[Help] Setup Grafana podman rootless

devdorrejo · October 10, 2023, 6:57pm

Hello,

I am trying to setup Grafana for rootless, but i am stuck because when i mount the folders in the corresponding partition it won’t populate the folders with the Grafana container files, i am new in container, that’s why here i am looking for a little help with this setup.

My script:

# Create Folder in user
mkdir -p "${PWD}"/data/{config,data,grafana,logs,plugins}
mkdir .enc

# Credentials
USERs=USER_ADMIN
## Generate Password
PASS=$(openssl rand -base64 12)
### Create secret for password and user
echo "${USERs}" >.enc/user && podman secret create "$(echo "${USERs}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" .enc/user
echo "${PASS}" >.enc/pass && podman secret create "$(echo "${PASS}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" .enc/pass

podman run -dt \
    --user "$(id -u)" \
    -p 3000:3000 \
    --name grafana \
    --secret "$(echo "${USERs}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    --secret "$(echo "${PASS}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    -v "${PWD}"/data/config:/etc/grafana:rw \
    -v "${PWD}"/data/data:/var/lib/grafana:U,rw \
    -v "${PWD}"/data/grafana:/usr/share/grafana:rw \
    -v "${PWD}"/data/logs:/var/log/grafana:rw \
    -v "${PWD}"/data/plugins:/var/lib/grafana/plugins:rw \
    -e "GF_SECURITY_ADMIN_PASSWORD__FILE=/run/secrets/$(echo "${PASS}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    -e "GF_SECURITY_ADMIN_USER__FILE=/run/secrets/$(echo "${USERs}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    -e "GF_DEFAULT_INSTANCE_NAME=EYES" \
    -e "GF_SERVER_PROTOCOL=h2" \
    -e "GF_SERVER_ENABLE_GZIP=true" \
    -e "GF_FEATURE_TOGGLES_ENABLE=publicDashboards" \
    -e "GF_INSTALL_PLUGINS=grafana-clock-panel, citilogics-geoloop-panel, gowee-traceroutemap-panel, alexanderzobnin-zabbix-app" \
    -e "GF_LOG_MODE=console file" \
    docker.io/grafana/grafana-enterprise

Now the issues is/are (will update in the progress):

- The folders are not filled with grafana container contents, this creates the error GF_PATHS_CONFIG='/etc/grafana/grafana.ini' is not readable.

yosiasz · October 10, 2023, 9:32pm

Welcome

Looks like you did not provide that env var? And since it errored the rest of the issues are non-issues

devdorrejo · October 11, 2023, 12:12pm

the issue is not the environment, the issue i am facing is, the container is not populating the folders, if i use the container without permanent storage everything works, but if i try setting permanent storage, Grafana it won’t populate the corresponding files in those folders.

So, when it said it is not readable, the file does not exist.

jangaraj · October 11, 2023, 12:28pm

You didn’t create grafana.ini file

devdorrejo · October 11, 2023, 12:31pm

Hoping, that like some others containers, populated the volumes with the defaults files that bring the container.

devdorrejo · October 11, 2023, 12:32pm

i was hoping, getting the file from the container, and not to have to add one manually (this can be used? https://github.com/grafana/grafana/blob/main/conf/defaults.ini) , because i was hoping contribute this script, for users to easily deploy single cluster Grafana service.

jangaraj · October 11, 2023, 12:37pm

Container has own default grafana.ini file, but you are overwriting that config folder by custom volume, so you have to provide grafana.ini in that folder/volume.

devdorrejo · October 11, 2023, 12:53pm

which method can i use to “not overwrite”?, because some folders a created but not files are maintained.

jangaraj · October 11, 2023, 1:47pm

Simole.Don’t use config volume, so you won’t overwrite default grafana.ini

I guess your next question: how can I configure Grafana then?
1.) use the config volume, but provide grafana.ini there
or
2.) use env variables for a Grafana configuration

I would recommend to check doc: https://grafana.com/docs/grafana/latest/setup-grafana/installation/docker/

devdorrejo · October 12, 2023, 3:38pm

well don’t know how the Grafana container is build, but here is the final code:

#!/usr/bin/env bash
# -*- coding: utf-8 -*-

mkdir -p "${PWD}"/data/{config,data,grafana,logs}
mkdir .enc

# Volume Management
## This will point the mount to the folder and store the info there
podman volume create \
    -o device="${PWD}"/data/config \
    -o=o=bind \
    config_grafana

podman volume create \
    -o device="${PWD}"/data/Grafana \
    -o=o=bind \
    home_grafana

# Credentials
USERs=name
PASS=$(openssl rand -base64 12) && echo "$PASS"
echo "${USERs}" >.enc/user && podman secret create "$(echo "${USERs}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" .enc/user
echo "${PASS}" >.enc/pass && podman secret create "$(echo "${PASS}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" .enc/pass

podman rm -f grafana
podman run -dt \
    --user "$(id -u)" \
    -p 3000:3000 \
    --name grafana \
    --secret "$(echo "${USERs}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    --secret "$(echo "${PASS}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    -v "${PWD}"/data/data:/var/lib/grafana:U \
    -v "${PWD}"/data/logs:/var/log/grafana \
    -v config_grafana:/etc/grafana \
    -v home_grafana:/usr/share/grafana \
    -e "GF_SECURITY_ADMIN_PASSWORD__FILE=/run/secrets/$(echo "${PASS}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    -e "GF_SECURITY_ADMIN_USER__FILE=/run/secrets/$(echo "${USERs}" | openssl enc -e -a -base64 | sed 's/[^a-zA-Z0-9]*$//')" \
    -e "GF_DEFAULT_INSTANCE_NAME=EYES" \
    -e "GF_SERVER_PROTOCOL=h2" \
    -e "GF_SERVER_ENABLE_GZIP=true" \
    -e "GF_FEATURE_TOGGLES_ENABLE=publicDashboards" \
    -e "GF_INSTALL_PLUGINS=grafana-clock-panel, citilogics-geoloop-panel, gowee-traceroutemap-panel, alexanderzobnin-zabbix-app" \
    -e "GF_LOG_MODE=console file" \
    docker.io/grafana/grafana-enterprise
podman logs Grafana