Grafana Addon - how to access?

With the Grafana Addon installed and https enabled for HA, I’m having trouble getting iFrames of Grafana charts to show up in Home Assistant. Many of the suggestions refer to changing Grafana’s .ini file by setting allow_embedding=true, but with Grafana being an addon, I don’t have access to the .ini file. It’s also been suggested to use env_vars. I’ve tried it, but it doesn’t seem to help, graphs still not showing up. Just to note, with a desktop browser, I can do the “accept” unsafe non-https sources, and the grafana chart then works. That option doesn’t exist for mobile browsers.

> env_vars:
>   - name: GF_SECURITY_ALLOW_EMBEDDING
>     value: 'true'
> ssl: true
> certfile: fullchain.pem
> keyfile: privkey.pem
> log_level: error

I am able to access the full Grafana UI by clicking on the side-bar Grafana button in the HA UI. How do I access Grafana directly, without it being an iFrame inside Home Assistant? I’ve tried https://x.x.x.x:3000, but it didn’t work, not a valid page.

1 Like

In the Grafana Addon settings, click on the configuration tab and ensure you have port 3000 entered under network. Then you direct url should work.

2 Likes

if you add 3000 then grafana does not even start! How to enable sharing a graf from grafana as of 2023 december for iFrames?

I have the same issue.

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service base-addon-banner: starting

-----------------------------------------------------------
 Add-on: Grafana
 The open platform for beautiful analytics and monitoring
-----------------------------------------------------------
 Add-on version: 9.1.2
 You are running the latest version of this add-on.
 System: Home Assistant OS 11.4  (aarch64 / raspberrypi4-64)
 Home Assistant Core: 2024.1.5
 Home Assistant Supervisor: 2023.12.1
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
s6-rc: info: service base-addon-banner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service base-addon-timezone: starting
s6-rc: info: service base-addon-log-level: starting
s6-rc: info: service fix-attrs successfully started
[19:03:19] INFO: Configuring timezone (Europe/Warsaw)...
s6-rc: info: service base-addon-log-level successfully started
s6-rc: info: service base-addon-timezone successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service init-nginx: starting
s6-rc: info: service init-grafana: starting
s6-rc: info: service memcached: starting
s6-rc: info: service memcached successfully started
[19:03:20] INFO: Starting Memcached...
s6-rc: info: service init-grafana successfully started
s6-rc: info: service grafana: starting
s6-rc: info: service grafana successfully started
[19:03:21] FATAL: 
[19:03:21] FATAL: SSL has been enabled using the 'ssl' option,
[19:03:21] FATAL: this requires an SSL certificate file which is
[19:03:21] FATAL: configured using the 'certfile' option in the
[19:03:21] FATAL: add-on configuration.
[19:03:21] INFO: Starting Grafana...
[19:03:21] FATAL: 
[19:03:21] FATAL: Unfortunately, the file specified in the
[19:03:21] FATAL: 'certfile' option does not exist.
[19:03:21] FATAL: 
[19:03:21] FATAL: Please ensure the certificate file exists and
[19:03:21] FATAL: is placed in the '/ssl/' directory.
[19:03:21] FATAL: 
[19:03:21] FATAL: In case you don't have SSL yet, consider getting
[19:03:21] FATAL: an SSL certificate or setting the 'ssl' option
[19:03:21] FATAL: to 'false' in case you are not planning on using
[19:03:21] FATAL: SSL with this add-on.
[19:03:21] FATAL: 
[19:03:21] FATAL: Check the add-on manual for more information.
[19:03:21] FATAL: 
s6-rc: warning: unable to start service init-nginx: command exited 1
/run/s6/basedir/scripts/rc.init: warning: s6-rc failed to properly bring all the services up! Check your logs (in /run/uncaught-logs/current if you have in-container logging) for more information.
/run/s6/basedir/scripts/rc.init: fatal: stopping the container.
s6-rc: info: service grafana: stopping
[19:03:21] INFO: Service Grafana exited with code 256 (by signal 15)
s6-rc: info: service grafana successfully stopped
s6-rc: info: service init-grafana: stopping
s6-rc: info: service memcached: stopping
s6-rc: info: service init-grafana successfully stopped
[19:03:22] INFO: Service memcached exited with code 0 (by signal 0)
s6-rc: info: service memcached successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service base-addon-timezone: stopping
s6-rc: info: service base-addon-log-level: stopping
s6-rc: info: service base-addon-timezone successfully stopped
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service base-addon-log-level successfully stopped
s6-rc: info: service base-addon-banner: stopping
s6-rc: info: service base-addon-banner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

OK, I got something.
You need to change SSL to false. Then it starts to work at the port selected but it then asks for user/password, which I do not quite remember.

When I go to ADMINISTRATION - USERS AND ACCESS of Grafana add-on, I see one user: admin, admin@localhost.
I am not sure what the password is. Is there perhaps a default password?
Should I create a new user to log in to Grafana’s http service running at port 3000?

Edit: Yes, setting port to 3000, setting SSL to false and adding Grafana user makes the http server run. :slight_smile:

1 Like

From the Add On Documentation:

Note: As the addon now supports both Ingress and direct access, the default admin user has a password of hassio. Due to the implementation the password cannot be changed, however you can delete and create a new user, if so please ensure to update the grafana_ingress_user option.

That’s how I fixed it, added a new admin user via the grafana web UI from within HA, then disabled SSL, and added port 3000 as mentioned above. Works great!

I done everything but what ip i need to take with the port 3000 to open it directly

Same as your HA