architecture I'm going for

* Chore: introduce login service

* Chore: gradually switch to ldap service

* Chore: use new approach for auth_proxy

* Chore: use new approach along with refactoring

* Chore: use new ldap interface for auth_proxy

* Chore: improve auth_proxy and subsequently ldap

* Chore: more of the refactoring bits

* Chore: address comments from code review

* Chore: more refactoring stuff

* Chore: make linter happy

* Chore: add cron dep for grafana enterprise

* Chore: initialize config package var

* Chore: disable gosec for now

* Chore: update dependencies

* Chore: remove unused module

* Chore: address review comments

* Chore: make linter happy
2019-04-26 15:47:16 +03:00
Oleg Gaidarenko
78cd9058a3
Feature: add cron setting for the ldap settings (#16673)
* Feature: add cron setting for the ldap settings

* Move ldap configuration read to special function

* Introduce cron setting (no docs for it yet, pending approval)

* Chore: address code review comments
2019-04-25 17:12:56 +03:00
Josh
fca5ee4bea Provisioning: Support FolderUid in Dashboard Provisioning Config (#16559)
* add folderUid to DashbaordsAsConfig structs and DashbardProviderConfigs struct, set these values in mapping func
look for new folderUid values in config_reader tests
set dashboard folder Uid explicitly in file_reader, which has no affect when not given

* formatting and docstrings

* add folderUid to DashbaordsAsConfig structs and DashbardProviderConfigs struct, set these values in mapping func
look for new folderUid values in config_reader tests
set dashboard folder Uid explicitly in file_reader, which has no affect when not given

* formatting and docstrings

* add folderUid option, as well as documentation for the rest of the fields

* add blank folderUid in devenv example.

* add folderUid to provisioning sample yaml

* instead of just warning, return error if unmarshalling dashboard provisioning file fails

* Removing the error handling and adding comment

* Add duplicity check for folder Uids


Co-authored-by: swtch1 <joshua.thornton@protonmail.com>
2019-04-24 08:57:42 +02:00
Oleg Gaidarenko
db584b3d28
Chore: remove session storage references (#16445)
* Chore: remove session storage references

* Small refactoring of the settings module

* Update docs - remove references for the session storage

* Update config files (sample and default configs)

* Add tests for warning during the config load on defined storage cache

* Remove all references to session storage

* Remove macaron session dependency

* Remove leftovers

* Fix: address review comments

* Fix: remove old deps

* Fix: add skipStaticRootValidation = true to tests

* Fix: improve the docs and warning message

As per discussion in here - https://github.com/grafana/grafana/pull/16445/files#r273026255

* Chore: make linter happy

Fixes #16148
Ref #16114
2019-04-22 18:58:24 +03:00
Carl Bergquist
490515aec6
build: partially replace gometalinter with golangci-lint (#16610)
we still use gometalinter for goconst since it doesn't 
report errors for duplicated in test files
2019-04-16 10:27:07 +02:00
Ryan McKinley
3c21a121eb Plugins: Unifying alpha state & options for all plugins (#16530)
* app pages

* app pages

* workign example

* started alpha support

* remove app stuff

* show warning on alpha/beta panels

* put app back on plugin file

* fix go

* add enum for PluginType and PluginIncludeType

* Refactoring and moving settings to plugins section

fixes #16529
2019-04-12 13:46:42 +02:00
kleph
7ddb770e3b Configuration: Improve session_lifetime comments (#16238) 2019-03-29 13:10:20 +07:00
Zzy
1b84a924a3 Alerting: Makes timeouts and retries configurable (#16259)
Adds new alert settings for configuring timeouts and retries named 
evaluation_timeout_seconds, notification_timeout_seconds 
and max_attempts.

Closes #16240
2019-03-29 12:58:37 +07:00
Oleg Gaidarenko
04b3afcd15
Chore: Implement revive (#16200)
Since we do not like some of the default golint rules,
this commit proposes to use https://github.com/mgechev/revive.

And potential revive speed-up should't hurt :).

Right now, presented config (./conf/revive.toml) is permissive,
we might improve it over time however. Fixes for found revive
issues in the code are very limited so it wouldn't be large to review.

Also in this commit:

* Add annotations for makefile commands and declare phony targets

* Rename "gometalinter" script and CI command to "lint"
  since we are doing there a bit more then using gometalinter package

