Michal.Wrobel/stacks_adding_alloy
1
0
Fork 0
forked from DevFW-CICD/stacks
Code Pull requests Activity
stacks_adding_alloy/template/stacks/monitoring/kube-prometheus/values.yaml
Richard Robert Reitz 63a694d17c Removed Grafana admin account
2025-03-02 17:09:02 +01:00

71 lines
2.2 KiB
YAML
Raw Blame History

grafana:
namespaceOverride: "monitoring"
#admin:
# existingSecret: "kube-prometheus-stack-grafana-admin-password"
# userKey: admin-user
# passwordKey: admin-password
defaultDashboardsTimezone: Europe/Berlin
additionalDataSources:
- name: Loki
type: loki
url: http://loki-loki-distributed-gateway.monitoring:80
# syncPolicy:
# syncOptions:
# - ServerSideApply=true
sidecar:
dashboards:
enabled: true
label: grafana_dashboard
folder: /tmp/dashboards
updateIntervalSeconds: 10
folderAnnotation: grafana_folder
provider:
allowUiUpdates: true
foldersFromFilesStructure: true
grafana.ini:
server:
domain: {{{ .Env.DOMAIN }}}
root_url: "%(protocol)s://%(domain)s/grafana"
serve_from_sub_path: true
auth:
disable_login: true
disable_login_form: true
auth.generic_oauth:
enabled: true
name: Keycloak-OAuth
allow_sign_up: true
use_refresh_token: true
client_id: grafana
client_secret: $__file{/etc/secrets/auth_generic_oauth/client_secret}
scopes: openid email profile offline_access roles
email_attribute_path: email
login_attribute_path: username
name_attribute_path: full_name
auth_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/auth
token_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/token
api_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/userinfo
redirect_uri: http://{{{ .Env.DOMAIN }}}/grafana/login/generic_oauth
role_attribute_path: "contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'editor') && 'Editor' || 'Viewer'"
extraSecretMounts:
- name: auth-generic-oauth-secret-mount
secretName: auth-generic-oauth-secret
defaultMode: 0440
mountPath: /etc/secrets/auth_generic_oauth
readOnly: true
serviceMonitor:
# If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator
enabled: true
#monitoring nginx
prometheus:
prometheusSpec:
podMonitorSelectorNilUsesHelmValues: false
serviceMonitorSelectorNilUsesHelmValues: false
View git blame Copy permalink