blumeops/argocd/manifests/grafana/grafana.ini

[analytics]
check_for_updates = false
reporting_enabled = false

[auth.generic_oauth]
allow_sign_up = true
api_url = https://authentik.ops.eblu.me/application/o/userinfo/
auth_url = https://authentik.ops.eblu.me/application/o/authorize/
auto_login = false
client_id = grafana
client_secret = $__env{GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET}
enabled = true
name = Authentik
role_attribute_path = contains(groups[*], 'admins') && 'Admin' || 'Viewer'
skip_org_role_sync = false
scopes = openid profile email
token_url = https://authentik.ops.eblu.me/application/o/token/

[log]
mode = console

[paths]
data = /var/lib/grafana/
logs = /var/log/grafana
plugins = /var/lib/grafana/plugins
provisioning = /etc/grafana/provisioning

[security]
allow_embedding = false

[server]
root_url = https://grafana.ops.eblu.me

[unified_alerting]
enabled = true
evaluation_timeout = 30s
min_interval = 10s