theshire/kubernetes/apps/observability/grafana/app/helmrelease.yaml

---
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: grafana
spec:
  interval: 30m
  chart:
    spec:
      chart: grafana
      version: 7.3.3
      sourceRef:
        kind: HelmRepository
        name: grafana
        namespace: flux-system
  install:
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      retries: 3
  uninstall:
    keepHistory: false
  dependsOn:
    - name: kube-prometheus-stack
      namespace: observability
    - name: loki
      namespace: observability
  values:
    replicas: 2
    envFromSecret: grafana-secret
    grafana.ini:
      analytics:
        check_for_updates: false
        check_for_plugin_updates: false
        reporting_enabled: false
      auth:
        oauth_auto_login: true
        oauth_allow_insecure_email_lookup: true
      auth.generic_oauth:
        enabled: true
        name: Authentik
        icon: signin
        scopes: openid profile email
        empty_scopes: false
        login_attribute_path: preferred_username
        groups_attribute_path: groups
        name_attribute_path: name
        use_pkce: true
        client_id: CoV7ae1HxuNzwCbVPf3U7TfYMX2rVqC5T9RAUo5M
        client_secret: # Set by env vars
        auth_url: https://auth.hsn.dev/application/o/authorize/
        token_url: https://auth.hsn.dev/application/o/token/
        api_url: https://auth.hsn.dev/application/o/userinfo/
        role_attribute_path: |
          contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
      auth.basic:
        enabled: false
      auth.anonymous:
        enabled: false
        # org_id: 1
        # org_role: Viewer
      news:
        news_feed_enabled: false
sup grafana 2024-03-01 08:25:37 -06:00			`---`
			`# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json`
			`apiVersion: helm.toolkit.fluxcd.io/v2beta2`
			`kind: HelmRelease`
			`metadata:`
			`name: grafana`
			`spec:`
			`interval: 30m`
			`chart:`
			`spec:`
			`chart: grafana`
			`version: 7.3.3`
			`sourceRef:`
			`kind: HelmRepository`
			`name: grafana`
			`namespace: flux-system`
			`install:`
			`remediation:`
			`retries: 3`
			`upgrade:`
			`cleanupOnFail: true`
			`remediation:`
			`retries: 3`
			`uninstall:`
			`keepHistory: false`
			`dependsOn:`
			`- name: kube-prometheus-stack`
			`namespace: observability`
			`- name: loki`
			`namespace: observability`
			`values:`
			`replicas: 2`
Add grafana.ini config. 2024-03-01 13:47:55 -06:00			`envFromSecret: grafana-secret`
			`grafana.ini:`
			`analytics:`
			`check_for_updates: false`
			`check_for_plugin_updates: false`
			`reporting_enabled: false`
			`auth:`
			`oauth_auto_login: true`
			`oauth_allow_insecure_email_lookup: true`
			`auth.generic_oauth:`
			`enabled: true`
			`name: Authentik`
			`icon: signin`
			`scopes: openid profile email`
			`empty_scopes: false`
			`login_attribute_path: preferred_username`
			`groups_attribute_path: groups`
			`name_attribute_path: name`
			`use_pkce: true`
			`client_id: CoV7ae1HxuNzwCbVPf3U7TfYMX2rVqC5T9RAUo5M`
			`client_secret: # Set by env vars`
			`auth_url: https://auth.hsn.dev/application/o/authorize/`
			`token_url: https://auth.hsn.dev/application/o/token/`
			`api_url: https://auth.hsn.dev/application/o/userinfo/`
			`role_attribute_path: \|`
			`contains(groups[], 'Grafana Admins') && 'Admin' \|\| contains(groups[], 'Grafana Editors') && 'Editor' \|\| 'Viewer'`
			`auth.basic:`
			`enabled: false`
			`auth.anonymous:`
			`enabled: false`
			`# org_id: 1`
			`# org_role: Viewer`
			`news:`
			`news_feed_enabled: false`