Docs: Setup refactor (#49739)

* builds out refactored setup topics

* Automatically fix some relrefs with mv-manager

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Use refs for tutorials content which is outside of this repository

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Manually fix complicated relrefs

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* consolidates team sync and db encryption topics

* Fix relrefs

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* updates setup index file

* Convert TOML to YAML

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Add current alias for new alerting content

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Add current aliases to new setup-grafana and configure-security pages

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* moves saml docs, updates order in TOC

* Manually fix relrefs

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* added usage insights topics, adjusted weights

* corrected relrefs

* Fix relrefs broken in rebase

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

docs/sources/setup-grafana/configure-security/configure-authentication/github.md

@@ -0,0 +1,118 @@
+---
+aliases:
+  - /docs/grafana/latest/auth/github/
+  - /docs/grafana/latest/setup-grafana/configure-security/configure-authentication/github/
+description: Grafana OAuthentication Guide
+keywords:
+  - grafana
+  - configuration
+  - documentation
+  - oauth
+title: Configure GitHub OAuth2 Authentication
+weight: 1400
+---
+
+# Configure GitHub OAuth2 authentication
+
+To enable the GitHub OAuth2 you must register your application with GitHub. GitHub will generate a client ID and secret key for you to use.
+
+## Configure GitHub OAuth application
+
+You need to create a GitHub OAuth application (you will find this under the GitHub
+settings page). When you create the application you will need to specify
+a callback URL. Specify this as callback:
+
+```bash
+http://<my_grafana_server_name_or_ip>:<grafana_server_port>/grafana/login/github
+```
+
+This callback URL must match the full HTTP address that you use in your
+browser to access Grafana, but with the suffix path of `/login/github`.
+When the GitHub OAuth application is created you will get a Client ID and a
+Client Secret. Specify these in the Grafana configuration file. For
+example:
+
+## Enable GitHub in Grafana
+
+```bash
+[auth.github]
+enabled = true
+allow_sign_up = true
+client_id = YOUR_GITHUB_APP_CLIENT_ID
+client_secret = YOUR_GITHUB_APP_CLIENT_SECRET
+scopes = user:email,read:org
+auth_url = https://github.com/login/oauth/authorize
+token_url = https://github.com/login/oauth/access_token
+api_url = https://api.github.com/user
+team_ids =
+allowed_organizations =
+```
+
+You may have to set the `root_url` option of `[server]` for the callback URL to be
+correct. For example in case you are serving Grafana behind a proxy.
+
+Restart the Grafana back-end. You should now see a GitHub login button
+on the login page. You can now login or sign up with your GitHub
+accounts.
+
+You may allow users to sign-up via GitHub authentication by setting the
+`allow_sign_up` option to `true`. When this option is set to `true`, any
+user successfully authenticating via GitHub authentication will be
+automatically signed up.
+
+### team_ids
+
+Require an active team membership for at least one of the given teams on
+GitHub. If the authenticated user isn't a member of at least one of the
+teams they will not be able to register or authenticate with your
+Grafana instance. For example:
+
+```bash
+[auth.github]
+enabled = true
+client_id = YOUR_GITHUB_APP_CLIENT_ID
+client_secret = YOUR_GITHUB_APP_CLIENT_SECRET
+scopes = user:email,read:org
+team_ids = 150,300
+auth_url = https://github.com/login/oauth/authorize
+token_url = https://github.com/login/oauth/access_token
+api_url = https://api.github.com/user
+allow_sign_up = true
+```
+
+### allowed_organizations
+
+Require an active organization membership for at least one of the given
+organizations on GitHub. If the authenticated user isn't a member of at least
+one of the organizations they will not be able to register or authenticate with
+your Grafana instance. For example
+
+```bash
+[auth.github]
+enabled = true
+client_id = YOUR_GITHUB_APP_CLIENT_ID
+client_secret = YOUR_GITHUB_APP_CLIENT_SECRET
+scopes = user:email,read:org
+auth_url = https://github.com/login/oauth/authorize
+token_url = https://github.com/login/oauth/access_token
+api_url = https://api.github.com/user
+allow_sign_up = true
+# space-delimited organization names
+allowed_organizations = github google
+```
+
+### Team Sync (Enterprise only)
+
+> Only available in Grafana Enterprise v6.3+
+
+With Team Sync you can map your GitHub org teams to teams in Grafana so that your users will automatically be added to
+the correct teams.
+
+Your GitHub teams can be referenced in two ways:
+
+- `https://github.com/orgs/<org>/teams/<slug>`
+- `@<org>/<slug>`
+
+Example: `@grafana/developers`
+
+[Learn more about Team Sync]({{< relref "../configure-team-sync/" >}})