Skip to content

Self service to create org and user to the demo instance

Notifications You must be signed in to change notification settings

tomtalks/grafana-provisioner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Grafana Provisioner

A Go web application that provides a self-service interface for creating Grafana organizations and users.

Features

  • Password Protected: Requires authentication to access the provisioning interface
  • Self-Service: Users can request their own Grafana organization with just their name
  • Automatic Setup: Creates unique organization, user account, and proper permissions
  • Isolated Access: Users only have access to their own organization, not the root organization
  • Web Interface: Simple HTML forms for easy interaction

How It Works

  1. Authentication: Users must provide the app password to access the dashboard
  2. Organization Request: Users enter their name to request an organization
  3. Automatic Provisioning:
    • Creates a unique organization based on the user's name
    • Creates a user account with generated credentials
    • Adds the user as an admin of their organization
    • Removes access to the root organization
  4. Credentials Provided: Users receive their login credentials and Grafana URL

Configuration

Set these environment variables:

  • GRAFANA_URL: Grafana instance URL (default: http://grafana:3000)
  • GRAFANA_ADMIN_USER: Grafana admin username (default: admin)
  • GRAFANA_ADMIN_PASSWORD: Grafana admin password (default: admin)
  • APP_PASSWORD: Password to access this provisioner app (default: provisioner123)
  • PORT: Port to run the web server on (default: 8090)
  • SESSION_KEY: Session encryption key (auto-generated if not set)

Usage

  1. Start the stack: docker compose up -d
  2. Access the provisioner: http://localhost:8090
  3. Login with the app password
  4. Enter your name to request an organization
  5. Use the provided credentials to login to Grafana

API Endpoints

  • GET /: Login page
  • POST /login: Authentication
  • GET /dashboard: Main dashboard (requires authentication)
  • POST /request-org: Create organization and user
  • GET /logout: Logout and clear session

Security Features

  • Session-based authentication
  • Basic auth for Grafana API calls
  • Automatic removal from root organization
  • Unique username/organization generation to prevent conflicts
  • Secure password generation

About

Self service to create org and user to the demo instance

Resources

Stars

Watchers

Forks

Packages

No packages published