* Add Makefile rules to .editorconfig

* Documentation which mentioned "golint" replaced with revive

Fixes #16109
Ref #16160
2019-03-27 17:53:49 +01:00
Hugo Häggmark
a90b3e331e config: updated feature toggle name 2019-03-19 13:59:39 +01:00
Andrej Ocenas
697a87b7b2 Add check so that header is not sent for anonymous users 2019-03-14 16:33:21 +01:00
Andrej Ocenas
bbdc1c0e64 Add custom header with grafana user and a config switch for it 2019-03-14 16:33:19 +01:00
Carl Bergquist
291ffcb75b
Merge pull request #15457 from bergquist/distributed_cache
Distributed cache
2019-03-14 16:16:39 +01:00
Torkel Ödegaard
06f7a49a61 Refactoring / fixing password hint PR #15868 2019-03-11 13:33:57 +01:00
bergquist
7e7427637c renames distcache -> remotecache 2019-03-11 10:49:55 +01:00
bergquist
daa3b17951 code layouts and comments 2019-03-11 10:49:42 +01:00
bergquist
98f5432659 memcache -> memcached
https://github.com/memcached/memcached
2019-03-11 10:49:09 +01:00
bergquist
196cdf9710 adds config to default settings 2019-03-11 10:49:09 +01:00
Woodward, Joshua
946e542412 Make password hint configurable from settings/defaults.ini 2019-03-07 14:00:04 -08:00
Hugo Häggmark
8f62082482 Added feature toggle to defaults.ini and sample.ini after PR comments 2019-02-22 14:39:22 +01:00
bergquist
170783c292 make hourly cleanup the default behavior 2019-02-07 10:51:35 +01:00
Marcus Efraimsson
1a140ee199
run token cleanup job when grafana starts, then each hour 2019-02-06 22:27:08 +01:00
Marcus Efraimsson
85ef2ca738
fix spelling 2019-02-06 09:43:45 +01:00
Marcus Efraimsson
3c2fd02bc0
refactor login/auth token configuration settings
remove login section and reuse existing sections security and auth
2019-02-05 21:09:55 +01:00
bergquist
a6bd2c73a0 introduce samesite setting for login cookie
ref #15067
2019-02-01 11:47:21 +01:00
Carl Bergquist
c6f80ecec2
Merge pull request #14229 from pbakulev/configurable-alert-notification
Configurable alert notification
2019-01-28 22:47:12 +01:00
bergquist
8f0e65a150 renames alert_notifications -> notifiers 2019-01-28 20:39:09 +01:00
Marcus Efraimsson
f701c610fb
Merge pull request #15054 from RangerRick/master
add global datasource proxy timeout setting
2019-01-28 18:21:27 +01:00
bergquist
6a8643b3d1 Merge branch 'master' into configurable-alert-notification
* master: (250 commits)
  Firing off an action instead of listening to location changes
  Changes after PR Comments
  Made ExplorerToolbar connected and refactored away responsabilities from Explore
  Removed some split complexity
  Fixed some more styling
  Fixed close split look and feel
  Fixed position of Closesplit
  Fixed small issue with TimePicker dropdown position
  Simplified some styles and dom elements
  Fixed some more with the sidemenu open and smaller screens
  Fixed so heading looks good with closed sidemenu
  Restructure of component and styling
  Refactored out ExploreToolbar from Explore
  Fixed reinitialise of Explore
  changelog: add notes about closing #13929
  changelog: add notes about closing #14558
  changelog: add notes about closing #14484
  changelog: add notes about closing #13765
  changelog: add notes about closing #11503
  changelog: add notes about closing #4075
  ...
2019-01-28 14:16:43 +01:00
bergquist
6e672eb291 enable explore by default
closes #15037
2019-01-28 13:02:54 +01:00
Marcus Efraimsson
e4924795a2
change default rotate_token_minutes to 10 minutes 2019-01-25 13:30:26 +01:00
Benjamin Reed
9108fd1b9d add global datasource proxy timeout setting
closes grafana#5699
2019-01-24 14:06:48 -05:00
bergquist
d6edaa1328 moves cookie https setting to [security] 2019-01-24 19:04:58 +01:00
bergquist
9153b6ed96 improves readability of loginping handler 2019-01-24 15:17:09 +01:00
bergquist
516037fbdd makes sure rotation is always higher than urgent rotation 2019-01-24 13:54:45 +01:00
bergquist
f257101c41 removes unused/commented code 2019-01-24 11:26:45 +01:00
bergquist
ff483f3782 removes old cookie auth configuration 2019-01-24 10:55:10 +01:00
bergquist
56a521b264 makes auth token rotation time configurable 2019-01-24 10:50:18 +01:00
bergquist
31b5db06f1 Merge branch 'master' into poc_token_auth
* master: (156 commits)
  Fixed issues with the sanitizie input in text panels, added docs, renamed config option
  build: removes arm32v6 docker image.
  Updated version in package.json to 6.0.0-pre1
  Update CHANGELOG.md
  build: armv6 docker image.
  build: skips building rpm for armv6.
  build: builds for armv6.
  Explore: mini styling fix for angular query editors
  Removed unused props & state in PromQueryField
  chore: Remove logging and use the updated config param
  chore: Reverse sanitize variable so it defaults to false
  feat: wip: Sanitize user input on text panel
  fix: Text panel should re-render when panel mode is changed #14922
  Minor rename of LogsProps and LogsState
  Splitted up LogLabels into LogLabelStats and LogLabel
  Refactored out LogRow to a separate file
  Removed strange edit
  Added link to side menu header and fixed styling
  Moved ValueMapping logic and tests to separate files
  Fixed data source selection in explore
  ...
2019-01-22 15:39:54 +01:00
bergquist
64124b5042 add setting for how to long we should keep expired tokens 2019-01-22 15:31:43 +01:00
bergquist
d3ec8e1ccb creates new config section for login settings 2019-01-22 15:22:11 +01:00
Torkel Ödegaard
f0e61af8e0 Fixed issues with the sanitizie input in text panels, added docs, renamed config option 2019-01-22 11:56:35 +01:00
Johannes Schill
1ed35f3dc1 chore: Reverse sanitize variable so it defaults to false 2019-01-22 09:36:07 +01:00
Johannes Schill
15d560a1c0 feat: wip: Sanitize user input on text panel 2019-01-22 09:36:07 +01:00
Pavel Bakulev
f132e929ce Added uid for alert notifications 2019-01-16 16:50:00 +02:00
Pavel Bakulev
7b09dd38d8 Commented alert_notifications sample config 2019-01-16 16:45:42 +02:00
Pavel Bakulev
5c10a897f8 Instantiating notifiers from config before using 2019-01-16 16:45:42 +02:00
Pavel Bakulev
6e3e9a337d Added alert_notification configuration 2019-01-16 16:45:42 +02:00
bergquist
74124ec8ed makes cache mode configurable
this makes the cache mode in the sqlite connection
string configurable. the default also changed from
shared to private to solve #107272 but allow the user
to use shared if performance is more important.

