envFromSecret: grafana-admin nodeSelector: kubernetes.io/hostname: master.tail2fe2d.ts.net admin: existingSecret: grafana-admin userKey: username passwordKey: password grafana.ini: auth: signout_redirect_url: https://idm.hexor.cy/application/o/grafana/end-session/ # oauth_auto_login: true auth.generic_oauth: name: authentik enabled: true scopes: "openid profile email" auth_url: https://idm.hexor.cy/application/o/authorize/ token_url: https://idm.hexor.cy/application/o/token/ api_url: https://idm.hexor.cy/application/o/userinfo/ role_attribute_path: >- contains(groups, 'Grafana Admin') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || contains(groups, 'Grafana Viewer') && 'Viewer' database: type: postgres host: psql.psql.svc:5432 name: grafana user: grafana ssl_mode: disable datasources: datasources.yaml: apiVersion: 1 datasources: - name: Prometheus Local type: prometheus uid: prometheus url: http://prometheus-kube-prometheus-prometheus.prometheus.svc:9090 access: proxy isDefault: true - name: Loki type: loki uid: loki url: http://loki-gateway.prometheus.svc:80 access: proxy ingress: enabled: true ingressClassName: traefik annotations: cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd hosts: - gf.hexor.cy tls: - secretName: grafana-tls hosts: - '*.hexor.cy' extraConfigmapMounts: - name: grafana-alerting-rules mountPath: /etc/grafana/provisioning/alerting/rules.yaml configMap: grafana-alerting subPath: rules.yaml readOnly: true - name: grafana-alerting-contactpoints mountPath: /etc/grafana/provisioning/alerting/contactpoints.yaml configMap: grafana-alerting subPath: contactpoints.yaml readOnly: true - name: grafana-alerting-policies mountPath: /etc/grafana/provisioning/alerting/policies.yaml configMap: grafana-alerting subPath: policies.yaml readOnly: true envValueFrom: TELEGRAM_BOT_TOKEN: secretKeyRef: name: grafana-telegram key: bot-token TELEGRAM_CHAT_ID: secretKeyRef: name: grafana-telegram key: chat-id