From d637136ad43f510802cadc4a1657674de43ab876 Mon Sep 17 00:00:00 2001
From: Vasili Karaev <kratos661@gmail.com>
Date: Tue, 24 Mar 2020 15:04:53 +0300
Subject: [PATCH 1/2] grafana: adjust ldap condition

---
 monitoring.grafana/defaults/main.yml               | 2 ++
 monitoring.grafana/tasks/main.yml                  | 2 +-
 monitoring.grafana/templates/docker-compose.yml.j2 | 4 ++--
 monitoring.grafana/templates/ldap.toml.j2          | 2 ++
 4 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/monitoring.grafana/defaults/main.yml b/monitoring.grafana/defaults/main.yml
index 229aa69..c54f775 100644
--- a/monitoring.grafana/defaults/main.yml
+++ b/monitoring.grafana/defaults/main.yml
@@ -11,3 +11,5 @@ grafana__default_labels:
   "traefik.docker.network": "{{ docker__traefik_network }}"
   "traefik.frontend.rule": "Host:{{ grafana.domain }}"
   "traefik.frontend.entryPoints": "http"
+
+grafana__ldap_enabled: "{{ grafana.ldap is defined and grafana.ldap.enable | default(false) | bool }}"
diff --git a/monitoring.grafana/tasks/main.yml b/monitoring.grafana/tasks/main.yml
index 49cc17f..599e797 100644
--- a/monitoring.grafana/tasks/main.yml
+++ b/monitoring.grafana/tasks/main.yml
@@ -29,7 +29,7 @@
     - ldap.toml
   become_user: "{{ docker_deployment__deploy_user_name }}"
   become: yes
-  when: grafana.ldap is defined and grafana.ldap.enable is defined and grafana.ldap.enable | bool
+  when: grafana__ldap_enabled
   tags:
     - files
     - grafana
diff --git a/monitoring.grafana/templates/docker-compose.yml.j2 b/monitoring.grafana/templates/docker-compose.yml.j2
index c86fdf7..f8390ef 100644
--- a/monitoring.grafana/templates/docker-compose.yml.j2
+++ b/monitoring.grafana/templates/docker-compose.yml.j2
@@ -8,10 +8,10 @@ services:
     environment:
       GF_SERVER_DOMAIN: "{{ grafana.domain }}"
       GF_SERVER_ROOT_URL: "http://{{ grafana.domain }}"
-      GF_AUTH_LDAP_ENABLED: "{{ grafana.ldap is defined and grafana.ldap.enable | default(false) }}"
+      GF_AUTH_LDAP_ENABLED: "{{ grafana__ldap_enabled }}"
     volumes:
       - "{{ docker_deployment__volume_path }}:/var/lib/grafana"
-{% if grafana.ldap is defined  and grafana.ldap.enable is defined and grafana.ldap.enable | bool %}
+{% if grafana__ldap_enabled %}
       - "./ldap.toml:/etc/grafana/ldap.toml"
 {% endif %}
     labels: {{ grafana.docker.labels | default(grafana__default_labels) | to_json }}
diff --git a/monitoring.grafana/templates/ldap.toml.j2 b/monitoring.grafana/templates/ldap.toml.j2
index 385a745..3d48c33 100644
--- a/monitoring.grafana/templates/ldap.toml.j2
+++ b/monitoring.grafana/templates/ldap.toml.j2
@@ -1,3 +1,4 @@
+{% if grafana__ldap_enabled %}
 [[servers]]
 host = "{{ ldap__host }}"
 port = {{ ldap__port }}
@@ -26,3 +27,4 @@ surname = "sn"
 username = "uid"
 member_of = "memberOf"
 email = "mail"
+{% endif %}

From 66924043dd4ca26b2ab5d96a2f7ad717bbe5b0de Mon Sep 17 00:00:00 2001
From: Vasili Karaev <kratos661@gmail.com>
Date: Tue, 24 Mar 2020 15:05:13 +0300
Subject: [PATCH 2/2] grafana: add anonymous parameter

---
 monitoring.grafana/defaults/main.yml               | 2 ++
 monitoring.grafana/templates/docker-compose.yml.j2 | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/monitoring.grafana/defaults/main.yml b/monitoring.grafana/defaults/main.yml
index c54f775..62cd32a 100644
--- a/monitoring.grafana/defaults/main.yml
+++ b/monitoring.grafana/defaults/main.yml
@@ -13,3 +13,5 @@ grafana__default_labels:
   "traefik.frontend.entryPoints": "http"
 
 grafana__ldap_enabled: "{{ grafana.ldap is defined and grafana.ldap.enable | default(false) | bool }}"
+grafana__anonymous_enabled: "{{ grafana.anonymous is defined and grafana.anonymous.enable | default(false) | bool }}"
+grafana__anonymous_org_role: "Viewer"
diff --git a/monitoring.grafana/templates/docker-compose.yml.j2 b/monitoring.grafana/templates/docker-compose.yml.j2
index f8390ef..4dd3f41 100644
--- a/monitoring.grafana/templates/docker-compose.yml.j2
+++ b/monitoring.grafana/templates/docker-compose.yml.j2
@@ -9,6 +9,8 @@ services:
       GF_SERVER_DOMAIN: "{{ grafana.domain }}"
       GF_SERVER_ROOT_URL: "http://{{ grafana.domain }}"
       GF_AUTH_LDAP_ENABLED: "{{ grafana__ldap_enabled }}"
+      GF_AUTH_ANONYMOUS_ENABLED: "{{ grafana__anonymous_enabled }}"
+      GF_AUTH_ANONYMOUS_ORG_ROLE: "{{ grafana__anonymous_org_role }}"
     volumes:
       - "{{ docker_deployment__volume_path }}:/var/lib/grafana"
 {% if grafana__ldap_enabled %}