ref #10727
2018-12-27 10:48:11 +01:00
Tomas Dabasinskas
3aa24b3afa Rename the setting and add description 2018-12-19 14:59:33 +02:00
Tomas Dabasinskas
08c12313fe Update sample and default configs 2018-12-18 13:51:17 +02:00
Marcus Efraimsson
b9e91cab0e
add oauth_auto_login setting to defaults file
Making the setting configurable thru environment variable
2018-12-12 10:42:37 +01:00
Mario Trangoni
e4771a88dd Fix other misspell issues
See,
$ find . -type f | xargs misspell -locale US | grep -vi -e vendor -e node_modules -e devenv -e unknwon -e destory -e yarn -e adn -e Spindel
2018-11-29 18:15:16 +01:00
Carl Bergquist
9b20c9c3a5
Merge pull request #14225 from zicklam/patch-3
removed extra whitespace
2018-11-29 10:00:09 +01:00
Florian Zicklam
3000818ab3
added google_tag_manager_id from defaults.ini 2018-11-29 09:30:03 +01:00
Florian Zicklam
d86ba20d10
removed extra whitespace
removed extra whitespace
2018-11-29 09:21:06 +01:00
bergquist
c999394b49 adds basic auth configuration to default.ini 2018-11-20 11:07:39 +01:00
Dan Cech
8a74fe2b76
add auth.proxy headers to sample.ini 2018-11-07 18:21:25 -05:00
Dan Cech
502290817a
add auth.proxy headers to default.ini 2018-11-07 17:36:44 -05:00
Torkel Ödegaard
28b0ae1d82 Added new backend setting for license file 2018-11-01 12:07:11 +01:00
Torkel Ödegaard
565edc1ed3 added setting top hide plugins in alpha state 2018-10-09 17:47:43 +02:00
Leo Ochoa
12a99fa0b5
typo in sample.ini 2018-10-01 18:47:25 +02:00
Torkel Ödegaard
cb96c6d942 Changed setting to be an alerting setting 2018-09-25 12:17:04 +02:00
Torkel Ödegaard
4dab595ed7 rendering: Added concurrent rendering limits 2018-09-24 16:14:11 +02:00
Torkel Ödegaard
5fbe8eff4f ldap: made minor change to group search, and to docs 2018-09-14 11:28:17 +02:00
Bob Shannon
f257ff0216 Allow oauth email attribute name to be configurable (#13006)
* Allow oauth email attribute name to be configurable

Signed-off-by: Bob Shannon <bshannon@palantir.com>

* Document e-mail determination steps for generic oauth

* Add reference to email_attribute_name

* Re-add e-mail determination docs to new generic-oauth page

* Inherit default e-mail attribute from defaults.ini
2018-09-10 09:45:07 +02:00
bergquist
1e33a3780f spelling errors 2018-09-06 11:51:24 +02:00
bergquist
3ce89cad71 make default values for alerting configurable 2018-09-06 11:26:14 +02:00
Anthony Woods
5c0fbbf7c8 improve remote image rendering (#13102)
* improve remote image rendering

- determine "domain" during Init() so we are not re-parsing settings
  on every request
- if using http-mode via a rednererUrl, then use the AppUrl for the
  page that the renderer loads.  When in http-mode the renderer is likely
  running on another server so trying to use the localhost or even the
  specific IP:PORT grafana is listening on wont work.
- apply the request timeout via a context rather then directly on the http client.
- use a global http client so we can take advantage of connection re-use
- log and handle errors better.

* ensure imagesDir exists

* allow users to define callback_url for remote rendering

- allow users to define the url that a remote rendering service
  should use for connecting back to the grafana instance.
  By default the "root_url" is used.

* improve remote image rendering

- determine "domain" during Init() so we are not re-parsing settings
  on every request
- if using http-mode via a rednererUrl, then use the AppUrl for the
  page that the renderer loads.  When in http-mode the renderer is likely
  running on another server so trying to use the localhost or even the
  specific IP:PORT grafana is listening on wont work.
- apply the request timeout via a context rather then directly on the http client.
- use a global http client so we can take advantage of connection re-use
- log and handle errors better.

* ensure imagesDir exists

* allow users to define callback_url for remote rendering

- allow users to define the url that a remote rendering service
  should use for connecting back to the grafana instance.
  By default the "root_url" is used.

