From f0ab2ec50696a0108f4ac857b116ffb04f9cc236 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 15 Feb 2022 07:03:25 +0200 Subject: [PATCH] Add support for configuring allow_embedding for Grafana Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1626 --- roles/matrix-grafana/defaults/main.yml | 4 ++++ roles/matrix-grafana/templates/grafana.ini.j2 | 2 ++ 2 files changed, 6 insertions(+) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index b1fba38f..25d796a2 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -22,6 +22,10 @@ matrix_grafana_data_path: "{{ matrix_grafana_base_path }}/data" # Allow viewing Grafana without logging in matrix_grafana_anonymous_access: false +# Allow `false`, sends a `X-Frame-Options: deny` HTTP header, which allows Grafana from being embeded in a frame. +# Read more here: https://grafana.com/docs/grafana/latest/administration/configuration/#allow_embedding +matrix_grafana_allow_embedding: false + # specify organization name that should be used for unauthenticated users # if you change this in the Grafana admin panel, this needs to be updated # to match to keep anonymous logins working diff --git a/roles/matrix-grafana/templates/grafana.ini.j2 b/roles/matrix-grafana/templates/grafana.ini.j2 index 8f4c88f0..1e06683e 100644 --- a/roles/matrix-grafana/templates/grafana.ini.j2 +++ b/roles/matrix-grafana/templates/grafana.ini.j2 @@ -16,6 +16,8 @@ content_security_policy = "{{ matrix_grafana_content_security_policy }}" content_security_policy_template = """{{ matrix_grafana_content_security_policy_template }}""" {% endif %} +allow_embedding = {{ matrix_grafana_allow_embedding }} + [auth.anonymous] # enable anonymous access enabled = {{ matrix_grafana_anonymous_access }}