grafana

Commit Graph

Author	SHA1	Message	Date
Marcus Efraimsson	85ef2ca738	fix spelling	6 years ago
Marcus Efraimsson	3c2fd02bc0	refactor login/auth token configuration settings remove login section and reuse existing sections security and auth	6 years ago
bergquist	a6bd2c73a0	introduce samesite setting for login cookie ref #15067	6 years ago
bergquist	6e672eb291	enable explore by default closes #15037	6 years ago
Marcus Efraimsson	e4924795a2	change default rotate_token_minutes to 10 minutes	6 years ago
Benjamin Reed	9108fd1b9d	add global datasource proxy timeout setting closes grafana#5699	6 years ago
bergquist	d6edaa1328	moves cookie https setting to [security]	6 years ago
bergquist	516037fbdd	makes sure rotation is always higher than urgent rotation	6 years ago
bergquist	f257101c41	removes unused/commented code	6 years ago
bergquist	ff483f3782	removes old cookie auth configuration	6 years ago
bergquist	56a521b264	makes auth token rotation time configurable	6 years ago
bergquist	64124b5042	add setting for how to long we should keep expired tokens	6 years ago
bergquist	d3ec8e1ccb	creates new config section for login settings	6 years ago
Torkel Ödegaard	f0e61af8e0	Fixed issues with the sanitizie input in text panels, added docs, renamed config option	6 years ago
Johannes Schill	1ed35f3dc1	chore: Reverse sanitize variable so it defaults to false	6 years ago
Johannes Schill	15d560a1c0	feat: wip: Sanitize user input on text panel	6 years ago
bergquist	74124ec8ed	makes cache mode configurable this makes the cache mode in the sqlite connection string configurable. the default also changed from shared to private to solve #107272 but allow the user to use shared if performance is more important. ref #10727	7 years ago
Tomas Dabasinskas	3aa24b3afa	Rename the setting and add description	7 years ago
Tomas Dabasinskas	08c12313fe	Update sample and default configs	7 years ago
Marcus Efraimsson	b9e91cab0e	add oauth_auto_login setting to defaults file Making the setting configurable thru environment variable	7 years ago
Florian Zicklam	d86ba20d10	removed extra whitespace removed extra whitespace	7 years ago
bergquist	c999394b49	adds basic auth configuration to default.ini	7 years ago
Erik Sundell	aa65796ee1	stackdriver: reset defaults.ini	7 years ago
Erik Sundell	e698202fae	stackdriver: use new naming convention for query editor all over	7 years ago
Dan Cech	502290817a	add auth.proxy headers to default.ini	7 years ago
Torkel Ödegaard	28b0ae1d82	Added new backend setting for license file	7 years ago
Torkel Ödegaard	565edc1ed3	added setting top hide plugins in alpha state	7 years ago
Torkel Ödegaard	cb96c6d942	Changed setting to be an alerting setting	7 years ago
Torkel Ödegaard	4dab595ed7	rendering: Added concurrent rendering limits	7 years ago
Bob Shannon	f257ff0216	Allow oauth email attribute name to be configurable (#13006 ) * Allow oauth email attribute name to be configurable Signed-off-by: Bob Shannon <bshannon@palantir.com> * Document e-mail determination steps for generic oauth * Add reference to email_attribute_name * Re-add e-mail determination docs to new generic-oauth page * Inherit default e-mail attribute from defaults.ini	7 years ago
bergquist	1e33a3780f	spelling errors	7 years ago
bergquist	3ce89cad71	make default values for alerting configurable	7 years ago
Anthony Woods	5c0fbbf7c8	improve remote image rendering (#13102 ) * improve remote image rendering - determine "domain" during Init() so we are not re-parsing settings on every request - if using http-mode via a rednererUrl, then use the AppUrl for the page that the renderer loads. When in http-mode the renderer is likely running on another server so trying to use the localhost or even the specific IP:PORT grafana is listening on wont work. - apply the request timeout via a context rather then directly on the http client. - use a global http client so we can take advantage of connection re-use - log and handle errors better. * ensure imagesDir exists * allow users to define callback_url for remote rendering - allow users to define the url that a remote rendering service should use for connecting back to the grafana instance. By default the "root_url" is used. * improve remote image rendering - determine "domain" during Init() so we are not re-parsing settings on every request - if using http-mode via a rednererUrl, then use the AppUrl for the page that the renderer loads. When in http-mode the renderer is likely running on another server so trying to use the localhost or even the specific IP:PORT grafana is listening on wont work. - apply the request timeout via a context rather then directly on the http client. - use a global http client so we can take advantage of connection re-use - log and handle errors better. * ensure imagesDir exists * allow users to define callback_url for remote rendering - allow users to define the url that a remote rendering service should use for connecting back to the grafana instance. By default the "root_url" is used. * rendering: fixed issue with renderKey where userId and orgId was in mixed up, added test for RenderCallbackUrl reading logic	7 years ago