* rendering: fixed issue with renderKey where userId and orgId was in mixed up, added test for RenderCallbackUrl reading logic
2018-09-04 13:42:55 +02:00
Benoît Knecht
7ec146df99 social: add GitLab authentication backend
GitLab could already be used as an authentication backend by properly
configuring `auth.generic_oauth`, but then there was no way to authorize
users based on their GitLab group membership.

This commit adds a `auth.gitlab` backend, similar to `auth.github`, with
an `allowed_groups` option that can be set to a list of groups whose
members should be allowed access to Grafana.
2018-08-14 14:11:48 +02:00
Torkel Ödegaard
277a696fa5
fix: added missing ini default keys, fixes #12800 (#12912) 2018-08-14 08:49:56 +02:00
Emil Flink
5bea54eaaa Support client certificates for LDAP servers 2018-08-03 12:00:20 +02:00
gzzo
cb76fc7f2d
Add auto_assign_org_id to defaults.ini
For #12801
2018-08-02 12:29:47 -04:00
Jan Garaj
e37e8cb38c Add missing tls_skip_verify_insecure (#12748) 2018-07-30 00:02:16 -07:00
Torkel Ödegaard
913b8576f8 docs: minor docs fix 2018-07-18 13:20:28 +02:00
Torkel Ödegaard
c189262bac ldap: Make it possible to define Grafana admins via ldap setup, closes #2469 2018-07-16 16:56:42 +02:00
Carl Bergquist
828fb39ee2
Merge pull request #11643 from mrsiano/generic_oauth
Pass configured/auth headers to a Datasource.
2018-06-21 14:21:59 +02:00
mrsiano
cc1e3a0e3c Pass configured/auth headers to a Datasource.
In some setups (ex openshift), the Datasource will require Grafana
to pass oauth token as header when sending queries.
Also, this PR allow to send any header which is something
Grafana currently does not support.
2018-06-21 14:58:05 +03:00
Anton Sergeyev
2024cf4b56 #11607 fixed formatting 2018-06-14 12:46:29 +05:00
Anton Sergeyev
516839d7b2 #11607 Cleanup time of temporary files is now configurable 2018-06-14 12:35:22 +05:00
Julien Pivotto
a5e6cb9a02 Fix #9847 Add a generic signout_redirect_url to enable oauth logout
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2018-05-27 14:52:50 +02:00
David Kaltschmidt
1e6e89121c Settings to enable Explore UI 2018-04-27 11:39:14 +02:00
Mario Trangoni
298ece0a02 conf: fix codespell issues 2018-04-13 20:31:29 +02:00
Daniel Lee
92388f7faf session: update defaults for ConnMaxLifetime
to be the same as the 5.0.3 release defaults
2018-03-20 19:31:01 +01:00
Daniel Lee
1cef373d16 Merge remote-tracking branch 'upstream/master' into update-xorm 2018-03-20 19:21:58 +01:00
DavidLambauer
b90c323e31
Minor format changes
Just fixed some minor inconsistencies in the format of the file. There were some configurations uncommented like so: 

```
; container_name =
```

and some other like so:

```
;container_name =
```

So there is a need for a small perfection here! 

I also removed some unnecessary line breaks, bullying my eyes... 

![<3](https://media.giphy.com/media/dTJd5ygpxkzWo/giphy.gif)
2018-03-18 10:17:48 +01:00
Daniel Lee
9cdd7cb04c database: expose SetConnMaxLifetime as config setting
For MySQL, setting this to be shorter than the wait_timeout MySQL setting
solves the issue with connection errors after the session has timed out for
the connection to the database via xorm.
2018-03-16 01:09:00 +01:00
Laurent Godet
59704ee939 Fix Github OAuth not working with private Organizations (#11028)
* Fix Github OAuth not working with private organizations

* Update documentation
2018-02-28 13:08:15 +01:00
Daniel Lee
fe49182b9d snapshots: fixes cleanup of old snapshots
Snapshot cleanup did not work due to time.Now syntax error. Added test
for it as well to catch any future errors.

Added error and debug logging so that it is possible to see any errors in the future.

Removed an unused configuration value and deprecated the remove expired snapshots
setting.
2018-02-22 16:12:16 +01:00
bergquist
4dc6074e79 provisioning: dont ignore sample yaml files
closes #10963
2018-02-20 08:40:37 +01:00
Scott Brenner
2d03ab1770
Update sample.ini 2018-02-15 10:41:26 -08:00
Scott Brenner
7535cefed9
Update ldap.toml 2018-02-15 10:41:15 -08:00
Scott Brenner
b8b6dc6d6d
Minor typo fix 2018-02-15 10:37:23 -08:00
bergquist
dba087463a provisioing: always skip sample.yaml files 2018-02-14 11:33:58 +01:00
bergquist
b010e4df93 provisioning: support camelcase for dashboards configs 2018-02-14 10:30:08 +01:00
bergquist
4a35244cb9 provisioning: support camcelCase provisioning files 2018-02-14 10:30:08 +01:00
Scott Brenner
e57c8d0357
Minor typo fix
Minor typo fix
2018-02-12 13:59:19 -08:00
bergquist
e93fe9db25 provisioning: update sample config to use path 2018-02-09 15:25:31 +01:00
Leonard Gram
b549d29319 Merge branch 'master' into provisioning 2018-02-08 11:01:09 +01:00
Marcus Efraimsson
3d1c624c12 WIP: Protect against brute force (frequent) login attempts (#10031)
* db: add login attempt migrations

