100 lines
2.5 KiB
YAML
100 lines
2.5 KiB
YAML
replicas: 1
|
|
|
|
## Create a headless service for the deployment
|
|
headlessService: false
|
|
|
|
## Expose the grafana service to be accessed from outside the cluster (LoadBalancer service).
|
|
## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it.
|
|
## ref: http://kubernetes.io/docs/user-guide/services/
|
|
##
|
|
service:
|
|
enabled: true
|
|
|
|
serviceMonitor:
|
|
## If true, a ServiceMonitor CRD is created for a prometheus operator
|
|
## https://github.com/coreos/prometheus-operator
|
|
##
|
|
enabled: false
|
|
|
|
envValueFrom:
|
|
AUTH_GRAFANA_CLIENT_SECRET:
|
|
secretKeyRef:
|
|
name: grafana-auth
|
|
key: client_secret
|
|
|
|
ingress:
|
|
enabled: false
|
|
|
|
# credentials
|
|
admin:
|
|
existingSecret: grafana-admin-secret
|
|
userKey: user
|
|
passwordKey: password
|
|
|
|
datasources:
|
|
datasources.yaml:
|
|
apiVersion: 1
|
|
datasources:
|
|
- name: Prometheus
|
|
type: prometheus
|
|
url: http://prometheus.monitoring.svc:9090
|
|
isDefault: true
|
|
- name: Thanos
|
|
type: prometheus
|
|
url: http://thanos-querier.monitoring.svc:10902
|
|
isDefault: false
|
|
- name: Loki
|
|
type: loki
|
|
url: http://loki.monitoring.svc:3100
|
|
isDefault: false
|
|
|
|
dashboardProviders:
|
|
dashboardproviders.yaml:
|
|
apiVersion: 1
|
|
providers:
|
|
- name: 'default'
|
|
orgId: 1
|
|
folder: ''
|
|
type: file
|
|
disableDeletion: false
|
|
editable: true
|
|
options:
|
|
path: /var/lib/grafana/dashboards/default
|
|
## Reference to external ConfigMap per provider. Use provider name as key and ConfigMap name as value.
|
|
## A provider dashboards must be defined either by external ConfigMaps or in values.yaml, not in both.
|
|
## ConfigMap data example:
|
|
##
|
|
## data:
|
|
## example-dashboard.json: |
|
|
## RAW_JSON
|
|
##
|
|
dashboardsConfigMaps:
|
|
default: grafana-dashboards
|
|
|
|
|
|
grafana.ini:
|
|
wal: true
|
|
default_theme: dark
|
|
unified_alerting:
|
|
enabled: false
|
|
analytics:
|
|
check_for_updates: false
|
|
server:
|
|
domain: grafana.kluster.moll.re
|
|
root_url: https://grafana.kluster.moll.re
|
|
auth.generic_oauth:
|
|
name: Authelia
|
|
enabled: true
|
|
icon: signin
|
|
client_id: grafana
|
|
client_secret: ${AUTH_GRAFANA_CLIENT_SECRET}
|
|
scopes: openid profile email groups
|
|
empty_scopes: false
|
|
auth_url: https://auth.kluster.moll.re/api/oidc/authorization
|
|
token_url: https://auth.kluster.moll.re/api/oidc/token
|
|
api_url: https://auth.kluster.moll.re/api/oidc/userinfo
|
|
tls_skip_verify_insecure: true
|
|
auto_login: true
|
|
use_pkce: true
|
|
role_attribute_path: contains(groups[*], 'apps_admin') && 'Admin' || 'Editor'
|