initial commit

2024-12-22 16:31:06 +01:00 · 2024-12-22 16:31:06 +01:00 · 2a851e14c4
commit 2a851e14c4
6 changed files with 326 additions and 0 deletions
--- a/README.Docs
+++ b/README.Docs
@ -0,0 +1 @@
+# see: https://grafana.com/docs/grafana/latest/
--- a/README.configure
+++ b/README.configure
@ -0,0 +1,45 @@
+# ---
+# see also:
+#
+#     https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/
+#     https://stackoverflow.com/questions/64273881/reverse-proxy-nginx-with-grafana
+# ---
+
+
+# Example config for host 'grafana.ndneu.de'
+#
+[server]
+protocol = http
+
+# The port to bind to, defaults to 3000
+http_port = 3002
+
+# he public facing host name used to access grafana from a browser
+domain = grafana.ndneu.de
+
+# The full public facing url you use in browser, used for redirects and emails
+# If you use reverse proxy and sub path specify full url (with sub path)
+root_url = %(protocol)s://%(domain)s:%(http_port)s
+
+# Redirect to correct domain if host header does not match domain
+# Prevents DNS rebinding attacks
+enforce_domain = true
+
+serve_from_sub_path = false
+
+enable_gzip = true
+
+
+[log.file]
+log_rotate = true
+daily_rotate = true
+max_days = 7
+
+
+[smtp]
+enabled = true
+host = a.mx.oopen.de:465
+user = grafana-nd
+password = 24G%s.NSKJ/q
+from_address = alert@grafana.ndneu.de
+from_name = Grafana
--- a/README.email-Alerting
+++ b/README.email-Alerting
@ -0,0 +1,102 @@
+# ---
+# Configure email for Alerting
+# ---
+
+# see: 
+#    https://grafana.com/docs/grafana/latest/alerting/configure-notifications/manage-contact-points/integrations/configure-email/
+
+
+# Use the Grafana Alerting - email integration to send email notifications 
+# when your alerts are firing. An email is sent when an alert fires and 
+# when an alert gets resolved.
+#
+# Note that you can customize the subject and message of the email using 
+# notification templates. However, you cannot add HTML and CSS to email 
+# notifications for visual changes.
+
+
+# ---
+# I) SMTP configuration (grafana.ini)
+# ---
+
+# 1. Edit the configuration file 'grafana.ini' typically located in
+#    the direcory '/etc/grafania'
+#
+#
+# Within the [smtp] settings section, specify the following parameters:
+#
+#   enabled = true
+#
+#   # The hostname or IP address of your SMTP server, and the port number 
+#   #of your SMTP server (commonly 25, 465, or 587). Default is localhost:25.
+#   host = a.mx.oopen.de:465
+#
+#   # Your SMTP username (if authentication is required).
+#   user = grafana-nd@oopen.de
+#
+#   # Your SMTP password (if authentication is required).
+#   password = 24G%s.NSKJ/q
+#
+#   # The email address from which Grafana notifications will be sent.
+#   from_address = alert@grafana.ndneu.de
+#
+#   # The name associated with the from_address.
+#   from_name = Grafana
+#
+vim /etc/grafana/grafana.ini
+
+
+# 2. Restart Grafana.
+#
+systemctl restart grafana-server.service
+
+
+
+# --
+# II) On Browserinterface set up email integration
+# --
+
+#    1. Navigate to Alerts & IRM -> Alerting -> Contact points.
+#
+#
+#    2. Click + Add contact point.
+#
+#
+#    3. Enter a contact point name.
+#
+#
+#    4. From the Integration list, select Email.
+#
+#
+#    5. Enter the email addresses you want to send notifications to.
+#
+#       E-mail addresses are case sensitive. Ensure that the e-mail address entered is correct.
+#
+#
+#    6. Click Test to check that your integration works.
+#
+#       ** For Grafana Alertmanager only.**
+#
+#
+#    7. Click Save contact point.
+
+# The email contact point is ready to receive alert notifications.
+# ================================================================
+
+
+# --
+# Next steps
+# ---
+
+#    1. In Grafana, navigate to Alerting > Alert rules.
+#
+#    2. Edit or create a new alert rule.
+#
+#    3. Scroll down to the Configure labels and notifications section.
+#
+#    4. Under Notifications click Select contact point.
+#
+#    5. From the drop-down menu, select the previously created contact point.
+#
+#    6. Click Save rule and exit.
+
--- a/README.install
+++ b/README.install
@ -0,0 +1,39 @@
+# ---
+# Install from APT repository
+# ---
+
+# see: https://grafana.com/docs/grafana/latest/setup-grafana/installation/debian/
+
+# Note
+# Grafana Enterprise is the recommended and default edition. It is available 
+# for free and includes all the features of the OSS edition. You can also 
+# upgrade to the full Enterprise feature set, which has support for 
+# Enterprise plugins.
