jahanson/theshire
1
0
Fork 0
Code Issues 1 Pull requests 5 Projects Releases Packages Wiki Activity Actions
theshire/kubernetes/apps/observability/grafana/app/externalsecret.yaml
Joseph Hanson abdf3f9f63 Secrets... ugh
2024-03-01 13:13:23 -06:00

39 lines
1.2 KiB
YAML
Raw Blame History

---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: grafana-secret
namespace: observability
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: grafana-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ .authentik_grafana_oauth_client_secret }}"
GF_DATE_FORMATS_USE_BROWSER_LOCALE: "true"
GF_SERVER_ROOT_URL: https://grafana.hsn.dev
GF_DATABASE_NAME: ${DB_NAME}
GF_DATABASE_HOST: "grafana-primary.observability.svc:5432"
GF_DATABASE_USER: "{{ .grafana_postgres_user }}"
GF_DATABASE_PASSWORD: "{{ .grafana_postgres_password }}"
GF_DATABASE_SSL_MODE: disable
GF_DATABASE_TYPE: postgres
dataFrom:
- extract:
key: Authentik
rewrite:
- regexp:
source: "(.*)"
target: "authentik_$1"
- extract:
key: grafana
rewrite:
- regexp:
source: "(.*)"
target: "grafana_$1"
Reference in a new issue View git blame Copy permalink