smatsiievskyi/kube
1
0
Fork 0
forked from k-space/kube
Code Issues Pull Requests Packages Projects Activity
Files
88eae1c35ceaca3b0d690d59e5f417a19880cc92
kube/grafana/kustomization.yaml
rasmus c71be24984 grafana: add plugin Infinity
2025-07-24 11:08:09 +03:00

71 lines
2.5 KiB
YAML
Raw Blame History

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: grafana
# spec: https://kubectl.docs.kubernetes.io/references/kustomize/builtins/#_helmchartinflationgenerator_
helmCharts:
- includeCRDs: true
name: &name grafana
releaseName: *name
repo: https://grafana.github.io/helm-charts
valuesInline: # https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
ingress:
enabled: true
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
hosts: [grafana.k-space.ee]
tls: [hosts: ["*.k-space.ee"]]
persistence:
inMemory:
enabled: true
grafana.ini:
log: {level: warn}
server:
root_url: https://grafana.k-space.ee/
auth:
oauth_allow_insecure_email_lookup: true
auth.basic:
enabled: false
auth.generic_oauth:
enabled: true
auto_login: true
name: auth.k-space.ee
role_attribute_path: contains(groups[*], 'k-space:kubernetes:admins') && 'Admin' || contains(groups[*], 'k-space:floor') && 'Editor' || Viewer
allow_sign_up: true
allow_assign_grafana_admin: true
use_pkce: true
use_refresh_token: true
env:
GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION: true # not supported by helm chart through grafana.ini, only env
# helm chart says to use file ref in grafana.ini, but it doesn't work since the secrets are fitlered out there
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "$(OIDC_CLIENT_ID)"
GF_AUTH_GENERIC_OAUTH_SECRET: "$(OIDC_CLIENT_SECRET)"
GF_AUTH_GENERIC_OAUTH_SCOPES: "$(OIDC_AVAILABLE_SCOPES)"
GF_AUTH_GENERIC_OAUTH_AUTH_URL: "$(OIDC_IDP_AUTH_URI)"
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "$(OIDC_IDP_TOKEN_URI)"
GF_AUTH_GENERIC_OAUTH_API_URL: "$(OIDC_IDP_USERINFO_URI)"
GF_AUTH_GENERIC_OAUTH_SIGNOUT_REDIRECT_URL: "$(OIDC_IDP_URI)"
envFromSecrets:
- name: oidc-client-grafana-owner-secrets
- name: grafana-database
plugins:
- yesoreyeram-infinity-datasource
datasources:
prometheus.yaml:
apiVersion: 1
prune: true
datasources:
- name: Prometheus
type: prometheus
url: http://prometheus-prometheus-server
orgId: 1
version: 1
editable: false
version: v9.2.10
resources:
- ./passmower.yaml
- ssh://git@git.k-space.ee/secretspace/kube/grafana # secret: grafana-database
Reference in New Issue View Git Blame Copy Permalink