* db: add possibility to create login attempts

* db: add possibility to retrieve login attempt count per username

* auth: validation and update of login attempts for invalid credentials

If login attempt count for user authenticating is 5 or more the last 5 minutes
we temporarily block the user access to login

* db: add possibility to delete expired login attempts

* cleanup: Delete login attempts older than 10 minutes

The cleanup job are running continuously and triggering each 10 minute

* fix typo: rename consequent to consequent

* auth: enable login attempt validation for ldap logins

* auth: disable login attempts validation by configuration

Setting is named DisableLoginAttemptsValidation and is false by default
Config disable_login_attempts_validation is placed under security section
#7616

* auth: don't run cleanup of login attempts if feature is disabled

#7616

* auth: rename settings.go to ldap_settings.go

* auth: refactor AuthenticateUser

Extract grafana login, ldap login and login attemp validation together
with their tests to separate files.
Enables testing of many more aspects when authenticating a user.
#7616

* auth: rename login attempt validation to brute force login protection

Setting DisableLoginAttemptsValidation => DisableBruteForceLoginProtection
Configuration disable_login_attempts_validation => disable_brute_force_login_protection
#7616
2018-01-26 10:41:41 +01:00
bergquist
1508755422 cfg: remove local as default image uploader
ref #9967
2018-01-24 21:31:07 +01:00
bergquist
67a9e6a71d provisioing: add lookup table provisioned dashboards 2018-01-23 21:52:55 +01:00
bergquist
5546828b9f cfg: adds info about local img uploader to docs 2018-01-22 11:11:30 +01:00
Martin Szulecki
c82e23d96e imguploader: Add support for new internal image store (#6922) 2018-01-12 21:40:12 +01:00
Mahmoud Saada
af15e3c0d0 Implement Azure Blob external image uploader 2017-12-27 08:53:00 -05:00
Carl Bergquist
35106537f2 Replace Read Only Editor role with ViewersCanEdit setting (#10166)
* removes readonly editor role

* adds viewersCanEdit setting

This enable you to allow viewers to edit/inspect
dashboards in grafana in their own browser without
allowing them to save dashboards

