apiVersion: helm.cattle.io/v1 kind: HelmChart metadata: name: prometheus namespace: monitoring spec: chart: kube-prometheus-stack targetNamespace: monitoring repo: https://prometheus-community.github.io/helm-charts # https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack version: 76.5.0 valuesContent: |- grafana: envValueFrom: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: secretKeyRef: name: authentik-oauth-client-secret key: client-secret defaultDashboardsTimezone: "US/Eastern" plugins: - victoriametrics-logs-datasource ingress: enabled: true ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: "letsencrypt-cluster-issuer" paths: - path: "/" pathType: Prefix hosts: - monitoring.keligrubb.com tls: - secretName: monitoring-tls hosts: - monitoring.keligrubb.com grafana.ini: server: root_url: https://monitoring.keligrubb.com auth: signout_redirect_url: "https://login.keligrubb.com/application/o/grafana/end-session/" oauth_auto_login: true auth.generic_oauth: name: authentik enabled: true client_id: "8hpxfQs7B1BNwlHx6PrAOYc2K5PMzU9Xig1ImXU9" scopes: "openid profile email" auth_url: "https://login.keligrubb.com/application/o/authorize/" token_url: "https://login.keligrubb.com/application/o/token/" api_url: "https://login.keligrubb.com/application/o/userinfo/" role_attribute_path: contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer' additionalDataSources: - name: VictoriaLogs type: victoriametrics-logs-datasource access: proxy basicAuth: false url: http://victoria-logs-victoria-logs-single-server.monitoring.svc.cluster.local:9428 config: auth: signout_redirect_url: "https://login.keligrubb.com/application/o/grafana/end-session/" oauth_auto_login: true auth.generic_oauth: name: authentik enabled: true client_id: "" client_secret: "" scopes: "openid profile email" auth_url: "https://login.keligrubb.com/application/o/authorize/" token_url: "https://login.keligrubb.com/application/o/token/" api_url: "https://login.keligrubb.com/application/o/userinfo/" role_attribute_path: "contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'" kubelet: serviceMonitor: metricRelabelings: - action: replace sourceLabels: - node targetLabel: instance kube-state-metrics: selfMonitor: enabled: true prometheus: selfMonitor: metricRelabelings: - action: replace regex: (.*) replacement: $1 sourceLabels: - __meta_kubernetes_pod_node_name targetLabel: kubernetes_node prometheus: ingress: enabled: true ingressClassName: nginx paths: - / hosts: - prometheus.keligrubb.com prometheusSpec: replicaExternalLabelName: "replica" ruleSelectorNilUsesHelmValues: false serviceMonitorSelectorNilUsesHelmValues: false podMonitorSelectorNilUsesHelmValues: false probeSelectorNilUsesHelmValues: fales retention: 14d retentionSize: "16GB" enableAdminAPI: true securityContext: runAsUser: 0 runAsNonRoot: false runAsGroup: 0 fsGroup: 65534 storageSpec: volumeClaimTemplate: spec: storageclassname: longhorn accessModes: - ReadWriteOnce resources: requests: storage: 16Gi