---
argument_specs:
  main:
    description: Installs and configures grafana
    options:
      grafana_domain:
        description: The domain grafana should be available on
        type: str
        required: true
      grafana_additional_networks:
        description: >-
          A list of additional podman networks for the grafana container (in
          addition to grafana network).
        type: list
        required: false
        default: []
        elements: str

      grafana_oauth_name:
        description: >-
          Name that refers to the generic OAuth2 authentication from the Grafana
          user interface. Required to enable OAuth authentication.
        type: str
        required: false
        default: ""
      grafana_oauth_client_id:
        description: >-
          Client ID provided by your OAuth2 app. Required if OAuth is enabled.
        type: str
        required: false
        default: ""
      grafana_oauth_auth_url:
        description: Authorization endpoint of your OAuth2 provider. Required if OAuth is enabled.
        type: str
        required: false
        default: ""
      grafana_oauth_token_url:
        description: Endpoint used to obtain the OAuth2 access token.
        type: str
        required: false
        default: ""
      grafana_oauth_api_url:
        description: Endpoint used to obtain user information compatible with OpenID UserInfo.
        type: str
        required: false
        default: ""
      grafana_oauth_scopes:
        description: List of OAuth2 scopes.
        type: list
        required: false
        elements: str
        default:
          - openid
          - profile
          - email
      grafana_oauth_role_attribute_path:
        description: >-
          JMESPath expression to use for Grafana role lookup. Grafana will first
          evaluate the expression using the OAuth2 ID token. If no role is found,
          the expression will be evaluated using the user information obtained
          from the UserInfo endpoint. The result of the evaluation should be
          a valid Grafana role (Viewer, Editor, Admin or GrafanaAdmin).
        type: str
        required: false
        default: ""
      grafana_oauth_allow_sign_up:
        description: >-
          Controls Grafana user creation through the generic OAuth2 login. Only
          existing Grafana users can log in with generic OAuth if set to false.
        type: bool
        required: false
        default: true
      grafana_oauth_auto_login:
        description: >-
          Whether to enable users to bypass the login screen and automatically
          log in. This setting is ignored if you configure multiple auth
          providers to use auto-login.
        type: bool
        required: false
        default: true