* remove read only editor option from all dropdowns

* migrates all read only viewers to viewers

* docs: replace readOnlyEditor with viewersCanEdit
2017-12-13 18:53:42 +01:00
bergquist
5f5cdad97a improve error handling for datasources as cfg 2017-12-08 10:50:11 +01:00
bergquist
c766802325 improve sample datasource.yaml 2017-12-08 10:28:38 +01:00
bergquist
79d7213e11 fixes issue with datasource/dash as cfg and gitignore 2017-12-08 06:52:47 +01:00
bergquist
5006f9e4c5 dashboards as cfg: update docs to use /provisioning 2017-12-07 15:55:00 +01:00
bergquist
2e610cb256 dashboards as cfg: move dash/ds config files to /provisioning/* 2017-12-07 15:27:01 +01:00
bergquist
361acd3fa1 dashboards as cfg: include cfg files in dist packages 2017-12-07 15:27:01 +01:00
bergquist
2a18345eb2 dashboards as cfg: disable loading dashboards from disk by default 2017-12-07 15:27:01 +01:00
bergquist
d69b63cbc0 dashboards as cfg: read first cfg version 2017-12-07 15:27:01 +01:00
saady
767b460ff1 [GCS] Support for gcs path 2017-11-21 17:22:40 +00:00
Torkel Ödegaard
98b4074c16 refactoring: minor refactor of clean up dashboard history PR #9882 2017-11-17 14:41:44 +01:00
Torkel Ödegaard
aaa465a100 Merge branch 'feat-9671' of https://github.com/alexanderzobnin/grafana into alexanderzobnin-feat-9671 2017-11-17 14:16:49 +01:00
Carl Bergquist
9ea5af578e
Merge pull request #9504 from grafana/datasource_as_cfg
Datasources as configuration
2017-11-16 16:13:02 +01:00
bergquist
c60915c146 datasources as cfg: adds docs for all jsondata and secure_json fields 2017-11-16 14:22:52 +01:00
bergquist
87983021e2 datasources as cfg: convert yaml map into json for jsonData 2017-11-16 13:23:42 +01:00
bergquist
bfd8afaf13 docs: update metrics api path 2017-11-16 09:38:37 +01:00
bergquist
6267ef1391 datasource as cfg: fixes typos 2017-11-15 14:30:32 +01:00
bergquist
06a37d0023 datasource as cfg: show deletes first in example 2017-11-15 14:30:32 +01:00
bergquist
ebbfc529e0 datasource as cfg: support globbing 2017-11-15 14:30:32 +01:00
bergquist
0f136a940c datasource as cfg: enable editable ds's 2017-11-15 14:30:32 +01:00
bergquist
b72cdae563 datasource as cfg: add org_id to example config 2017-11-15 14:30:32 +01:00
bergquist
dc002abe4c datasource as cfg: test for reading all properties 2017-11-15 14:30:32 +01:00
bergquist
c9bfa781fd datasource as cfg: improve name for this feature 2017-11-15 14:30:32 +01:00
bergquist
ba4bbd1d47 datasource as cfg: refactor tests to use yaml files 2017-11-15 14:30:32 +01:00
bergquist
0f29b8ac83 datasources as cfg: tests for insert/updating datasources 2017-11-15 14:30:32 +01:00
bergquist
39b6c04643 datasource as cfg: basic implementation 2017-11-15 14:30:32 +01:00
Alexander Zobnin
a0a1f4aacd dashboard history: refactor after review 2017-11-15 13:36:36 +03:00
Alexander Zobnin
08e2bbef83 dashboard history: clean up dashboard version history 2017-11-14 18:22:18 +03:00
Furtchet
a51b1e8951 Update the config key to database_log_queries so it is more descriptive, as suggested in #9785. 2017-11-06 08:01:31 -06:00
Furtchet
5fdfa3ff7e MySQL Performance when using GF_DATABASE_URL
Set MaxIdleConn and MaxOpenConn when using the GF_DATABASE_URL configuration. Also added GF_DATABASE_DEBUG flag to print SQL statements and SQL execution times.
See #9784 for the details.
2017-11-03 14:05:32 -05:00
bergquist
dea631bedc tech: remove rabbitmq event publisher
closes #9645
2017-10-24 14:10:23 +02:00
Ricard Clau
e4541a7fd1 support for s3 path (#9151) 2017-10-04 21:04:20 +02:00
Torkel Ödegaard
eaefa3c1fa s3: minor fix for PR #9223 2017-09-27 09:43:32 +02:00
Torkel Ödegaard
50d82155ed Merge branch 'master' of https://github.com/williamjoy/grafana into williamjoy-master 2017-09-27 09:37:26 +02:00
Tobias Hintze
af79d046db introduce smtp config option for EHLO identity 2017-09-24 20:48:20 +02:00
William
88a8991722 config bucket and region for s3 uploader
this is to support cn-north-1 region as it can get s3 url programatically.
also keeps support 'bucket_url' for backward compatiblity
2017-09-19 04:57:25 -04:00
bergquist
bcf784375b make it possible to configure sampler type 2017-09-18 11:08:58 +02:00
bergquist
f37a595f68 make samplerconfig.param configurable 2017-09-18 11:08:58 +02:00
bergquist
ec29b469e4 adds custom tags from settings 2017-09-18 11:08:58 +02:00
bergquist
935dad653c set example port to zipkin default 2017-09-18 11:08:58 +02:00
bergquist
a234e894bb makes jaeger tracing configurable 2017-09-18 11:08:58 +02:00
Konstantin Chukhlomin
fcdf282090 GCS support via JSON API 2017-09-15 16:11:02 +02:00
Konstantin Chukhlomin
72d7c4d620 Added GCS support #8370 2017-09-15 16:11:02 +02:00
Torkel Ödegaard
a47b31ac62 fix: MySQL/Postgress max_idle_conn default was wrongly set to zero, which does not mean unlimited but zero, which in practice disables connection pooling, not good. now max idle conn is set to golang's default which is 2, fixes #8513 2017-08-08 16:17:52 +02:00
Torkel Ödegaard
06e87c151f feat: added settings to sample ini #8768 2017-07-31 15:04:47 +02:00
Torkel Ödegaard
23558c61d4 feat: wip work on #8768 2017-07-31 13:03:42 +02:00
Torkel Ödegaard
f5ed5c6529 settings(change): changed default value for allow sign up to false, closes #8743, and changed default option allow_org_create to false 2017-07-24 12:36:42 +02:00
Torkel Ödegaard
9ff4ab1236 Merge branch 'master' into query_troubleshooting 2017-06-13 16:47:04 -04:00
Torkel Ödegaard
c34db77f04 grafana_com: changed name of oauth grafana_net integration (old settings names still work), and updated login button look, closes #8415 2017-05-22 14:56:50 +02:00
Torkel Ödegaard
78dbb4dc13 config: removed trace level from config comment 2017-05-18 14:19:39 +02:00
Mitja Z
c92d719a72 added support for listening on unix socket #4030 (#8221) 2017-04-27 08:54:21 +02:00
fir4
6d9e8bd147 webdav: allow specification of a different public_url than upload url 2017-04-25 17:22:18 +02:00
Calle Pettersson
a79102b42d Fix ldap ca_cert example/docs for proper syntax (#8044) 2017-04-06 09:53:11 +02:00
timolehto
6e304e6e42 comments: Typos in defaults.ini (#7988) 2017-03-30 17:12:00 +02:00
Seuf
319b8d8fca Configurable signout menu activation (#7968) 2017-03-29 11:33:28 +02:00
Dan Cech
dde8583db8 xorm engine.SetMaxConns is a deprecated alias for engine.SetMaxOpenConns 2017-03-27 18:04:03 -04:00
Torkel Ödegaard
4d4e165be7 links: updated links from grafana.net to grafana.com 2017-03-20 10:20:32 +01:00
Daniel Lee
6dfdcd7ca5 email: change default from name to Grafana
Changes default from name in smtp settings
from Grafana Admin to Grafana.

