The Ansible playbook task that provisions the Grafana configuration will fail if a correct password is not given to decrypt the grafana.db file which contains the private Slack web-hook.
As it currently is, this is not a major issue since this is the last task of the playbook and, when it fails, the only section that is left undone is the Grafana configuration. However, if the playbook keeps growing and the last task changes, this would produce more inconsistencies that could be harder to manage.
To prevent this situation, and to add a use case, a new base Grafana configuration can be added. This base configuration will not be encrypted and would be used as default if the password given by the user is wrong or if it is simply missing.
Also it would be useful to add the option to provision Grafana without a configuration loaded.
Development task
[x] Create a new grafana.db that will not be encrypted and only has non-sensitive information in it (i.e. no unique webhooks/tokens, private information or anything of the sort)
[x] Rename this new grafana.db file to give it a clearer name (compressing it into a zip file could also work and also save disk space)
[x] Upload the new non-sensitive config into this repo
[x] Add the necessary logic to the Ansible playbook and to the restoreConfig script
Issue description
As originally mentioned in this comment: https://github.com/martin059/virtualization-level-2-vagrant-setup/issues/43#issuecomment-2136224552.
The Ansible playbook task that provisions the Grafana configuration will fail if a correct password is not given to decrypt the
grafana.dbfile which contains the private Slack web-hook.As it currently is, this is not a major issue since this is the last task of the playbook and, when it fails, the only section that is left undone is the Grafana configuration. However, if the playbook keeps growing and the last task changes, this would produce more inconsistencies that could be harder to manage.
To prevent this situation, and to add a use case, a new base Grafana configuration can be added. This base configuration will not be encrypted and would be used as default if the password given by the user is wrong or if it is simply missing.
Also it would be useful to add the option to provision Grafana without a configuration loaded.
Development task
grafana.dbthat will not be encrypted and only has non-sensitive information in it (i.e. no unique webhooks/tokens, private information or anything of the sort)grafana.dbfile to give it a clearer name (compressing it into a zip file could also work and also save disk space)restoreConfigscript