Benoît Knecht	7ec146df99	social: add GitLab authentication backend GitLab could already be used as an authentication backend by properly configuring `auth.generic_oauth`, but then there was no way to authorize users based on their GitLab group membership. This commit adds a `auth.gitlab` backend, similar to `auth.github`, with an `allowed_groups` option that can be set to a list of groups whose members should be allowed access to Grafana.	7 years ago
Torkel Ödegaard	277a696fa5	fix: added missing ini default keys, fixes #12800 (#12912 )	7 years ago
gzzo	cb76fc7f2d	Add auto_assign_org_id to defaults.ini For #12801	7 years ago
Jan Garaj	e37e8cb38c	Add missing tls_skip_verify_insecure (#12748 )	7 years ago
Anton Sergeyev	516839d7b2	#11607 Cleanup time of temporary files is now configurable	7 years ago
Julien Pivotto	a5e6cb9a02	Fix #9847 Add a generic signout_redirect_url to enable oauth logout Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>	7 years ago
David Kaltschmidt	1e6e89121c	Settings to enable Explore UI	7 years ago
Daniel Lee	92388f7faf	session: update defaults for ConnMaxLifetime to be the same as the 5.0.3 release defaults	7 years ago
Daniel Lee	9cdd7cb04c	database: expose SetConnMaxLifetime as config setting For MySQL, setting this to be shorter than the wait_timeout MySQL setting solves the issue with connection errors after the session has timed out for the connection to the database via xorm.	7 years ago
Laurent Godet	59704ee939	Fix Github OAuth not working with private Organizations (#11028 ) * Fix Github OAuth not working with private organizations * Update documentation	7 years ago
Daniel Lee	fe49182b9d	snapshots: fixes cleanup of old snapshots Snapshot cleanup did not work due to time.Now syntax error. Added test for it as well to catch any future errors. Added error and debug logging so that it is possible to see any errors in the future. Removed an unused configuration value and deprecated the remove expired snapshots setting.	7 years ago
Scott Brenner	b8b6dc6d6d	Minor typo fix	7 years ago
Marcus Efraimsson	3d1c624c12	WIP: Protect against brute force (frequent) login attempts (#10031 ) * db: add login attempt migrations * db: add possibility to create login attempts * db: add possibility to retrieve login attempt count per username * auth: validation and update of login attempts for invalid credentials If login attempt count for user authenticating is 5 or more the last 5 minutes we temporarily block the user access to login * db: add possibility to delete expired login attempts * cleanup: Delete login attempts older than 10 minutes The cleanup job are running continuously and triggering each 10 minute * fix typo: rename consequent to consequent * auth: enable login attempt validation for ldap logins * auth: disable login attempts validation by configuration Setting is named DisableLoginAttemptsValidation and is false by default Config disable_login_attempts_validation is placed under security section #7616 * auth: don't run cleanup of login attempts if feature is disabled #7616 * auth: rename settings.go to ldap_settings.go * auth: refactor AuthenticateUser Extract grafana login, ldap login and login attemp validation together with their tests to separate files. Enables testing of many more aspects when authenticating a user. #7616 * auth: rename login attempt validation to brute force login protection Setting DisableLoginAttemptsValidation => DisableBruteForceLoginProtection Configuration disable_login_attempts_validation => disable_brute_force_login_protection #7616	7 years ago
bergquist	1508755422	cfg: remove local as default image uploader ref #9967	7 years ago
Martin Szulecki	c82e23d96e	imguploader: Add support for new internal image store (#6922 )	7 years ago
Mahmoud Saada	af15e3c0d0	Implement Azure Blob external image uploader	8 years ago
Carl Bergquist	35106537f2	Replace Read Only Editor role with ViewersCanEdit setting (#10166 ) * removes readonly editor role * adds viewersCanEdit setting This enable you to allow viewers to edit/inspect dashboards in grafana in their own browser without allowing them to save dashboards * remove read only editor option from all dropdowns * migrates all read only viewers to viewers * docs: replace readOnlyEditor with viewersCanEdit	8 years ago

1 2 3 4 5 ...

346 Commits (34910521a649bf8af958b1cc70e917686a6612cb)