Add config for grafana

2024-07-27 12:11:56 -07:00 · 2024-07-27 12:11:56 -07:00 · e342f1ade7
commit e342f1ade7
parent b2691bcec6
3 changed files with 64 additions and 0 deletions
--- a/k8s/operators/kube-prometheus/grafana-deployment-patch.yaml
+++ b/k8s/operators/kube-prometheus/grafana-deployment-patch.yaml
@ -0,0 +1,5 @@
+- op: add
+  path: /spec/template/spec/containers/0/envFrom
+  value:
+    - secretRef:
+        name: grafana-secrets
--- a/k8s/operators/kube-prometheus/grafana.ini
+++ b/k8s/operators/kube-prometheus/grafana.ini
@ -0,0 +1,47 @@
+[server]
+domain = grafana.home.finn.io
+root_url = https://%(domain)s/
+
+[date_formats]
+default_timezone = America/Los_Angeles
+
+[analytics]
+reporting_enabled = false
+check_for_updates = false
+
+[security]
+strict_transport_security = true
+strict_transport_security_max_age_seconds = 86400
+strict_transport_security_subdomains = true
+
+[auth]
+disable_signout_menu = false
+oauth_auto_login = true
+
+[auth.generic_oauth]
+auto_login = true
+enabled = true
+name = Janky Solutions Auth
+client_id = $__env{OAUTH_CLIENT_ID}
+client_secret = $__env{OAUTH_CLIENT_SECRET}
+scopes = openid email profile offline_access roles
+email_attribute_path = email
+login_attribute_path = username
+name_attribute_path = full_name
+auth_url = https://auth.janky.solutions/realms/janky.solutions/protocol/openid-connect/auth
+token_url = https://auth.janky.solutions/realms/janky.solutions/protocol/openid-connect/token
+api_url = https://auth.janky.solutions/realms/janky.solutions/protocol/openid-connect/userinfo
+role_attribute_path = contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'
+allow_assign_grafana_admin = true
+
+[external_image_storage]
+provider = s3
+
+[external_image_storage.s3]
+endpoint = storage.home.finn.io
+path_style_access = true
+bucket = grafana
+region = sea-01
+;path = 
+access_key = BOx3M6NesE3HilaWg9PJ
+secret_key = $__env{S3_SECRET_ACCESS_KEY}
--- a/k8s/operators/kube-prometheus/kustomization.yaml
+++ b/k8s/operators/kube-prometheus/kustomization.yaml
@ -34,3 +34,15 @@ patches:
    target:
      kind: ClusterRole
      name: prometheus-k8s
+  
+  - path: grafana-deployment-patch.yaml
+    target:
+      kind: Deployment
+      name: grafana
+
+secretGenerator:
+  - name: grafana-config
+    namespace: monitoring
+    behavior: replace
+    files:
+      - grafana.ini