Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
F
flowengine-docker
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
template
flowengine-docker
Commits
dad7e3f2
Commit
dad7e3f2
authored
Oct 26, 2023
by
marwan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add oauth
parent
3e211513
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
60 additions
and
26 deletions
+60
-26
.gitignore
+3
-0
docker-compose.yaml
+35
-24
grafana/config/grafana.ini
+22
-2
No files found.
.gitignore
0 → 100644
View file @
dad7e3f2
grafana.ini*
bk/
.env
docker-compose.yaml
View file @
dad7e3f2
services
:
app
:
image
:
dock.nexpie.com/stack/flowengine:1.3.5-2-f633d8d2
...
...
@@ -8,30 +6,29 @@ services:
-
store_data:/usr/local/store-data
ports
:
-
30081:80
# environment:
# PROJECT_ID: "${SH_PROJECT_ID}"
# OAUTH_LOGIN: "TRUE"
# PASSWORD_LOGIN: "TRUE"
# AUTH_ENDPOINT: https://auth.nexiiot.io/dialog/authorize
# AUTH_PLATFORM_NAME: NEXIIOT
# GQLV2_ENDPOINT: https://gqlv2.nexiiot.io
# INSTANCE_NAME: NEXIIOT FlowEngine
# OAUTH_CLIENT_ID: ${SH_OAUTH_CLIENT_ID}
# OAUTH_CLIENT_SECRET: ${SH_OAUTH_CLIENT_SECRET}
# TOKEN_ENDPOINT: https://auth.nexiiot.io/oauth/token
# USERINFO_API_ENDPOINT: https://auth.nexiiot.io/api/userinfo
environment
:
PROJECT_ID
:
${NEXIIOT_PROJECT_ID}
OAUTH_LOGIN
:
${NEXIIOT_OAUTH_LOGIN}
PASSWORD_LOGIN
:
${NEXIIOT_PASSWORD_LOGIN}
AUTH_ENDPOINT
:
${NEXIIOT_AUTH_ENDPOINT}
AUTH_PLATFORM_NAME
:
${NEXIIOT_AUTH_PLATFORM_NAME}
GQLV2_ENDPOINT
:
${NEXIIOT_GQLV2_ENDPOINT}
INSTANCE_NAME
:
${NEXIIOT_INSTANCE_NAME}
OAUTH_CLIENT_ID
:
${NEXIIOT_OAUTH_CLIENT_ID}
OAUTH_CLIENT_SECRET
:
${NEXIIOT_OAUTH_CLIENT_SECRET}
TOKEN_ENDPOINT
:
${NEXIIOT_TOKEN_ENDPOINT}
USERINFO_API_ENDPOINT
:
${NEXIIOT_USERINFO_API_ENDPOINT}
influxdb
:
image
:
docker.io/bitnami/influxdb:2.7.1
ports
:
-
38087:8086
-
38089:8088
environment
:
-
INFLUXDB_ADMIN_USER_PASSWORD=
nexiiotpassword
-
INFLUXDB_ADMIN_USER_TOKEN=
nexiiottoken
-
INFLUXDB_ADMIN_USER_PASSWORD=
${NEXIIOT_INFLUXDB_ADMIN_USER_PASSWORD}
-
INFLUXDB_ADMIN_USER_TOKEN=
${NEXIIOT_INFLUXDB_ADMIN_USER_TOKEN}
-
INFLUXDB_PRIMARY_BUCKET=primary
-
INFLUXDB_ADMIN_ORGANIZATION=primary
-
INFLUXDB_RETENTION_PERIOD=4320
#24 * 180
อายุข้อมูล
-
INFLUXDB_RETENTION_PERIOD=4320
#24 * 180
อายุข้อมูล -
-
INFLUXDB_MONITOR_STORE_DATABASE="primary"
-
INFLUXD_UI_DISABLED=false
-
INFLUXD_REPORTING_DISABLED=false
...
...
@@ -47,7 +44,7 @@ services:
-
influxdb
entrypoint
:
[
"
bash"
,
"
-c"
,
"
bash
/bitnami/script/init.bash
$${INFLUXDB_ADMIN_ORGANIZATION}
$${INFLUXDB_ADMIN_USER_TOKEN}
http://influxdb:8086"
]
environment
:
-
INFLUXDB_ADMIN_USER_TOKEN=
nexiiottoken
-
INFLUXDB_ADMIN_USER_TOKEN=
${NEXIIOT_INFLUXDB_ADMIN_USER_TOKEN}
-
INFLUXDB_ADMIN_ORGANIZATION=primary
volumes
:
-
./bash-influx:/bitnami/script
...
