Chronograf
What is Chronograf
Chronograf lets you quickly visualize the data stored in InfluxDB, enabling you to build robust queries and alerts. It is simple to use and comes with templates and libraries for rapidly creating dashboards with real-time data visualizations.
-- https://www.influxdata.com/time-series-platform/chronograf/
Preparation
The following placeholders are used in this guide:
chronograf.companyis the FQDN of your Chronograf install.authentik.companyis the FQDN of your authentik install.
authentik configuration
- From the authentik Admin interface navigate to Applications -> Applications on the left sidebar.
- Create an application and an OAuth2/OpenID provider using the wizard.
- Note the application slug, client ID, and client secret, as they will be required later.
- Set a strict redirect URI to
https://chronograf.company/oauth/authentik/callback. - Choose a signing key (any available key is acceptable).
- Complete and submit the settings to close the wizard.
Chronograf configuration
Add the following environment variables to your Chronograf setup. If you are using a configuration file for Chronograf, these settings can also be included there. You may modify the values for GENERIC_SCOPES and GENERIC_API_KEY to suit your specific requirements.
Refer to the Chronograf configuration options documentation for more information.
PUBLIC_URL=https://chronograf.company
TOKEN_SECRET=<A random secret>
JWKS_URL=https://authentik.company/application/o/<application-slug>/jwks/
GENERIC_NAME=authentik
GENERIC_CLIENT_ID=<client-id>
GENERIC_CLIENT_SECRET=<client-secret>
GENERIC_SCOPES=email,profile,openid
GENERIC_DOMAINS=authentik.company
GENERIC_AUTH_URL=https://authentik.company/application/o/authorize/
GENERIC_TOKEN_URL=https://auth.authentik.company/application/o/token/
GENERIC_API_URL=https://auth.authentik.company/application/o/userinfo/
GENERIC_API_KEY=email
USE_ID_TOKEN=true
After restarting your Chronograf instance, the login page should display a "Log in with authentik" button.