grafana azure oauth config

docker-compose.yml

@@ -27,7 +27,12 @@ services:
   grafana:
     image: grafana/grafana-oss
     volumes:
+      - lgtm-config:/lgtm-config
       - grafana-data:/var/lib/grafana
+    environment:
+      GF_AUTH_AZUREAD_CLIENT_ID: ${GF_AUTH_AZUREAD_CLIENT_ID}
+      GF_AUTH_AZUREAD_CLIENT_SECRET: ${GF_AUTH_AZUREAD_CLIENT_SECRET}
+      GF_PATHS_CONFIG: "/lgtm-config/lgtm-stack/grafana.ini"
     restart: unless-stopped
     user: '0'
     networks:

grafana.ini

@@ -0,0 +1,20 @@
+[auth.azuread]
+name = Azure AD
+enabled = true
+allow_sign_up = true
+auto_login = false
+#client_id = APPLICATION_ID
+#client_secret = CLIENT_SECRET
+scopes = openid email profile offline_access
+auth_url = https://login.microsoftonline.com/0a651be1-a772-4af3-aab3-a1d57dae5965/oauth2/v2.0/authorize
+token_url = https://login.microsoftonline.com/0a651be1-a772-4af3-aab3-a1d57dae5965/oauth2/v2.0/token
+allowed_domains =
+allowed_groups =
+allowed_organizations = 0a651be1-a772-4af3-aab3-a1d57dae5965
+role_attribute_strict = false
+allow_assign_grafana_admin = false
+skip_org_role_sync = false
+use_pkce = true
+
+[server]
+root_url = https://dev-grafana.sinetcon.com