A Python-based application to backup Grafana settings using the Grafana API.
The aim of this tool is to:
(date and time in file name) for restoring and saving to cloud storage providers. Currently support
Amazon S3Azure StorageGCP Cloud Storage (Use service-account's credential file, see here)Admin's account and password in grafanaSettings.json, or set the base64 encoded admin account and password in ENV GRAFANA_BASIC_AUTH. E.g export GRAFANA_BASIC_AUTH=YWRtaW46YWRtaW4=GF_USERS_ALLOW_ORG_CREATE=true. see grafana docAdmin's account and password in grafanaSettings.json, or set the base64 encoded admin account and password in ENV GRAFANA_BASIC_AUTH. E.g export GRAFANA_BASIC_AUTH=YWRtaW46YWRtaW4=GF_USERS_ALLOW_ORG_CREATE=true. see grafana docAdmin's account and password in grafanaSettings.json, or set the base64 encoded admin account and password in ENV GRAFANA_BASIC_AUTH. E.g export GRAFANA_BASIC_AUTH=YWRtaW46YWRtaW4=default_user_password in grafanaSettings.json, or in ENV DEFAULT_USER_PASSWORD, E.g export DEFAULT_USER_PASSWORD=supersecret will be used when restoring.NOTE The only supported orgId right now is 1, the default organization will be backed up only!
Token of an Admin role (see Configuration section below for more info)There are three ways to setup the configuration:
environment variables to define the variables for connecting to a Grafana server.hard-coded settings in conf/grafanaSettings.json (this is the default settings file if not specified otherwise).~/.grafana-backup.json to define variables in json format.azure, aws, gcp, influxdb blocks (but keep the ones you used).NOTE If you use environment variables, you need to add the following to your .bashrc or execute once before using the tool (please change variables according to your setup):
(GRAFANA_HEADERS is optional, use it if necessary. please see #45)
### Do not use a trailing slash on GRAFANA_URL
export GRAFANA_URL=http://some.host.org:3000
export GRAFANA_TOKEN=eyJrIjoidUhaU2ZQQndrWFN3RRVkUnVfrT56a1JoaG9KWFFObEgiLCJuIjoiYWRtaW4iLCJpZCI6MX0=
# GRAFANA_HEADERS is optional
export GRAFANA_HEADERS=Host:some.host.org
To create and obtain a Token for your Grafana server, please refer to the official documentation.
NOTE that you need to generate a Token with an Admin role for the backup to succeed, otherwise you will have potential permission issues.
Create a virtualenv, you could using something like pyenv if you'd prefer
virtualenv -p $(which python3) venv
source venv/bin/activate
pip install grafana-backup
First clone this repo
git clone https://github.com/ysde/grafana-backup-tool.git
cd grafana-backup-tool
Installation works best using pip
pip install .
grafana-backup save command to backup all your folders, dashboards, datasources and alert channels to the _OUTPUT_ subdirectory of the current directory.Example:
$ grafana-backup save
$ tree _OUTPUT_
_OUTPUT_/
└── 202006272027.tar.gz
grafana-backup restore <archive_file> command with a path to a previous backup to restore everything.NOTE this may result in data loss, by overwriting data on the server.
