Configurable agent user groups
This commit is contained in:
parent
b07cd09ceb
commit
bd351c719e
@ -26,6 +26,7 @@ All variables which can be overridden are stored in [./defaults/main.yaml](./def
|
|||||||
| `grafana_agent_mode` | `static` | mode to run Grafana Agent in. Can be "flow" or "static", [Flow Docs](https://grafana.com/docs/agent/latest/flow/) |
|
| `grafana_agent_mode` | `static` | mode to run Grafana Agent in. Can be "flow" or "static", [Flow Docs](https://grafana.com/docs/agent/latest/flow/) |
|
||||||
| `grafana_agent_user` | `grafana-agent` | os user to create for the agent to run as |
|
| `grafana_agent_user` | `grafana-agent` | os user to create for the agent to run as |
|
||||||
| `grafana_agent_user_group` | `grafana-agent` | os user group to create for the agent |
|
| `grafana_agent_user_group` | `grafana-agent` | os user group to create for the agent |
|
||||||
|
| `grafana_agent_user_groups` | `[]` | Configurable user groups that the grafana agent can be put in so that it can access logs |
|
||||||
| `grafana_agent_user_shell` | `/usr/sbin/nologin` | the shell for the user |
|
| `grafana_agent_user_shell` | `/usr/sbin/nologin` | the shell for the user |
|
||||||
| `grafana_agent_user_createhome` | `false` | whether or not to create a home directory for the user |
|
| `grafana_agent_user_createhome` | `false` | whether or not to create a home directory for the user |
|
||||||
| `grafana_agent_local_binary_file` | `""` | full path to the local binary if already downloaded or built on the controller, this should only be set, if ansible is not downloading the binary and you have manually downloaded the binary |
|
| `grafana_agent_local_binary_file` | `""` | full path to the local binary if already downloaded or built on the controller, this should only be set, if ansible is not downloading the binary and you have manually downloaded the binary |
|
||||||
|
@ -39,6 +39,10 @@ grafana_agent_user: grafana-agent
|
|||||||
# os user group to create for the agent
|
# os user group to create for the agent
|
||||||
grafana_agent_user_group: grafana-agent
|
grafana_agent_user_group: grafana-agent
|
||||||
|
|
||||||
|
# Configurable user groups that the grafana agent can be put in so that it can access logs
|
||||||
|
# (See https://github.com/grafana/grafana-ansible-collection/issues/40)
|
||||||
|
grafana_agent_user_groups: []
|
||||||
|
|
||||||
# the shell for the user
|
# the shell for the user
|
||||||
grafana_agent_user_shell: /usr/sbin/nologin
|
grafana_agent_user_shell: /usr/sbin/nologin
|
||||||
|
|
||||||
|
@ -41,8 +41,7 @@
|
|||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: "{{ grafana_agent_user }}"
|
name: "{{ grafana_agent_user }}"
|
||||||
comment: "Grafana Agent Account"
|
comment: "Grafana Agent Account"
|
||||||
groups:
|
groups: "{{ [ grafana_agent_user_group ] + grafana_agent_user_groups }}"
|
||||||
- "{{ grafana_agent_user_group }}"
|
|
||||||
system: true
|
system: true
|
||||||
shell: "{{ grafana_agent_user_shell }}"
|
shell: "{{ grafana_agent_user_shell }}"
|
||||||
createhome: "{{ grafana_agent_user_createhome }}"
|
createhome: "{{ grafana_agent_user_createhome }}"
|
||||||
|
Loading…
Reference in New Issue
Block a user