Nginx+Lua实现Grafana集成SSO

基本思路

Grafana开auth.proxy, Nginx+Lua控制cookie及X-WEBAUTH-USER的值 (Enable auth.proxy in Grafana, Then use Nginx+Lua to control cookie and value of X-WEBAUTH-USER).

架构图

环境配置

  • Download and install LuaJIT
  • Install Tengine 2.2.1 with configure option --with-http_lua_module --with-ld-opt="-Wl,-rpath,$LUAJIT_LIB"
  • Download and compile lua-cjson, then copy cjson.so to lib dir. Such as /usr/lib64/lua/5.1/

Nginx配置

Main Configuration

Access With Out SSO

某种情况下可能不想挑转到sso去认证,比如某个公共的本地账号。这时可以通过Nginx配置绕过SSO认证(Sometimes we may want to login with out SSO, such as a local grafana account for public use. For this situation, we can use Nginx to bypass SSO)

Full Code

参考资料




本文遵从CC版权协定,转载请以链接形式注明出处。
本文链接地址: http://www.annhe.net/article-3551.html

4 thoughts on “Nginx+Lua实现Grafana集成SSO

发表评论

电子邮件地址不会被公开。 必填项已用*标注