62 lines
1.7 KiB
YAML
62 lines
1.7 KiB
YAML
namespaceOverride: monitoring
|
|
|
|
prometheus:
|
|
prometheusSpec:
|
|
serviceMonitorSelectorNilUsesHelmValues: false
|
|
podMonitorSelectorNilUsesHelmValues: false
|
|
retention: 10d
|
|
resources:
|
|
requests:
|
|
memory: 400Mi
|
|
cpu: 200m
|
|
storageSpec:
|
|
volumeClaimTemplate:
|
|
spec:
|
|
accessModes: ["ReadWriteOnce"]
|
|
storageClassName: nfs-client
|
|
resources:
|
|
requests:
|
|
storage: 50Gi
|
|
additionalScrapeConfigsSecret:
|
|
name: prometheus-additional-scrape-configs
|
|
key: additional-scrape-configs.yaml
|
|
|
|
grafana:
|
|
persistence:
|
|
enabled: true
|
|
storageClassName: nfs-client
|
|
accessModes: ["ReadWriteOnce"]
|
|
size: 2Gi
|
|
|
|
ingress:
|
|
enabled: true
|
|
hosts:
|
|
- grafana.dvirlabs.com
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
tls:
|
|
- hosts:
|
|
- grafana.dvirlabs.com
|
|
secretName: tls-grafana
|
|
|
|
envFromSecret: grafana-oidc-secret
|
|
|
|
grafana.ini:
|
|
server:
|
|
root_url: https://grafana.dvirlabs.com
|
|
auth:
|
|
disable_login_form: true
|
|
disable_signout_menu: false
|
|
auth.generic_oauth:
|
|
enabled: true
|
|
name: Keycloak
|
|
allow_sign_up: true
|
|
client_id: grafana
|
|
client_secret: ${client_secret}
|
|
scopes: openid profile email
|
|
auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
|
|
token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
|
|
api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
|
|
role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
|
|
allow_assign_grafana_admin: true
|