hive-apps/projects/grafana/values/loki-stack.yaml
2021-11-28 11:16:31 +01:00

124 lines
2.5 KiB
YAML
Executable file

loki:
image:
tag: 2.3.0
enabled: true
promtail:
enabled: true
fluent-bit:
enabled: true
grafana:
enabled: true
image:
tag: 8.1.2
admin:
existingSecret: "loki-stack-grafana"
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: vault-issuer
kubernetes.io/ingress.class: nginx
hosts:
- grafana.dc
tls:
- secretName: grafana-tls
hosts:
- grafana.dc
sidecar:
datasources:
enabled: true
dashboards:
enabled: true
label: grafana_dashboard
persistence:
enabled: true
plugins:
- grafana-piechart-panel
dashboards:
default:
traefik:
gnetId: 11462
revision: 1
# For OAUTH Secret Token
envFromSecret: grafana-env
grafana.ini:
paths:
data: /var/lib/grafana/data
logs: /var/log/grafana
plugins: /var/lib/grafana/plugins
provisioning: /etc/grafana/provisioning
analytics:
check_for_updates: false
log:
mode: console
grafana_net:
url: https://grafana.net
server:
root_url: https://grafana.dc
auth.generic_oauth:
name: Authentik
enabled: true
allow_sign_up: true
client_id: 779461ddc18a79dba69cf2eef895a20d59b21d59
#client_secret: IN ENV
scopes: "openid profile email"
#email_attribute_name: email:primary
role_attribute_path: "contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'"
auth_url: https://auth.dc/application/o/authorize/
token_url: https://auth.dc/application/o/token/
api_url: https://auth.dc/application/o/userinfo/
# meh.. but for now...
tls_skip_verify_insecure: true
prometheus:
enabled: false
image:
tag: v2.26.0
extraScrapeConfigs: |
- job_name: 'openwrt'
scrape_interval: 10s
static_configs:
- targets: ['192.168.1.1:9100']
- job_name: 'borg'
scrape_interval: 10s
static_configs:
- targets: ['192.168.1.111:9942']
podSecurityPolicy:
enabled: true
server:
extraArgs:
#storage.local.retention: 720h
nodeexporter:
# image:
# repository: quay.io/prometheus/node-exporter
# tag: v1.1.2
extraHostPathMounts:
- name: textfile-dir
mountPath: /srv/txt_collector
hostPath: /var/lib/node-exporter
readOnly: true
mountPropagation: HostToContainer
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsNonRoot: false
runAsUser: 0