98 lines
2.8 KiB
Bash
98 lines
2.8 KiB
Bash
#!/bin/sh
|
|
|
|
get_required_ldap_parameter () {
|
|
if [ -f "${__object:?}/parameter/$1" ]; then
|
|
cat "${__object:?}/parameter/$1"
|
|
else
|
|
echo "--$1 is required when LDAP authentication is enabled." >&2
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
os=$(cat "${__global:?}/explorer/os")
|
|
case "$os" in
|
|
debian|ubuntu)
|
|
__apt_key grafana \
|
|
--uri https://packages.grafana.com/gpg.key \
|
|
--keydir /etc/apt/trusted.gpg.d \
|
|
--state present
|
|
|
|
require="__apt_key/grafana" __apt_source grafana \
|
|
--uri "https://packages.grafana.com/oss/deb" \
|
|
--distribution stable \
|
|
--component main
|
|
|
|
install_requires="__apt_source/grafana"
|
|
service=grafana-server
|
|
grafana_ini=/etc/grafana/grafana.ini
|
|
grafana_ldap=/etc/grafana/ldap.toml
|
|
;;
|
|
alpine)
|
|
service=grafana
|
|
grafana_ini=/etc/grafana.ini
|
|
grafana_ldap=/etc/grafana/ldap.toml
|
|
;;
|
|
*)
|
|
echo "$os is not supported by this type. Exiting." >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
DOMAIN=$(cat "${__object:?}/parameter/domain")
|
|
export DOMAIN
|
|
PORT=$(cat "${__object:?}/parameter/port")
|
|
export PORT
|
|
|
|
if [ -f "${__object:?}/parameter/enable-ldap-auth" ]; then
|
|
export ENABLE_LDAP_AUTH=1
|
|
|
|
LDAP_SERVER=$(get_required_ldap_parameter ldap-server)
|
|
export LDAP_SERVER
|
|
LDAP_SERVER_PORT=$(get_required_ldap_parameter ldap-server-port)
|
|
export LDAP_SERVER_PORT
|
|
LDAP_BIND_DN=$(get_required_ldap_parameter ldap-bind-dn)
|
|
export LDAP_BIND_DN
|
|
LDAP_BIND_PASSWORD=$(get_required_ldap_parameter ldap-bind-password)
|
|
export LDAP_BIND_PASSWORD
|
|
LDAP_USER_BASE=$(get_required_ldap_parameter ldap-user-base)
|
|
export LDAP_USER_BASE
|
|
LDAP_GROUP_BASE=$(get_required_ldap_parameter ldap-group-base)
|
|
export LDAP_GROUP_BASE
|
|
|
|
LDAP_USER_SEARCH_FILTER=$(cat "${__object:?}/parameter/ldap-user-search-filter")
|
|
export LDAP_USER_SEARCH_FILTER
|
|
LDAP_GROUP_SEARCH_FILTER=$(cat "${__object:?}/parameter/ldap-group-search-filter")
|
|
export LDAP_GROUP_SEARCH_FILTER
|
|
|
|
export LDAP_TLS=false
|
|
if [ -f "${__object:?}/parameter/ldap-tls" ]; then
|
|
export LDAP_TLS=true
|
|
fi
|
|
|
|
export LDAP_STARTTLS=false
|
|
if [ -f "${__object:?}/parameter/ldap-starttls" ]; then
|
|
export LDAP_STARTTLS=true
|
|
fi
|
|
|
|
if [ -f "${__object:?}/parameter/ldap-admin-group" ]; then
|
|
LDAP_ADMIN_GROUP=$(cat "${__object:?}/parameter/ldap-admin-group")
|
|
export LDAP_ADMIN_GROUP
|
|
fi
|
|
fi
|
|
|
|
require="$install_requires" __package grafana
|
|
|
|
mkdir -p "${__object:?}/files"
|
|
"${__type:?}/files/grafana.ini.sh" > "${__object:?}/files/grafana.ini"
|
|
"${__type:?}/files/ldap.toml.sh" > "${__object:?}/files/ldap.toml"
|
|
|
|
__directory /etc/grafana
|
|
export require="__package/grafana __directory/etc/grafana"
|
|
__file "$grafana_ini" --owner grafana --source "${__object:?}/files/grafana.ini"
|
|
__file "$grafana_ldap" --owner grafana --source "${__object:?}/files/ldap.toml"
|
|
unset require
|
|
|
|
require="__package/grafana" __start_on_boot "$service"
|
|
require="__file/$grafana_ini __file/$grafana_ldap" \
|
|
__service "$service" --action restart
|