Fix for integration test (which is skipped but that
did not work)
2017-02-15 11:02:46 +01:00
Jacob Bednarz
7520b4f404
Update default configuration to include from_name values 2017-02-15 08:06:58 +11:00
bergquist
5b7b3fef64 conf: adds sample values for db conn settings 2017-02-10 15:30:01 +01:00
huydx
28d93b574d (feat) support max connection setting for database configuration 2017-02-10 15:30:01 +01:00
Torkel Ödegaard
2a09d4a5a6 fix(): conf file had left over of old config key, #7395 2017-01-30 07:11:12 +01:00
Torkel Ödegaard
e073d20731 updated sample config 2017-01-25 13:34:02 +01:00
Torkel Ödegaard
40d39f8a3e refactor(): renaming alerting hide ui option, #7318 2017-01-25 13:32:26 +01:00
Torkel Ödegaard
fee4846429 Merge branch 'alerting_ui' of https://github.com/smalik03/grafana into smalik03-alerting_ui 2017-01-25 13:16:48 +01:00
smalik
9862c9ff40 feat(alerting): Show/hide alerting UI using configuration variable
Use configuration variable "show_alerting_ui" to show/hide alerting UI
2017-01-20 10:43:29 -05:00
bergquist
06440ef57b tech(dataproxy): moves cfg to [dataproxy] 2017-01-16 12:43:59 +01:00
bergquist
839eb97061 Merge branch 'feature/dataProxyAuditLog' of https://github.com/Ricky-N/grafana into Ricky-N-feature/dataProxyAuditLog 2017-01-16 12:02:43 +01:00
bergquist
eb8d1dfa34 docs(smtp): adds info about how to use passwords with #
closes #7265
2017-01-16 07:03:35 +01:00
Ricky Niemi
269d16301a Rename to audit logging to data proxy logging 2017-01-11 07:40:06 -08:00
Ricky Niemi
0fee7c863a Gate data proxy audit logging behind audit_logging server setting 2017-01-11 07:22:57 -08:00
bergquist
c18741c605 docs(ldap): adds note about special chars in password
closes #5337
2016-12-21 22:02:34 +01:00
Torkel Ödegaard
597ebb1161 fix(config): fixed issue setting generic oauth name via ENV variable, fixes #6974 2016-12-15 14:08:39 +01:00
Torkel Ödegaard
df562e23cf feat(ldap): better ldap logging, closes #6918 2016-12-14 22:01:02 +01:00
Torkel Ödegaard
6e27db148c Merge branch 'authproxy_ldap' of https://github.com/seuf/grafana into seuf-authproxy_ldap 2016-12-14 21:45:15 +01:00
Torkel Ödegaard
80d88d302c fix(config): changed default for oauth and allow_sign_up setting, #6928 2016-12-12 16:35:42 +01:00
Seuf
ae27c17c68 Auth Proxy improvements
- adds the option to use ldap groups for authorization in combination with an auth proxy
- adds an option to limit where auth proxy requests come from by configure a list of ip's
- fixes a security issue, session could be reused
2016-12-12 09:43:17 +01:00
bergquist
464553a453 docs: explains how to use comment chars in passwords 2016-12-06 09:48:56 +01:00
Carl Bergquist
fbf2113904 Merge pull request #6795 from hvnsweeting/patch-1
Use space to separate multiple modes
2016-12-03 03:15:31 +01:00
Viet Hung Nguyen
c6e66ec15e Update sample.ini
Use space to separate multiple modes
2016-12-02 13:48:08 +07:00
Viet Hung Nguyen
b00fc73242 Use space to separate multiple modes 2016-12-02 13:46:41 +07:00
bergquist
a51de8e987 tech(conf): remove dragoo :( 2016-11-10 16:15:55 +01:00
Eric Uldall
658fc1a67a added hosted domain suppport to google oauth login (#6372) 2016-10-28 12:00:47 +02:00
bergquist
04f417a423 feat(alerting): enabled by default. configurable elert engine
closes #6210
2016-10-10 13:09:16 +02:00
bergquist
a3c91450d5 tech(config): add log.filters to default and sample 2016-10-07 10:39:01 +02:00
Eric Perrino
d3b0905899 Added allow_sign_up setting to auth.ldap to be able to disable automatic user creation for LDAP logins (#6191) 2016-10-07 08:49:58 +02:00
bergquist
92121ea656 feat(alerting): add nop uploader
ref #6183
2016-10-05 07:34:48 +02:00
Torkel Ödegaard
2750c8a801 feat(config): changed name of allow_user_login_pass to disable_login_form, changed the section of the config option to [auth], impacts merged PR #5423 2016-09-28 15:27:08 +02:00
Torkel Ödegaard
5ccdbf01fd merge with master 2016-09-28 13:02:15 +02:00
bergquist
dbb7852f21 feat: purge old files and snapshots
closes #4087
closes #2172
2016-09-26 14:33:40 +02:00
Dan Cech
b387c1291d Merge branch 'master' into gnet-oauth
Conflicts:
	pkg/api/login_oauth.go
2016-09-21 09:39:35 -04:00
Dan Cech
dcd96c90e2 add grafana.net auth section to defaults.ini, normalize section heading line lengths 2016-09-20 10:09:20 -04:00
bergquist
ec452dd704 docs(conf): remove internal options since its not working atm 2016-09-20 08:18:15 +02:00
bergquist
d7bf70a77b tech(tsdb): remove skip ssl setting. should be based on datasource settings 2016-09-12 13:37:00 +02:00
Chen Chenglong
7b1c374f64 support connect ldap server with starttls (#5969)
* support connect ldap server with starttls

