#!/bin/bash # Grafana 多用户和组织配置脚本 # 使用方法: ./setup-users.sh set -e GRAFANA_URL="${GRAFANA_URL:-http://localhost:3000}" GRAFANA_ADMIN_USER="${GRAFANA_ADMIN_USER:-admin}" GRAFANA_ADMIN_PASSWORD="${GRAFANA_ADMIN_PASSWORD:-admin123}" echo "=== Grafana 多用户配置脚本 ===" echo "" # 检查 jq 是否安装 if ! command -v jq &> /dev/null; then echo "❌ jq 未安装,请先安装 jq:" echo " Ubuntu/Debian: sudo apt-get install jq" echo " CentOS/RHEL: sudo yum install jq" echo " Fedora: sudo dnf install jq" exit 1 fi # 获取认证 Token echo "🔐 获取 Grafana API Token..." AUTH_RESPONSE=$(curl -s -X POST \ -H "Content-Type: application/json" \ -d "{\"user\":\"$GRAFANA_ADMIN_USER\",\"password\":\"$GRAFANA_ADMIN_PASSWORD\"}" \ "$GRAFANA_URL/login") # 检查 Grafana 是否可访问 if ! curl -s "$GRAFANA_URL/api/health" > /dev/null; then echo "❌ 无法连接到 Grafana: $GRAFANA_URL" echo " 请确保 Grafana 服务正在运行" exit 1 fi echo "✅ Grafana 连接成功" echo "" # 创建组织的函数 create_organization() { local org_name=$1 local org_id=$2 echo "📁 创建组织: $org_name" # 检查组织是否已存在 ORG_EXISTS=$(curl -s -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ "$GRAFANA_URL/api/orgs/name/$org_name" | jq -r '.id // empty') if [ -n "$ORG_EXISTS" ]; then echo " ⚠️ 组织 $org_name 已存在 (ID: $ORG_EXISTS)" return fi # 创建组织 ORG_RESPONSE=$(curl -s -X POST \ -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ -H "Content-Type: application/json" \ -d "{\"name\":\"$org_name\"}" \ "$GRAFANA_URL/api/orgs") NEW_ORG_ID=$(echo "$ORG_RESPONSE" | jq -r '.orgId // empty') if [ -n "$NEW_ORG_ID" ]; then echo " ✅ 组织创建成功 (ID: $NEW_ORG_ID)" else echo " ❌ 组织创建失败: $ORG_RESPONSE" fi } # 创建用户的函数 create_user() { local org_name=$1 local username=$2 local password=$3 local email=$4 local role=${5:-Viewer} echo "👤 创建用户: $username (组织: $org_name)" # 切换到指定组织 ORG_ID=$(curl -s -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ "$GRAFANA_URL/api/orgs/name/$org_name" | jq -r '.id // empty') if [ -z "$ORG_ID" ]; then echo " ❌ 组织 $org_name 不存在" return fi # 切换到组织 curl -s -X POST \ -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ "$GRAFANA_URL/api/user/using/$ORG_ID" > /dev/null # 检查用户是否已存在 USER_EXISTS=$(curl -s -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ "$GRAFANA_URL/api/users/lookup?loginOrEmail=$email" | jq -r '.id // empty') if [ -n "$USER_EXISTS" ]; then echo " ⚠️ 用户 $username 已存在" # 将用户添加到组织 curl -s -X POST \ -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ -H "Content-Type: application/json" \ -d "{\"loginOrEmail\":\"$email\",\"role\":\"$role\"}" \ "$GRAFANA_URL/api/orgs/$ORG_ID/users" > /dev/null echo " ✅ 用户已添加到组织" return fi # 创建用户 USER_RESPONSE=$(curl -s -X POST \ -u "$GRAFANA_ADMIN_USER:$GRAFANA_ADMIN_PASSWORD" \ -H "Content-Type: application/json" \ -d "{ \"name\":\"$username\", \"email\":\"$email\", \"login\":\"$username\", \"password\":\"$password\", \"OrgId\":$ORG_ID }" \ "$GRAFANA_URL/api/admin/users") USER_ID=$(echo "$USER_RESPONSE" | jq -r '.id // empty') if [ -n "$USER_ID" ]; then echo " ✅ 用户创建成功 (ID: $USER_ID)" else echo " ❌ 用户创建失败: $USER_RESPONSE" fi } # 示例:创建组织和用户 echo "📝 开始创建组织和用户..." echo "" # 创建示例组织 create_organization "用户组A" 2 create_organization "用户组B" 3 # 创建示例用户 create_user "用户组A" "usera1" "password123" "usera1@example.com" "Viewer" create_user "用户组A" "usera2" "password123" "usera2@example.com" "Editor" create_user "用户组B" "userb1" "password123" "userb1@example.com" "Viewer" create_user "用户组B" "userb2" "password123" "userb2@example.com" "Editor" echo "" echo "✅ 用户配置完成!" echo "" echo "📋 创建的用户:" echo " 用户组A:" echo " - usera1 (Viewer) - usera1@example.com / password123" echo " - usera2 (Editor) - usera2@example.com / password123" echo " 用户组B:" echo " - userb1 (Viewer) - userb1@example.com / password123" echo " - userb2 (Editor) - userb2@example.com / password123" echo "" echo "💡 下一步:" echo " 1. 登录 Grafana 为每个组织配置数据源" echo " 2. 创建组织专用的仪表板" echo " 3. 配置数据源标签过滤(通过 Prometheus 标签)" echo ""