search

influxdata / chronograf

Open source monitoring and visualization UI for the TICK stack
https://www.influxdata.com/time-series-platform/chronograf/
Other
1.5k stars 258 forks source link

How to enable basic auth with read access only for a new user ? #6065

Closed Svastikkka closed 4 months ago

Svastikkka commented 11 months ago

Hello We are trying to setup basic auth for new user with read only access for chronograf but we not able to create new user with readonly access. Any suggestion or approach We are using .htpasswd to setup admin basic auth

Our htpasswd

ravit:$apr1$x45D.lah$ybTTur0jfCkVkVCQkZ3U10
manshu:$apr1$ZLXOnX8o$4WtOYcfulYxSX/ikz/1AQ.

Our docker-compose.yml

version: '3'
services:
  influxdb:
    # Full tag list: https://hub.docker.com/r/library/influxdb/tags/
    build:
      context: ./images/influxdb/
      dockerfile: ./${TYPE}/Dockerfile
      args:
        INFLUXDB_TAG: ${INFLUXDB_TAG}
    image: "influxdb"
    # volumes:
      # Mount for influxdb data directory
      # - ./influxdb/data:/var/lib/influxdb
      # Mount for influxdb configuration
      # - ./influxdb/config/:/etc/influxdb/
    ports:
      # The API for InfluxDB is served on port 8086
      - "17273:8086"
      - "17274:8082"
      # UDP Port
      - "17275:8089/udp"

  telegraf:
    # Full tag list: https://hub.docker.com/r/library/telegraf/tags/
    build:
      context: ./images/telegraf/
      dockerfile: ./${TYPE}/Dockerfile
      args:
        TELEGRAF_TAG: ${TELEGRAF_TAG}
    image: "telegraf"
    environment:
      HOSTNAME: "telegraf-getting-started"
    # Telegraf requires network access to InfluxDB
    links:
      - influxdb
    volumes:
      # Mount for telegraf configuration
      - ./telegraf/:/etc/telegraf/
      # Mount for Docker API access
      - /var/run/docker.sock:/var/run/docker.sock
    depends_on:
      - influxdb

  kapacitor:
  # Full tag list: https://hub.docker.com/r/library/kapacitor/tags/
    build:
      context: ./images/kapacitor/
      dockerfile: ./${TYPE}/Dockerfile
      args:
        KAPACITOR_TAG: ${KAPACITOR_TAG}
    image: "kapacitor"
    volumes:
      # Mount for kapacitor data directory
      # - ./kapacitor/data/:/var/lib/kapacitor
      # Mount for kapacitor configuration
      - ./kapacitor/config/:/etc/kapacitor/
    # Kapacitor requires network access to Influxdb
    links:
      - influxdb
    ports:
      # The API for Kapacitor is served on port 9092
      - "17276:9092"

  chronograf:
    # Full tag list: https://hub.docker.com/r/library/chronograf/tags/
    build:
      context: ./images/chronograf
      dockerfile: ./${TYPE}/Dockerfile
      args:
        CHRONOGRAF_TAG: ${CHRONOGRAF_TAG}
    image: "chrono_config"
    hostname: thor
    environment:
      RESOURCES_PATH: "/usr/share/chronograf/resources"
      # GOOGLE_CLIENT_ID: "232136951997-lddjksgah8q49u9qivo1kf3hdp57ihkp.apps.googleusercontent.com"
      # GOOGLE_CLIENT_SECRET: "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"
      # TOKEN_SECRET: "Super5uperUdn3verGu355!"
      GOOGLE_DOMAINS: "thor.com"
      HTPASSWD: "/tmp/.htpasswd"
      HOST: "0.0.0.0"
      PORT: "17277"

      PUBLIC_URL: "http://thor.com:8888"
    # volumes:
      # Mount for chronograf database
      # - ./chronograf/data/:/var/lib/chronograf/
    links:
      # Chronograf requires network access to InfluxDB and Kapacitor
      - influxdb
      - kapacitor
    ports:
      # The WebUI for Chronograf is served on port 8888
      - "17277:17277"
    depends_on:
      - kapacitor
      - influxdb
      - telegraf
    volumes:
      - ./auth:/tmp/ 

  documentation:
    build:
      context: ./documentation
    ports:
      - "17278:3000"

Reference: https://docs.influxdata.com/chronograf/v1/administration/managing-influxdb-users/