From a7f8038feaf923acda8c9a3a64b5c7f064d47056 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sat, 9 Sep 2023 20:13:20 +0200
Subject: monitoring/grafana: add automatic handling for admin password and
 additonal users

---
 roles/monitoring/grafana/tasks/users.yml | 36 ++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 roles/monitoring/grafana/tasks/users.yml

(limited to 'roles/monitoring/grafana/tasks/users.yml')

diff --git a/roles/monitoring/grafana/tasks/users.yml b/roles/monitoring/grafana/tasks/users.yml
new file mode 100644
index 00000000..695d34d8
--- /dev/null
+++ b/roles/monitoring/grafana/tasks/users.yml
@@ -0,0 +1,36 @@
+---
+- name: check if admin password is already set
+  check_mode: no
+  uri:
+    url: "{{ grafana_root_url | resolve_grafana_url(grafana_config_server) }}/api/user"
+    user: admin
+    password: "{{ grafana_admin_password }}"
+    force_basic_auth: true
+    body_format: json
+    status_code:
+    - 200
+    - 400
+    - 401
+  register: grafana_admin_user_info
+
+- name: set password for admin user
+  when: grafana_admin_user_info.status != 200
+  command: grafana-cli admin reset-admin-password --password-from-stdin
+  args:
+    stdin: "{{ grafana_admin_password }}"
+    stdin_add_newline: false
+
+- name: add additional users to grafana
+  loop: "{{ grafana_users | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
+  community.grafana.grafana_user:
+    url: "{{ grafana_root_url | resolve_grafana_url(grafana_config_server) }}"
+    url_username: admin
+    url_password: "{{ grafana_admin_password }}"
+    name: "{{ item.value.name | default(omit) }}"
+    email: "{{ item.value.email | default(omit) }}"
+    login: "{{ item.key }}"
+    password: "{{ item.value.password }}"
+    is_admin: "{{ item.value.is_admin | default(False) }}"
+    state: present
-- 
cgit v1.2.3