+
+
+# 1. Install the prerequisite packages:
+#
+sudo apt-get install -y apt-transport-https software-properties-common wget
+
+
+# 2. Import the GPG key:
+#
+sudo mkdir -p /etc/apt/keyrings/
+wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null
+
+
+# 3. To add a repository for stable releases, run the following command:
+#
+echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | sudo tee -a /etc/apt/sources.list.d/grafana.list
+
+
+# 4. Run the following command to update the list of available packages:
+#
+Run the following command to update the list of available packages:
+
+
+# 5. To install Grafana OSS, run the following command:
+#
+# Installs the latest OSS release:
+#
+sudo apt-get install grafana
--- a/README.nginx
+++ b/README.nginx
@ -0,0 +1,113 @@
+# ---
+# type:
+#
+#    1. Adjust variables 'grafana_host_name' and 'grafana_port' and if not a
+#       standard installation also nginx concerning variables
+#
+#    2. source README.nginx
+#
+# ---
+
+grafana_host_name="grafana.ndneu.de"
+grafana_port=3002
+
+
+nginx_path_sites_available="/etc/nginx/sites-available"
+nginx_path_sites_enabled="/etc/nginx/sites-enabled"
+nginx_config_file="${nginx_path_sites_available}/${grafana_host_name}.conf"
+
+cat << EOF > ${nginx_config_file}
+# This is required to proxy Grafana Live WebSocket connections.
+map \$http_upgrade \$connection_upgrade {
+  default upgrade;
+  '' close;
+}
+
+upstream grafana {
+  server localhost:${grafana_port};
+}
+
+server {
+   listen 80;
+   listen [::]:80;
+   server_name ${grafana_host_name};
+
+   return 301 https://\$server_name\$request_uri;
+}
+
+server {
+   listen 443 ssl http2;
+   listen [::]:443 ssl http2;
+   server_name grafana.ndneu.de;
+
+   # Include location directive for Let's Encrypt ACME Challenge
+   #
+   # Needed for (automated) updating certificate
+   #
+   include snippets/letsencrypt-acme-challenge.conf;
+
+
+   # Use Mozilla's guidelines for SSL/TLS settings
+   # https://mozilla.github.io/server-side-tls/ssl-config-generator/
+   ssl_certificate /var/lib/dehydrated/certs/grafana.ndneu.de/fullchain.pem;
+   ssl_certificate_key /var/lib/dehydrated/certs/grafana.ndneu.de/privkey.pem;
+
+   # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
+   #
+   # To generate a dhparam.pem file, run in a terminal
+   #    openssl dhparam -dsaparam -out /etc/nginx/ssl/dhparam.pem 2048
+   #
+   ssl_dhparam /etc/nginx/ssl/dhparam.pem;
+
+   # Speeds things up a little bit when resuming a session
+   ssl_session_timeout 1d;
+   #ssl_session_cache shared:MozSSL:10m;
+   ssl_session_tickets off;
+
+   ssl_protocols TLSv1.2 TLSv1.3;
+   ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+   ssl_prefer_server_ciphers off;
+
+   # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+   add_header Strict-Transport-Security "max-age=63072000" always;
+
+   add_header  X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
+
+
+   # OCSP stapling
+   ssl_stapling on;
+   ssl_stapling_verify on;
+
+    # verify chain of trust of OCSP response using Root CA and Intermediate certs
+    ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
+
+   root /usr/share/nginx/html;
+
+   index index.html index.htm;
+
+   location / {
+      proxy_set_header Host \$host;
+      proxy_pass http://grafana;
+   }
+
+   # Proxy Grafana Live WebSocket connections.
+   location /api/live/ {
+      proxy_http_version 1.1;
+      proxy_set_header Upgrade \$http_upgrade;
+      proxy_set_header Connection \$connection_upgrade;
+      proxy_set_header Host \$host;
+      proxy_pass http://grafana;
+   }
+}
+EOF
+
+# Delete existin symlink
+#
+if [[ -f "${nginx_path_sites_enabled}/$(basename "${nginx_config_file}")" ]] ; then
+   rm "${nginx_path_sites_enabled}/$(basename "${nginx_config_file}")"
+fi
+
+# Activate site
+#
+ln -s "../sites-available/$(basename "${nginx_config_file}")" \
+   "${nginx_path_sites_enabled}/$(basename "${nginx_config_file}")"
--- a/README.recover-admin-passwd
+++ b/README.recover-admin-passwd
@ -0,0 +1,26 @@
+# ---
+# Recover your grafana admin password using sqlite shell
+# ---
+
+# One day you can lose your grafana admin password and probably you will desire 
+# to recover it rather than reinstall. If your grafana has been using sqlite as 
+# backend storage, the recover process is easy. Here are the steps to do that:
+#
+#    In your local machine, install the sqlite3 package
+#
+sudo apt-get install sqlite3
+
+
+#  Login into your sql database
+
+sudo sqlite3 /var/lib/grafana/grafana.db
+
+
+#  Reset the admin password using SQL update (the new password will be admin)
+
+sqlite> update user set password = '59acf18b94d7eb0694c61e60ce44c110c7a683ac6a8f09580d626f90f4a242000746579358d77dd9e570e83fa24faa88a8a6', salt = 'F3FAxVm33R' where login = 'admin';
+sqlite> .exit
+
+# ***
+# Now, you could login in your grafana web interface using username: admin and password: admin
+# ***
				`@ -0,0 +1 @@`
				`# see: https://grafana.com/docs/grafana/latest/`