From 3652e982fa0acc596256c04851bb42a7b9607908 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Wed, 14 May 2025 23:34:18 -0500 Subject: [PATCH] remove grafana --- clusters/cl01tl/monitoring/grafana/Chart.yaml | 21 --- .../grafana/templates/external-secret.yaml | 121 --------------- .../grafana/templates/http-route.yaml | 30 ---- .../grafana/templates/replication-source.yaml | 30 ---- .../cl01tl/monitoring/grafana/values.yaml | 142 ------------------ .../kube-prometheus-stack/values.yaml | 2 +- 6 files changed, 1 insertion(+), 345 deletions(-) delete mode 100644 clusters/cl01tl/monitoring/grafana/Chart.yaml delete mode 100644 clusters/cl01tl/monitoring/grafana/templates/external-secret.yaml delete mode 100644 clusters/cl01tl/monitoring/grafana/templates/http-route.yaml delete mode 100644 clusters/cl01tl/monitoring/grafana/templates/replication-source.yaml delete mode 100644 clusters/cl01tl/monitoring/grafana/values.yaml diff --git a/clusters/cl01tl/monitoring/grafana/Chart.yaml b/clusters/cl01tl/monitoring/grafana/Chart.yaml deleted file mode 100644 index b06c9b0af..000000000 --- a/clusters/cl01tl/monitoring/grafana/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: grafana -version: 1.0.0 -description: Grafana -keywords: - - grafana - - dashboard - - metrics - - logs -home: https://wiki.alexlebens.dev/s/3e5723e1-2ab7-45ab-b496-b8854907fa39 -sources: - - https://github.com/grafana/grafana - - https://github.com/grafana/helm-charts/tree/main/charts/grafana -maintainers: - - name: alexlebens -dependencies: - - name: grafana - version: 9.0.0 - repository: https://grafana.github.io/helm-charts -icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png -appVersion: 12.0.0 diff --git a/clusters/cl01tl/monitoring/grafana/templates/external-secret.yaml b/clusters/cl01tl/monitoring/grafana/templates/external-secret.yaml deleted file mode 100644 index 3e4825a45..000000000 --- a/clusters/cl01tl/monitoring/grafana/templates/external-secret.yaml +++ /dev/null @@ -1,121 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: grafana-auth-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: admin-user - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/grafana/auth - metadataPolicy: None - property: admin-user - - secretKey: admin-password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/grafana/auth - metadataPolicy: None - property: admin-password - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: grafana-oauth-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/grafana - metadataPolicy: None - property: client - - secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/grafana - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: grafana-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: grafana-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/grafana/grafana" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/cl01tl/monitoring/grafana/templates/http-route.yaml b/clusters/cl01tl/monitoring/grafana/templates/http-route.yaml deleted file mode 100644 index 3d1459d81..000000000 --- a/clusters/cl01tl/monitoring/grafana/templates/http-route.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# apiVersion: gateway.networking.k8s.io/v1 -# kind: HTTPRoute -# metadata: -# name: http-route-grafana -# namespace: {{ .Release.Namespace }} -# labels: -# app.kubernetes.io/name: http-route-grafana -# app.kubernetes.io/instance: {{ .Release.Name }} -# app.kubernetes.io/version: {{ .Chart.AppVersion }} -# app.kubernetes.io/component: web -# app.kubernetes.io/part-of: {{ .Release.Name }} -# spec: -# parentRefs: -# - group: gateway.networking.k8s.io -# kind: Gateway -# name: traefik-gateway -# namespace: traefik -# hostnames: -# - grafana.alexlebens.net -# rules: -# - matches: -# - path: -# type: PathPrefix -# value: / -# backendRefs: -# - group: '' -# kind: Service -# name: grafana -# port: 80 -# weight: 100 diff --git a/clusters/cl01tl/monitoring/grafana/templates/replication-source.yaml b/clusters/cl01tl/monitoring/grafana/templates/replication-source.yaml deleted file mode 100644 index e33b91638..000000000 --- a/clusters/cl01tl/monitoring/grafana/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: grafana-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: grafana-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: grafana - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: grafana-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 472 - runAsGroup: 472 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/monitoring/grafana/values.yaml b/clusters/cl01tl/monitoring/grafana/values.yaml deleted file mode 100644 index ec1e8997f..000000000 --- a/clusters/cl01tl/monitoring/grafana/values.yaml +++ /dev/null @@ -1,142 +0,0 @@ -grafana: - deploymentStrategy: - type: Recreate - createConfigmap: true - serviceMonitor: - enabled: true - ingress: - enabled: false - persistence: - enabled: true - storageClassName: ceph-block - admin: - existingSecret: grafana-auth-secret - userKey: admin-user - passwordKey: admin-password - envFromSecret: grafana-oauth-secret - plugins: - - grafana-clock-panel - - grafana-worldmap-panel - - grafana-lokiexplore-app - - isovalent-hubble-datasource - - marcusolsson-treemap-panel - - camptocamp-prometheus-alertmanager-datasource - datasources: - datasources.yaml: - apiVersion: 1 - datasources: - - name: Prometheus - type: prometheus - uid: prometheus - url: http://kube-prometheus-stack-prometheus.kube-prometheus-stack:9090/ - access: proxy - isDefault: true - jsonData: - timeInterval: 30s - - name: Loki - type: loki - url: http://loki.loki:3100 - jsonData: - httpHeaderName1: "X-Scope-OrgID" - secureJsonData: - httpHeaderValue1: "1" - dashboardProviders: - dashboardproviders.yaml: - apiVersion: 1 - providers: - - name: "app-gitea" - orgId: 1 - folder: "Application" - type: file - disableDeletion: true - editable: false - options: - path: /var/lib/grafana/dashboards/app-gitea - - name: "srv-gitea" - orgId: 1 - folder: "Service" - type: file - disableDeletion: true - editable: false - options: - path: /var/lib/grafana/dashboards/srv-gitea - - name: "sys-gitea" - orgId: 1 - folder: "System" - type: file - disableDeletion: true - editable: false - options: - path: /var/lib/grafana/dashboards/sys-gitea - dashboards: - app-gitea: - immich: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/immich.json - radarr: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/radarr.json - sonarr: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/sonarr.json - srv-gitea: - argocd: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/argocd.json - authentik: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/authentik.json - blocky: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/blocky.json - cert-manager: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cert-manager.json - cloudnativepg: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cloudnativepg.json - coredns: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/coredns.json - descheduler: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/descheduler.json - minio: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/minio.json - speedtest-exporter: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/speedtest-exporter.json - spegel: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/spegel.json - traefik: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/traefik.json - trivy: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/trivy.json - unpoller: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/unpoller.json - vault: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/vault.json - volsync: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/volsync.json - sys-gitea: - ceph: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/ceph.json - etcd: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/etcd.json - loki: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/loki.json - node-full: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-full.json - node-short: - url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-short.json - grafana.ini: - analytics: - check_for_updates: false - server: - domain: alexlebens.net - root_url: https://grafana.alexlebens.net - users: - auto_assign_org: true - auto_assign_org_id: 1 - auth: - disable_login_form: true - oauth_auto_login: true - signout_redirect_url: https://authentik.alexlebens.net/application/o/grafana/end-session/ - auth.generic_oauth: - enabled: true - name: Authentik - allow_sign_up: true - scopes: openid profile email - auth_url: https://authentik.alexlebens.net/application/o/authorize/ - token_url: https://authentik.alexlebens.net/application/o/token/ - api_url: https://authentik.alexlebens.net/application/o/userinfo/ - role_attribute_path: contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer' diff --git a/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml b/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml index 5ff13c31c..357baa092 100644 --- a/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml +++ b/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml @@ -97,7 +97,7 @@ kube-prometheus-stack: - freshrss - generic-device-plugin - gitea - - grafana + - grafana-operator - harbor - hoarder - home-assistant