k8s/core/prom-stack/grafana-values.yaml

envFromSecret: grafana-admin
nodeSelector:
  kubernetes.io/hostname: master.tail2fe2d.ts.net

admin:
  existingSecret: grafana-admin
  userKey: username
  passwordKey: password

grafana.ini:
  auth:
    signout_redirect_url: https://idm.hexor.cy/application/o/grafana/end-session/
    # oauth_auto_login: true
  auth.generic_oauth:
    name: authentik
    enabled: true
    scopes: "openid profile email"
    auth_url: https://idm.hexor.cy/application/o/authorize/
    token_url: https://idm.hexor.cy/application/o/token/
    api_url: https://idm.hexor.cy/application/o/userinfo/
    role_attribute_path: >-
      contains(groups, 'Grafana Admin') && 'Admin' ||
      contains(groups, 'Grafana Editors') && 'Editor' ||
      contains(groups, 'Grafana Viewer') && 'Viewer'
  database:
    type: postgres
    host: psql.psql.svc:5432
    name: grafana
    user: grafana
    ssl_mode: disable

datasources:
  datasources.yaml:
    apiVersion: 1
    datasources:
      - name: Prometheus Local
        type: prometheus
        url: http://prometheus-kube-prometheus-prometheus.prometheus.svc:9090
        access: proxy
        isDefault: true
      - name: Loki
        type: loki
        url: http://loki-gateway.prometheus.svc:80
        access: proxy

ingress:
  enabled: true
  ingressClassName: traefik
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd
  hosts:
    - gf.hexor.cy
  tls:
    - secretName: grafana-tls
      hosts:
        - '*.hexor.cy'

extraConfigmapMounts:
  - name: grafana-alerting-rules
    mountPath: /etc/grafana/provisioning/alerting/rules.yaml
    configMap: grafana-alerting
    subPath: rules.yaml
    readOnly: true
  - name: grafana-alerting-contactpoints
    mountPath: /etc/grafana/provisioning/alerting/contactpoints.yaml
    configMap: grafana-alerting
    subPath: contactpoints.yaml
    readOnly: true
  - name: grafana-alerting-policies
    mountPath: /etc/grafana/provisioning/alerting/policies.yaml
    configMap: grafana-alerting
    subPath: policies.yaml
    readOnly: true

envValueFrom:
  TELEGRAM_BOT_TOKEN:
    secretKeyRef:
      name: grafana-telegram
      key: bot-token
  TELEGRAM_CHAT_ID:
    secretKeyRef:
      name: grafana-telegram
      key: chat-id
Added prom-stack 2025-04-12 14:06:50 +01:00			`envFromSecret: grafana-admin`
			`nodeSelector:`
			`kubernetes.io/hostname: master.tail2fe2d.ts.net`

			`admin:`
			`existingSecret: grafana-admin`
			`userKey: username`
			`passwordKey: password`

			`grafana.ini:`
			`auth:`
			`signout_redirect_url: https://idm.hexor.cy/application/o/grafana/end-session/`
Update k8s/core/prometheus/grafana-values.yaml 2025-10-06 13:07:16 +00:00			`# oauth_auto_login: true`
Added prom-stack 2025-04-12 14:06:50 +01:00			`auth.generic_oauth:`
			`name: authentik`
			`enabled: true`
			`scopes: "openid profile email"`
			`auth_url: https://idm.hexor.cy/application/o/authorize/`
			`token_url: https://idm.hexor.cy/application/o/token/`
			`api_url: https://idm.hexor.cy/application/o/userinfo/`
			`role_attribute_path: >-`
			`contains(groups, 'Grafana Admin') && 'Admin' \|\|`
			`contains(groups, 'Grafana Editors') && 'Editor' \|\|`
			`contains(groups, 'Grafana Viewer') && 'Viewer'`
			`database:`
			`type: postgres`
			`host: psql.psql.svc:5432`
			`name: grafana`
			`user: grafana`
			`ssl_mode: disable`

			`datasources:`
			`datasources.yaml:`
			`apiVersion: 1`
			`datasources:`
			`- name: Prometheus Local`
			`type: prometheus`
			`url: http://prometheus-kube-prometheus-prometheus.prometheus.svc:9090`
			`access: proxy`
			`isDefault: true`
Added loki 2026-01-07 14:55:42 +00:00			`- name: Loki`
			`type: loki`
			`url: http://loki-gateway.prometheus.svc:80`
			`access: proxy`
Added prom-stack 2025-04-12 14:06:50 +01:00
			`ingress:`
			`enabled: true`
			`ingressClassName: traefik`
			`annotations:`
			`cert-manager.io/cluster-issuer: letsencrypt`
			`traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd`
			`hosts:`
			`- gf.hexor.cy`
			`tls:`
			`- secretName: grafana-tls`
			`hosts:`
			`- '*.hexor.cy'`

Configured alerts in grafana and TG endpoint 2026-01-08 15:55:37 +00:00			`extraConfigmapMounts:`
Configured alerts in grafana and TG endpoint 2026-01-08 16:15:14 +00:00			`- name: grafana-alerting-rules`
			`mountPath: /etc/grafana/provisioning/alerting/rules.yaml`
Configured alerts in grafana and TG endpoint 2026-01-08 15:55:37 +00:00			`configMap: grafana-alerting`
Configured alerts in grafana and TG endpoint 2026-01-08 16:15:14 +00:00			`subPath: rules.yaml`
			`readOnly: true`
			`- name: grafana-alerting-contactpoints`
			`mountPath: /etc/grafana/provisioning/alerting/contactpoints.yaml`
			`configMap: grafana-alerting`
			`subPath: contactpoints.yaml`
			`readOnly: true`
			`- name: grafana-alerting-policies`
			`mountPath: /etc/grafana/provisioning/alerting/policies.yaml`
			`configMap: grafana-alerting`
			`subPath: policies.yaml`
Configured alerts in grafana and TG endpoint 2026-01-08 15:55:37 +00:00			`readOnly: true`

			`envValueFrom:`
			`TELEGRAM_BOT_TOKEN:`
			`secretKeyRef:`
			`name: grafana-telegram`
			`key: bot-token`
			`TELEGRAM_CHAT_ID:`
			`secretKeyRef:`
			`name: grafana-telegram`
			`key: chat-id`