[server]
domain = grafana.home.finn.io
root_url = https://%(domain)s/

[date_formats]
default_timezone = America/Los_Angeles

[analytics]
reporting_enabled = false
check_for_updates = false

[security]
strict_transport_security = true
strict_transport_security_max_age_seconds = 86400
strict_transport_security_subdomains = true

[auth]
disable_signout_menu = false
oauth_auto_login = true

[auth.generic_oauth]
auto_login = true
enabled = true
name = Janky Solutions Auth
client_id = $__env{OAUTH_CLIENT_ID}
client_secret = $__env{OAUTH_CLIENT_SECRET}
scopes = openid email profile offline_access roles
email_attribute_path = email
login_attribute_path = username
name_attribute_path = full_name
auth_url = https://auth.janky.solutions/realms/janky.solutions/protocol/openid-connect/auth
token_url = https://auth.janky.solutions/realms/janky.solutions/protocol/openid-connect/token
api_url = https://auth.janky.solutions/realms/janky.solutions/protocol/openid-connect/userinfo
role_attribute_path = contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'
allow_assign_grafana_admin = true

[external_image_storage]
provider = s3

[external_image_storage.s3]
endpoint = storage.home.finn.io
path_style_access = true
bucket = grafana
region = sea-01
;path = 
access_key = BOx3M6NesE3HilaWg9PJ
secret_key = $__env{S3_SECRET_ACCESS_KEY}

[database]
type = postgres
host = grafana-database
name = grafana
user = $__env{DATABASE_USER}
password = $__env{DATABASE_PASSWORD}
ssl_mode = require