diff --git a/kubernetes/apps/observability/grafana/app/helmrelease.yaml b/kubernetes/apps/observability/grafana/app/helmrelease.yaml index 187b8f5c..58aadab5 100644 --- a/kubernetes/apps/observability/grafana/app/helmrelease.yaml +++ b/kubernetes/apps/observability/grafana/app/helmrelease.yaml @@ -30,377 +30,3 @@ spec: namespace: observability values: replicas: 2 - env: - GF_DATE_FORMATS_USE_BROWSER_LOCALE: true - GF_SERVER_ROOT_URL: https://grafana.hsn.dev - GF_DATABASE_NAME: ${DB_NAME} - GF_DATABASE_HOST: - valueFrom: - secretKeyRef: - name: "${APP}-pguser-${DB_USER}" - key: host - GF_DATABASE_USER: - valueFrom: - secretKeyRef: - name: "${APP}-pguser-${DB_USER}" - key: user - GF_DATABASE_PASSWORD: - valueFrom: - secretKeyRef: - name: "${APP}-pguser-${DB_USER}" - key: password - GF_DATABASE_SSL_MODE: disable - GF_DATABASE_TYPE: postgres - envFromSecret: grafana-secret - grafana.ini: - analytics: - check_for_updates: false - check_for_plugin_updates: false - reporting_enabled: false - auth: - oauth_auto_login: true - oauth_allow_insecure_email_lookup: true - auth.generic_oauth: - enabled: true - name: Authentik - icon: signin - scopes: openid profile email - empty_scopes: false - login_attribute_path: preferred_username - groups_attribute_path: groups - name_attribute_path: name - use_pkce: true - client_id: CoV7ae1HxuNzwCbVPf3U7TfYMX2rVqC5T9RAUo5M - client_secret: # Set by env vars - auth_url: https://auth.hsn.dev/application/o/authorize/ - token_url: https://auth.hsn.dev/application/o/token/ - api_url: https://auth.hsn.dev/application/o/userinfo/ - role_attribute_path: | - contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer' - auth.basic: - enabled: false - auth.anonymous: - enabled: false - # org_id: 1 - # org_role: Viewer - news: - news_feed_enabled: false - dashboardProviders: - dashboardproviders.yaml: - apiVersion: 1 - providers: - - name: default - orgId: 1 - folder: "" - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/default-folder - - name: ceph - orgId: 1 - folder: Ceph - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/ceph-folder - - name: flux - orgId: 1 - folder: Flux - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/flux-folder - - name: kubernetes - orgId: 1 - folder: Kubernetes - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/kubernetes-folder - - name: nginx - orgId: 1 - folder: Nginx - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/nginx-folder - - name: prometheus - orgId: 1 - folder: Prometheus - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/prometheus-folder - - name: thanos - orgId: 1 - folder: Thanos - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/thanos-folder - - name: unifi - orgId: 1 - folder: Unifi - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/unifi-folder - datasources: - datasources.yaml: - apiVersion: 1 - deleteDatasources: - - { name: Alertmanager, orgId: 1 } - - { name: Loki, orgId: 1 } - - { name: Prometheus, orgId: 1 } - datasources: - - name: Prometheus - type: prometheus - uid: prometheus - access: proxy - url: http://thanos-query-frontend.observability.svc.cluster.local:9090 - jsonData: - prometheusType: Thanos - timeInterval: 1m - isDefault: true - - name: Loki - type: loki - uid: loki - access: proxy - url: http://loki-gateway.observability.svc.cluster.local - jsonData: - maxLines: 250 - - name: Alertmanager - type: alertmanager - uid: alertmanager - access: proxy - url: http://alertmanager-operated.observability.svc.cluster.local:9093 - jsonData: - implementation: prometheus - dashboards: - default: - cloudflared: - # renovate: depName="Cloudflare Tunnels (cloudflared)" - gnetId: 17457 - revision: 6 - datasource: - - { name: DS_PROMETHEUS, value: Prometheus } - external-dns: - # renovate: depName="External-dns" - gnetId: 15038 - revision: 3 - datasource: Prometheus - minio: - # renovate: depName="MinIO Dashboard" - gnetId: 13502 - revision: 25 - datasource: - - { name: DS_PROMETHEUS, value: Prometheus } - node-exporter-full: - # renovate: depName="Node Exporter Full" - gnetId: 1860 - revision: 33 - datasource: Prometheus - redis: - # renovate: depName="Redis Dashboard for Prometheus Redis Exporter 1.x" - gnetId: 763 - revision: 6 - datasource: - - { name: DS_PROMETHEUS, value: Prometheus } - spegel: - # renovate: depName="Spegel" - gnetId: 18089 - revision: 1 - datasource: - - { name: DS_PROMETHEUS, value: Prometheus } - unpackerr: - # renovate: depName="Unpackerr" - gnetId: 18817 - revision: 1 - datasource: - - { name: DS_PROMETHEUS, value: Prometheus } - zfs: - # renovate: depName="ZFS" - gnetId: 7845 - revision: 4 - datasource: Prometheus - cert-manager: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/cert-manager/dashboards/cert-manager.json - datasource: Prometheus - external-secrets: - url: https://raw.githubusercontent.com/external-secrets/external-secrets/main/docs/snippets/dashboard.json - datasource: Prometheus - node-feature-discovery: - url: https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/master/examples/grafana-dashboard.json - datasource: Prometheus - ceph: - ceph-cluster: - # renovate: depName="Ceph Cluster" - gnetId: 2842 - revision: 17 - datasource: Prometheus - ceph-osd: - # renovate: depName="Ceph - OSD (Single)" - gnetId: 5336 - revision: 9 - datasource: Prometheus - ceph-pools: - # renovate: depName="Ceph - Pools" - gnetId: 5342 - revision: 9 - datasource: Prometheus - flux: - flux-cluster: - url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/main/monitoring/configs/dashboards/cluster.json - datasource: Prometheus - flux-control-plane: - url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/main/monitoring/configs/dashboards/control-plane.json - datasource: Prometheus - kubernetes: - kubernetes-api-server: - # renovate: depName="Kubernetes / System / API Server" - gnetId: 15761 - revision: 16 - datasource: Prometheus - kubernetes-coredns: - # renovate: depName="Kubernetes / System / CoreDNS" - gnetId: 15762 - revision: 17 - datasource: Prometheus - kubernetes-global: - # renovate: depName="Kubernetes / Views / Global" - gnetId: 15757 - revision: 37 - datasource: Prometheus - kubernetes-namespaces: - # renovate: depName="Kubernetes / Views / Namespaces" - gnetId: 15758 - revision: 34 - datasource: Prometheus - kubernetes-nodes: - # renovate: depName="Kubernetes / Views / Nodes" - gnetId: 15759 - revision: 29 - datasource: Prometheus - kubernetes-pods: - # renovate: depName="Kubernetes / Views / Pods" - gNetId: 15760 - revision: 21 - datasource: Prometheus - kubernetes-volumes: - # renovate: depName="K8s / Storage / Volumes / Cluster" - gnetId: 11454 - revision: 14 - datasource: Prometheus - nginx: - nginx: - url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/nginx.json - datasource: Prometheus - nginx-request-handling-performance: - url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/request-handling-performance.json - datasource: Prometheus - prometheus: - prometheus: - # renovate: depName="Prometheus" - gnetId: 19105 - revision: 3 - datasource: Prometheus - thanos: - thanos-bucket-replicate: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/bucket-replicate.json - datasource: Prometheus - thanos-compact: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/compact.json - datasource: Prometheus - thanos-overview: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/overview.json - datasource: Prometheus - thanos-query: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/query.json - datasource: Prometheus - thanos-query-frontend: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/query-frontend.json - datasource: Prometheus - thanos-receieve: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/receive.json - datasource: Prometheus - thanos-rule: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/rule.json - datasource: Prometheus - thanos-sidecar: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/sidecar.json - datasource: Prometheus - thanos-store: - url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/store.json - datasource: Prometheus - unifi: - unifi-insights: - # renovate: depName="UniFi-Poller: Client Insights - Prometheus" - gnetId: 11315 - revision: 9 - datasource: Prometheus - unifi-network-sites: - # renovate: depName="UniFi-Poller: Network Sites - Prometheus" - gnetId: 11311 - revision: 5 - datasource: Prometheus - unifi-uap: - # renovate: depName="UniFi-Poller: UAP Insights - Prometheus" - gnetId: 11314 - revision: 10 - datasource: Prometheus - unifi-usw: - # renovate: depName="UniFi-Poller: USW Insights - Prometheus" - gnetId: 11312 - revision: 9 - datasource: Prometheus - sidecar: - dashboards: - enabled: true - searchNamespace: ALL - labelValue: "" - label: grafana_dashboard - folderAnnotation: grafana_folder - provider: - disableDelete: true - foldersFromFilesStructure: true - datasources: - enabled: true - searchNamespace: ALL - labelValue: "" - plugins: - - grafana-clock-panel - - grafana-piechart-panel - - grafana-worldmap-panel - - natel-discrete-panel - - pr0ps-trackmap-panel - - vonage-status-panel - - panodata-map-panel - serviceMonitor: - enabled: true - ingress: - enabled: true - ingressClassName: external-nginx - hosts: - - &host grafana.hsn.dev - tls: - - hosts: - - *host - persistence: - enabled: false - testFramework: - enabled: false - topologySpreadConstraints: - - maxSkew: 1 - topologyKey: kubernetes.io/hostname - whenUnsatisfiable: DoNotSchedule - labelSelector: - matchLabels: - app.kubernetes.io/name: grafana \ No newline at end of file