Example:
$ grafana-backup restore _OUTPUT_/202006272027.tar.gz
Replace variables below to use the Docker version of this tool
{YOUR_GRAFANA_TOKEN}: Your Grafana site Token.{YOUR_GRAFANA_URL}: Your Grafana site URL.{YOUR_BACKUP_FOLDER_ON_THE_HOST}: The backup folder on the Grafana host machine.Check out the CronJob in examples for a simple example of how grafana-backup-tool can be ran within a Kubernetes environment
If you decide to use a volume (-v) then you'll need to create the volume first with 1337 uid/gid ownership first, example:
mkdir /tmp/backup
sudo chown 1337:1337 /tmp/backup
docker run --user $(id -u):$(id -g) --rm --name grafana-backup-tool \
-e GRAFANA_TOKEN={YOUR_GRAFANA_TOKEN} \
-e GRAFANA_URL={YOUR_GRAFANA_URL} \
-e GRAFANA_ADMIN_ACCOUNT={YOUR_GRAFANA_ADMIN_ACCOUNT} \
-e GRAFANA_ADMIN_PASSWORD={YOUR_GRAFANA_ADMIN_PASSWORD} \
-e VERIFY_SSL={True/False} \
-v {YOUR_BACKUP_FOLDER_ON_THE_HOST}:/opt/grafana-backup-tool/_OUTPUT_ \
ysde/docker-grafana-backup-tool
Example:
docker run --user $(id -u):$(id -g) --rm --name grafana-backup-tool \
-e GRAFANA_TOKEN="eyJrIjoiNGZqTDEyeXNaY0RsMXNhbkNTSnlKN2M3bE1VeHdqVTEiLCJuIjoiZ3JhZmFuYS1iYWNrdXAiLCJpZCI6MX0=" \
-e GRAFANA_URL=http://192.168.0.79:3000 \
-e GRAFANA_ADMIN_ACCOUNT=admin \
-e GRAFANA_ADMIN_PASSWORD=adminpassword \
-e VERIFY_SSL=False \
-v /tmp/backup/:/opt/grafana-backup-tool/_OUTPUT_ \
ysde/docker-grafana-backup-tool
S3 Example: Set S3 configurations in -e or grafanaSettings.json(example)
-e AWS_S3_BUCKET_NAME="my-backups-bucket" \
-e AWS_S3_BUCKET_KEY="grafana-backup-folder" \
-e AWS_DEFAULT_REGION="us-east-1" \
-e AWS_ACCESS_KEY_ID="secret" \
-e AWS_SECRET_ACCESS_KEY="secret" \
Azure Example: Set Azure configurations in -e or grafanaSettings.json(example)
-e AZURE_STORAGE_CONTAINER_NAME="azure-storage-container-name" \
-e AZURE_STORAGE_CONNECTION_STRING="azure-storage-connection-string"
GCS Example: Set GCS configurations in -e or grafanaSettings.json(example)
-e GCS_BUCKET_NAME="bucket-name" \
-e GCLOUD_PROJECT="gcp-project-name" \
-e GOOGLE_APPLICATION_CREDENTIALS="credential-file-path"
docker run --user $(id -u):$(id -g) --rm --name grafana-backup-tool \
-e GRAFANA_TOKEN={YOUR_GRAFANA_TOKEN} \
-e GRAFANA_URL={YOUR_GRAFANA_URL} \
-e GRAFANA_ADMIN_ACCOUNT={YOUR_GRAFANA_ADMIN_ACCOUNT} \
-e GRAFANA_ADMIN_PASSWORD={YOUR_GRAFANA_ADMIN_PASSWORD} \
-e VERIFY_SSL={True/False} \
-e RESTORE="true" \
-e ARCHIVE_FILE={THE_ARCHIVED_FILE_NAME} \
-v {YOUR_BACKUP_FOLDER_ON_THE_HOST}:/opt/grafana-backup-tool/_OUTPUT_ \
ysde/docker-grafana-backup-tool
Example:
docker run --user $(id -u):$(id -g) --rm --name grafana-backup-tool \
-e GRAFANA_TOKEN="eyJrIjoiNGZqTDEyeXNaY0RsMXNhbkNTSnlKN2M3bE1VeHdqVTEiLCJuIjoiZ3JhZmFuYS1iYWNrdXAiLCJpZCI6MX0=" \
-e GRAFANA_URL=http://192.168.0.79:3000 \
-e GRAFANA_ADMIN_ACCOUNT=admin \
-e GRAFANA_ADMIN_PASSWORD=adminpassword \
-e VERIFY_SSL=False \
-e RESTORE="true" \
-e ARCHIVE_FILE="202006280247.tar.gz" \
-v /tmp/backup/:/opt/grafana-backup-tool/_OUTPUT_ \
ysde/docker-grafana-backup-tool
You can build the docker image simply by executing make in the root of this repo. The image will get tagged as ysde:grafana-backup
InfluxDB support has been added and Prometheus push gateway support will be added in the future.
In order to monitor successful backups with InfluxDB simply configure grafana-backup InfluxDB settings using this example configuration.
Or if you prefer to use environment variables you can instead set INFLUXDB_HOST, INFLUXDB_PORT, INFLUXDB_MEASUREMENT, INFLUXDB_USERNAME and INFLUXDB_PASSWORD.
Once configured grafana-backup will automatically enter a 1 in your defined timeseries measurement upon each successful backup.
FAQs
A Python-based application to backup Grafana settings using the Grafana API
We found that grafana-backup demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.