1
0
Fork 0

Compare commits

..

2 Commits

Author SHA1 Message Date
Massaki Archambault c2c5aff42f grafana oauth configuration 2022-08-28 18:29:26 -04:00
Massaki Archambault fe75573c34 perform image updates 2022-08-28 18:29:06 -04:00
10 changed files with 46 additions and 26 deletions

View File

@ -36,6 +36,8 @@ spec:
value: repo.wiki value: repo.wiki
- name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS - name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS
value: repo.code,repo.releases value: repo.code,repo.releases
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
value: ${DRONE_EXTERNAL_HOST}
ports: ports:
- name: http - name: http
containerPort: 3000 containerPort: 3000

View File

@ -1,10 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: grafana-agent-wal-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi

View File

@ -1,6 +1,5 @@
resources: resources:
- https://raw.githubusercontent.com/grafana/agent/v0.24.2/production/kubernetes/agent-bare.yaml - https://raw.githubusercontent.com/grafana/agent/v0.24.2/production/kubernetes/agent-bare.yaml
- grafana-agent-volume.yaml
secretGenerator: secretGenerator:
- name: grafana-agent - name: grafana-agent

View File

@ -29,12 +29,13 @@ spec:
env: env:
- name: GF_SERVER_DOMAIN - name: GF_SERVER_DOMAIN
value: ${GRAFANA_EXTERNAL_HOST} value: ${GRAFANA_EXTERNAL_HOST}
- name: GF_SERVER_ROOT_URL
value: https://${GRAFANA_EXTERNAL_HOST}/
# - name: GF_AUTH_ANONYMOUS_ENABLED # - name: GF_AUTH_ANONYMOUS_ENABLED
# value: "true" # value: "true"
- name: GF_INSTALL_PLUGINS - name: GF_INSTALL_PLUGINS
value: marcusolsson-json-datasource,marcusolsson-treemap-panel value: marcusolsson-json-datasource,marcusolsson-treemap-panel
- name: GF_FEATURE_TOGGLES_ENABLE args: ['--config', '/etc/grafana/provisioning/config/custom.ini']
value: ngalert
readinessProbe: readinessProbe:
failureThreshold: 3 failureThreshold: 3
httpGet: httpGet:
@ -66,12 +67,17 @@ spec:
volumeMounts: volumeMounts:
- name: grafana-datasources - name: grafana-datasources
mountPath: /etc/grafana/provisioning/datasources mountPath: /etc/grafana/provisioning/datasources
- name: grafana-config
mountPath: /etc/grafana/provisioning/config
- mountPath: /var/lib/grafana - mountPath: /var/lib/grafana
name: grafana-pv name: grafana-pv
volumes: volumes:
- name: grafana-datasources - name: grafana-datasources
configMap: configMap:
name: grafana-datasources name: grafana-datasources
- name: grafana-config
secret:
secretName: grafana-config
- name: grafana-pv - name: grafana-pv
persistentVolumeClaim: persistentVolumeClaim:
claimName: grafana-pvc claimName: grafana-pvc

View File

@ -7,6 +7,12 @@ configMapGenerator:
files: files:
- datasources.yaml=provision/datasources.yaml - datasources.yaml=provision/datasources.yaml
secretGenerator:
- name: grafana-config
type: Opaque
literals:
- custom.ini=
# secretGenerator: # secretGenerator:
# - name: postgres-credentials # - name: postgres-credentials
# type: Opaque # type: Opaque

View File

@ -6,7 +6,7 @@ metadata:
spec: spec:
repo: https://charts.longhorn.io repo: https://charts.longhorn.io
chart: longhorn chart: longhorn
version: 1.2.4 version: 1.3.0
targetNamespace: longhorn-system targetNamespace: longhorn-system
set: set:
backupTargetCredentialSecret: s3-backupstore-credentials backupTargetCredentialSecret: s3-backupstore-credentials
@ -15,7 +15,7 @@ spec:
backupTarget: s3://longhorn-backups@home/ backupTarget: s3://longhorn-backups@home/
defaultReplicaCount: 2 defaultReplicaCount: 2
defaultDataLocality: best-effort defaultDataLocality: best-effort
replicaAutoBalance: best-effort replicaAutoBalance: least-effort
taintToleration: "kubernetes.io/arch:" taintToleration: "kubernetes.io/arch:"
longhornManager: longhornManager:
tolerations: tolerations:

View File

@ -7,6 +7,6 @@ spec:
cron: "0 8 * * 2" cron: "0 8 * * 2"
task: "backup" task: "backup"
groups: groups:
- default - backup
retain: 2 retain: 2
concurrency: 1 concurrency: 1

View File

@ -30,6 +30,10 @@ spec:
operator: In operator: In
values: values:
- amd64 - amd64
tolerations:
- key: kubernetes.io/arch
operator: Equal
value: amd64
containers: containers:
- name: nextcloud - name: nextcloud
image: nextcloud image: nextcloud

View File

@ -0,0 +1,9 @@
[auth.generic_oauth]
enabled = true
allow_sign_up = false
client_id = 5yCpX9YovdrEuBpy69438S8GzCUJZLxqFl4rOcIpjBHICRpJzjv56VMxslKj7iqm
client_secret = ${ssm:/k3s/prod/nextcloud/oidc/grafana/client_secret}
scopes = openid profile email
auth_url = https://cloud.badjware.dev/apps/oidc/authorize
token_url = https://cloud.badjware.dev/apps/oidc/token
api_url = https://cloud.badjware.dev/apps/oidc/userinfo

View File

@ -5,33 +5,31 @@ bases:
- ../../namespaces/monitoring - ../../namespaces/monitoring
- ../../namespaces/nextcloud - ../../namespaces/nextcloud
resources: # resources:
- probes/external-services-bobcat-miner.yaml # - probes/external-services-bobcat-miner.yaml
images: images:
- name: gitea/gitea - name: gitea/gitea
newTag: 1.15.7 newTag: 1.16.9
- name: grafana/grafana - name: grafana/grafana
newTag: 8.5.3 newTag: 9.0.4
- name: prom/node-exporter # - name: prom/node-exporter
newTag: v0.18.1 # newTag: v0.18.1
- name: prom/blackbox-exporter - name: prom/blackbox-exporter
newName: badjware/blackbox-exporter-tweak newName: badjware/blackbox-exporter-tweak
newTag: 0.19.0-1 newTag: 0.21.1
- name: drone/drone - name: drone/drone
newTag: 2.7.0 newTag: 2.7.0
- name: drone/drone-runner-kube - name: drone/drone-runner-kube
newTag: 1.0.0-rc.2 newTag: 1.0.0-rc.2
- name: nextcloud - name: nextcloud
newName: badjware/nextcloud-tweak newName: badjware/nextcloud-tweak
newTag: 22.2.3-3 newTag: 24.0.3
- name: postgres - name: postgres
newTag: 9.6.23 newTag: 9.6.23
- name: redis - name: redis
newTag: 6.2.5 newTag: 6.2.5
configMapGenerator: []
secretGenerator: secretGenerator:
- name: drone-secret - name: drone-secret
type: Opaque type: Opaque
@ -67,6 +65,12 @@ secretGenerator:
behavior: replace behavior: replace
files: files:
- agent.yaml=configurations/grafana-agent/agent.yaml - agent.yaml=configurations/grafana-agent/agent.yaml
- name: grafana-config
type: Opaque
namespace: grafana
behavior: replace
files:
- custom.ini=configurations/grafana/custom.ini
# - name: grafana-cloud-credentials # - name: grafana-cloud-credentials
# type: Opaque # type: Opaque
# namespace: monitoring # namespace: monitoring