grafana prometheus fix
This commit is contained in:
Raiko Oll
25
grafana.yaml
25
grafana.yaml
@@ -11,7 +11,7 @@ data:
|
|||||||
- name: Prometheus
|
- name: Prometheus
|
||||||
type: prometheus
|
type: prometheus
|
||||||
access: proxy
|
access: proxy
|
||||||
url: http://prometheus-operated.monitoring.svc.cluster.local:9090
|
url: http://prometheus.monitoring.svc.cluster.local:9090
|
||||||
isDefault: true
|
isDefault: true
|
||||||
editable: true
|
editable: true
|
||||||
|
|
||||||
@@ -72,7 +72,7 @@ spec:
|
|||||||
name: oidc-client-grafana-raiko-owner-secrets
|
name: oidc-client-grafana-raiko-owner-secrets
|
||||||
key: OIDC_CLIENT_SECRET
|
key: OIDC_CLIENT_SECRET
|
||||||
- name: GF_AUTH_GENERIC_OAUTH_SCOPES
|
- name: GF_AUTH_GENERIC_OAUTH_SCOPES
|
||||||
value: "openid profile"
|
value: "openid profile groups"
|
||||||
- name: GF_AUTH_GENERIC_OAUTH_AUTH_URL
|
- name: GF_AUTH_GENERIC_OAUTH_AUTH_URL
|
||||||
value: "https://auth.ee-lte-1.codemowers.io/auth"
|
value: "https://auth.ee-lte-1.codemowers.io/auth"
|
||||||
- name: GF_AUTH_GENERIC_OAUTH_TOKEN_URL
|
- name: GF_AUTH_GENERIC_OAUTH_TOKEN_URL
|
||||||
@@ -82,11 +82,10 @@ spec:
|
|||||||
- name: GF_AUTH_GENERIC_OAUTH_SIGNOUT_REDIRECT_URL
|
- name: GF_AUTH_GENERIC_OAUTH_SIGNOUT_REDIRECT_URL
|
||||||
value: "https://auth.ee-lte-1.codemowers.io/logout"
|
value: "https://auth.ee-lte-1.codemowers.io/logout"
|
||||||
|
|
||||||
# Auto-assign admin role
|
# Give Admin role to allowed group members
|
||||||
- name: GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH
|
- name: GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH
|
||||||
value: "contains(groups[*], 'admin') && 'Admin' || 'Editor'"
|
value: "contains(groups[*], 'github.com:codemowers:admins') && 'Admin' || 'Viewer'"
|
||||||
|
|
||||||
# Disable anonymous access
|
|
||||||
- name: GF_AUTH_ANONYMOUS_ENABLED
|
- name: GF_AUTH_ANONYMOUS_ENABLED
|
||||||
value: "false"
|
value: "false"
|
||||||
|
|
||||||
@@ -96,19 +95,6 @@ spec:
|
|||||||
- name: datasources
|
- name: datasources
|
||||||
mountPath: /etc/grafana/provisioning/datasources
|
mountPath: /etc/grafana/provisioning/datasources
|
||||||
|
|
||||||
readinessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /api/health
|
|
||||||
port: 3000
|
|
||||||
initialDelaySeconds: 10
|
|
||||||
periodSeconds: 10
|
|
||||||
|
|
||||||
livenessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /api/health
|
|
||||||
port: 3000
|
|
||||||
initialDelaySeconds: 30
|
|
||||||
periodSeconds: 10
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: datasources
|
- name: datasources
|
||||||
@@ -195,4 +181,7 @@ spec:
|
|||||||
availableScopes:
|
availableScopes:
|
||||||
- openid
|
- openid
|
||||||
- profile
|
- profile
|
||||||
|
- groups
|
||||||
|
allowedGroups:
|
||||||
|
- github.com:codemowers:admins
|
||||||
pkce: false
|
pkce: false
|
||||||
|
|||||||
Reference in New Issue
Block a user