hassio-addons / addon-grafana

Grafana - Home Assistant Community Add-ons

https://addons.community

MIT License

228 stars 64 forks source link

🚑Allow direct access to addon #62

Closed sinclairpaul closed 4 years ago

sinclairpaul commented 4 years ago

Proposed Changes

Add nginx to Grafana to listen on seperate port, via the same ingress URI. This essentially mimics the Grafana sub folder setup, allowing the application to be configured with the correct root_url for Ingress, while allowing access directly.

Tested to be working via Ingress/HTTP and SSL.

Apologies for the large commits.

Outstanding query other security, as I believe Anonymous is configured for admin, for Ingress access. I am not a Grafana user, so not sure if this needs to be changed or not.

Related Issues

55 #56

addons-assistant[bot] commented 4 years ago

:sparkling_heart: Thanks for opening this pull request! :sparkling_heart: If your PR gets accepted and merged in, we will invite you to the project :tada:

frenck commented 4 years ago

I've been playing with it and are having issues on several levels. Besides those, the biggest problem would be the anonymous access that should not be done when exposing it directly.

My current guess it we should change the approach. How about this:

If direct access is enabled:

Modify Grafana config for direct access; adjust paths, anonymous access, ect
Start a small NGinx servicing a page with a message that Ingress is disabled, because direct access is enabled.

That way, we can avoid all "magic", re-instate direct access, and prevent users to see a 503 error when using Ingress, while direct access is enabled.

Another option is to remove anonymous access completely again (which will include anonymous access via Ingress)

sinclairpaul commented 4 years ago

As discussed, I have put Grafana behind Ingress again to allow using auth_proxy, so a user is generated for Ingress, but for the exposed port the login page is presented. Users would need to enable anonymous (was this the previous behaviour?, I don't remember), but should be able to now view data directly.

The only slight concern is there may be some confusion in the fact the links "look" like ingress paths when they are not.

addons-assistant[bot] commented 4 years ago

Congrats on merging your first pull request! :tada::tada::tada:

addons-assistant[bot] commented 4 years ago

This thread has been automatically locked because it has not had recent activity. Please open a new issue for related bugs and link to relevant comments in this thread.