* add more doc for start_tls option
2016-09-10 09:40:56 +02:00
bergquist
aa80b52c07 feat(alerting): make it possible to skip ssl verification for alerting https requests 2016-09-08 16:29:31 +02:00
bergquist
f26824049f Merge branch 'master' into emails 2016-09-07 11:19:52 +02:00
bergquist
3b6820ef03 feat(oauth): create struct for generic oauth and add config values 2016-09-07 10:34:56 +02:00
bergquist
a2525f77d9 fix(config): comment sample value 2016-08-29 21:14:47 +02:00
Trent White
35b90afdd0 initial styling 2016-08-24 17:41:29 -04:00
bergquist
26c6437846 Merge branch 'master' into alerting 2016-08-22 12:27:08 +02:00
bergquist
92a52ccdf7 docs(conf): add more info about using database.url 2016-08-19 14:48:40 +02:00
bergquist
c663e32ea8 Merge branch 'database_url' of https://github.com/Scalingo/grafana into Scalingo-database_url 2016-08-19 13:15:44 +02:00
bergquist
cbe7f8b697 feat(config): add ascii dragon to sample.ini 2016-08-18 14:13:02 +02:00
Torkel Ödegaard
05697d5ecd Merge branch 'master' into alerting
Conflicts:
	conf/sample.ini
2016-08-17 10:03:33 +02:00
Torkel Ödegaard
6fae5a3b4e Merge branch 'v3.1.x' 2016-08-17 10:02:08 +02:00
Torkel Ödegaard
093563ac37 fix(metrics): restored prefix default to prod.grafana.. 2016-08-17 10:01:55 +02:00
Torkel Ödegaard
f9b628ad0e Merge branch 'v3.1.x'
Conflicts:
	conf/defaults.ini
	conf/sample.ini
	pkg/metrics/graphite.go
	pkg/metrics/graphite_test.go
2016-08-17 09:53:46 +02:00
bergquist
f7a9102523 feat(metrics): improve graphite settings
Fixes the broken support for overriding settings with ENV variables.
closes #5769
2016-08-15 09:59:55 +02:00
bergquist
cf6736d480 fix(metrics): add ending dot for graphite prefix 2016-08-15 09:58:32 +02:00
bergquist
ebecc5e5a0 fix(metrics): make metrics cfg backwards compatible 2016-08-15 09:57:49 +02:00
Torkel Ödegaard
2c1b893c55 feat(metrics): minor fix for internal metrics fix PR #5758 2016-08-15 09:57:23 +02:00
bergquist
0524d0c625 fix(metrics): replaces . with _ in instance name
closes #5739
2016-08-15 09:57:00 +02:00
bergquist
4d0982a21c Merge branch 'master' into alerting 2016-08-15 07:58:30 +02:00
bergquist
2fa97427eb fix(metrics): add ending dot for graphite prefix 2016-08-12 08:06:54 +02:00
bergquist
99e99922b4 feat(alerting): add support for uploading images to webdav.
closes #5770
2016-08-11 16:48:54 +02:00
Torkel Ödegaard
4fd8b2ace4 Merge branch 'master' into alerting 2016-08-10 12:53:41 +02:00
bergquist
03f0bc46a1 fix(metrics): make metrics cfg backwards compatible 2016-08-10 11:15:49 +02:00
Torkel Ödegaard
d49f0569f2 feat(metrics): minor fix for internal metrics fix PR #5758 2016-08-10 08:06:10 +02:00
bergquist
5b57210aeb fix(metrics): replaces . with _ in instance name
closes #5739
2016-08-09 14:06:03 +02:00
Torkel Ödegaard
4fc50742a0 feat(alerting): working on image rendering with alert notifications 2016-07-29 14:55:02 +02:00
Torkel Ödegaard
d9096110f8 Merge branch 'master' into alerting
Conflicts:
	pkg/api/dashboard.go
	pkg/models/dashboards.go
	pkg/services/sqlstore/dashboard.go
2016-07-11 18:28:07 +02:00
Torkel Ödegaard
460820a117 conf(): updated sample config and root_url to better explain it 2016-07-05 14:10:23 +02:00
Soulou
e2c5fac9df Predefine url to let the environment variable overrider do its job 2016-06-28 17:45:55 +02:00
bergquist
690a74c6b7 feat(login): invert naming for dissallow user pass login 2016-06-25 16:30:41 +02:00
Torkel Ödegaard
346ca3fc89 Merge branch 'master' into alerting 2016-06-25 09:56:57 -04:00
bergquist
ef9766eb96 docs(3.1): initial post about whats new in 3.1 2016-06-21 16:29:17 +02:00
bergquist
8ec311ade4 Merge branch 'master' into alerting 2016-06-16 16:29:41 +02:00
Torkel Ödegaard
ec0b09450c Merge branch 'export-dashboard'
Conflicts:
	conf/defaults.ini
	pkg/setting/setting.go
	public/app/core/components/grafana_app.ts
	public/app/core/core.ts
	public/app/features/dashboard/dashboardCtrl.js
2016-06-16 08:06:43 +02:00