...
@@ -58,15 +55,29 @@ services:
ports
:
-
'
33011:3000'
environment
:
-
'
GF_SECURITY_ADMIN_PASSWORD=nexiiot'
-
GF_SECURITY_LOGIN_REMEMBER_DAYS=0"
-
GF_SESSION_SESSION_LIFE_TIME=5"
-
GF_SESSION_COOKIE_NAME=grafana_sess"
-
GF_SECURITY_ADMIN_PASSWORD=${NEXIIOT_GF_SECURITY_ADMIN_PASSWORD}
-
GF_SESSION_COOKIE_NAME=${NEXIIOT_GF_SESSION_COOKIE_NAME}
-
GF_LOG_LEVEL=${NEXIIOT_GF_LOG_LEVEL}
-
GF_SERVER_ROOT_URL=${NEXIIOT_GF_SERVER_ROOT_URL}
-
GF_SECURITY_ALLOW_EMBEDDING=${NEXIIOT_GF_SECURITY_ALLOW_EMBEDDING}
-
GF_AUTH_GENERIC_OAUTH_ENABLED=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_ENABLED}
-
GF_AUTH_GENERIC_OAUTH_NAME=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_NAME}
-
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP}
-
GF_AUTH_GENERIC_OAUTH_CLIENT_ID=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_CLIENT_ID}
-
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET}
-
GF_AUTH_GENERIC_OAUTH_SCOPES=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_SCOPES}
-
GF_AUTH_GENERIC_OAUTH_AUTH_URL=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_AUTH_URL}
-
GF_AUTH_GENERIC_OAUTH_TOKEN_URL=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_TOKEN_URL}
-
GF_AUTH_GENERIC_OAUTH_API_URL=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_API_URL}
-
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH}
-
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_STRICT=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_STRICT}
-
GF_AUTH_GENERIC_OAUTH_REQUIRED_ROLE=${NEXIIOT_GF_AUTH_GENERIC_OAUTH_REQUIRED_ROLE}
volumes
:
-
grafana_data:/opt/bitnami/grafana/data
-
./grafana/datasources:/opt/bitnami/grafana/conf/provisioning/datasources/
-
./grafana/dashboard/templates:/var/lib/dashboards
-
./grafana/dashboard/conf:/opt/bitnami/grafana/conf/provisioning/dashboards/
#
- ./grafana/dashboard/conf:/opt/bitnami/grafana/conf/provisioning/dashboards/
-
./grafana/config/grafana.ini:/opt/bitnami/grafana/conf/grafana.ini
-
./ssh:/opt/bitnami/ssh
...
...
grafana/config/grafana.ini
View file @
dad7e3f2
[log]
level
=
debug
[server]
root_url
=
https://test.flowengine.nexiiot.io
[auth.jwt]
# By default, auth.jwt is disabled.
cache_ttl
=
600m
enabled
=
true
header_name
=
X-JWT-Assertion
auto_sign_up
=
true
username_claim
=
sub
email_claim
=
sub
url_login
=
true
key_file
=
/opt/bitnami/ssh/key.pem
role_attribute_path
=
role
skip_org_role_sync
=
true
allow_assign_grafana_admin
=
true
[security]
allow_embedding
=
true
[auth.generic_oauth]
enabled
=
true
name
=
Keycloak-OAuth
allow_sign_up
=
true
scopes
=
openid login
#from json of info
role_attribute_path
=
userid == 'U993736096545' && 'Editor'
#deny all unknow role when login
role_attribute_strict
=
true
required_role
=
true
client_id
=
b251a594295613c43543b1484aae2082
client_secret
=
508dc83ac016e803b56ecfd9edd0f93803f82ac12c947aa05da48fea21885f2f
auth_url
=
https://auth.nexiiot.io/dialog/authorize
token_url
=
https://auth.nexiiot.io/oauth/token
api_url
=
https://auth.nexiiot.io/api/userinfo
#tls_skip_verify_insecure = true
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment