remove grafana

2025-05-14 23:34:18 -05:00
parent d4c358c546
commit 3652e982fa
6 changed files with 1 additions and 345 deletions
--- a/clusters/cl01tl/monitoring/grafana/Chart.yaml
+++ b/clusters/cl01tl/monitoring/grafana/Chart.yaml
@@ -1,21 +0,0 @@
-apiVersion: v2
-name: grafana
-version: 1.0.0
-description: Grafana
-keywords:
-  - grafana
-  - dashboard
-  - metrics
-  - logs
-home: https://wiki.alexlebens.dev/s/3e5723e1-2ab7-45ab-b496-b8854907fa39
-sources:
-  - https://github.com/grafana/grafana
-  - https://github.com/grafana/helm-charts/tree/main/charts/grafana
-maintainers:
-  - name: alexlebens
-dependencies:
-  - name: grafana
-    version: 9.0.0
-    repository: https://grafana.github.io/helm-charts
-icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png
-appVersion: 12.0.0
--- a/clusters/cl01tl/monitoring/grafana/templates/external-secret.yaml
+++ b/clusters/cl01tl/monitoring/grafana/templates/external-secret.yaml
@@ -1,121 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: grafana-auth-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: admin-user
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/grafana/auth
-        metadataPolicy: None
-        property: admin-user
-    - secretKey: admin-password
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/grafana/auth
-        metadataPolicy: None
-        property: admin-password
-
---
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: grafana-oauth-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /authentik/oidc/grafana
-        metadataPolicy: None
-        property: client
-    - secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /authentik/oidc/grafana
-        metadataPolicy: None
-        property: secret
-
---
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: grafana-backup-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: grafana-backup-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: backup
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  target:
-    template:
-      mergePolicy: Merge
-      engineVersion: v2
-      data:
-        RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/grafana/grafana"
-  data:
-    - secretKey: BUCKET_ENDPOINT
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: S3_BUCKET_ENDPOINT
-    - secretKey: RESTIC_PASSWORD
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: RESTIC_PASSWORD
-    - secretKey: AWS_DEFAULT_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: AWS_DEFAULT_REGION
-    - secretKey: AWS_ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: access_key
-    - secretKey: AWS_SECRET_ACCESS_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: secret_key
--- a/clusters/cl01tl/monitoring/grafana/templates/http-route.yaml
+++ b/clusters/cl01tl/monitoring/grafana/templates/http-route.yaml
@@ -1,30 +0,0 @@
-# apiVersion: gateway.networking.k8s.io/v1
-# kind: HTTPRoute
-# metadata:
-#   name: http-route-grafana
-#   namespace: {{ .Release.Namespace }}
-#   labels:
-#     app.kubernetes.io/name: http-route-grafana
-#     app.kubernetes.io/instance: {{ .Release.Name }}
-#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
-#     app.kubernetes.io/component: web
-#     app.kubernetes.io/part-of: {{ .Release.Name }}
-# spec:
-#   parentRefs:
-#     - group: gateway.networking.k8s.io
-#       kind: Gateway
-#       name: traefik-gateway
-#       namespace: traefik
-#   hostnames:
-#     - grafana.alexlebens.net
-#   rules:
-#     - matches:
-#       - path:
-#           type: PathPrefix
-#           value: /
-#       backendRefs:
-#         - group: ''
-#           kind: Service
-#           name: grafana
-#           port: 80
-#           weight: 100
--- a/clusters/cl01tl/monitoring/grafana/templates/replication-source.yaml
+++ b/clusters/cl01tl/monitoring/grafana/templates/replication-source.yaml
@@ -1,30 +0,0 @@
-apiVersion: volsync.backube/v1alpha1
-kind: ReplicationSource
-metadata:
-  name: grafana-backup-source
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: grafana-backup-source
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: backup
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  sourcePVC: grafana
-  trigger:
-    schedule: 0 4 * * *
-  restic:
-    pruneIntervalDays: 7
-    repository: grafana-backup-secret
-    retain:
-      hourly: 1
-      daily: 3
-      weekly: 2
-      monthly: 2
-      yearly: 4
-    moverSecurityContext:
-      runAsUser: 472
-      runAsGroup: 472
-    copyMethod: Snapshot
-    storageClassName: ceph-block
-    volumeSnapshotClassName: ceph-blockpool-snapshot
--- a/clusters/cl01tl/monitoring/grafana/values.yaml
+++ b/clusters/cl01tl/monitoring/grafana/values.yaml
@@ -1,142 +0,0 @@
-grafana:
-  deploymentStrategy:
-    type: Recreate
-  createConfigmap: true
-  serviceMonitor:
-    enabled: true
-  ingress:
-    enabled: false
-  persistence:
-    enabled: true
-    storageClassName: ceph-block
-  admin:
-    existingSecret: grafana-auth-secret
-    userKey: admin-user
-    passwordKey: admin-password
-  envFromSecret: grafana-oauth-secret
-  plugins:
-    - grafana-clock-panel
-    - grafana-worldmap-panel
-    - grafana-lokiexplore-app
-    - isovalent-hubble-datasource
-    - marcusolsson-treemap-panel
-    - camptocamp-prometheus-alertmanager-datasource
-  datasources:
-    datasources.yaml:
-      apiVersion: 1
-      datasources:
-        - name: Prometheus
-          type: prometheus
-          uid: prometheus
-          url: http://kube-prometheus-stack-prometheus.kube-prometheus-stack:9090/
-          access: proxy
-          isDefault: true
-          jsonData:
-            timeInterval: 30s
-        - name: Loki
-          type: loki
-          url: http://loki.loki:3100
-          jsonData:
-            httpHeaderName1: "X-Scope-OrgID"
-          secureJsonData:
-            httpHeaderValue1: "1"
-  dashboardProviders:
-    dashboardproviders.yaml:
-      apiVersion: 1
-      providers:
-        - name: "app-gitea"
-          orgId: 1
-          folder: "Application"
-          type: file
-          disableDeletion: true
-          editable: false
-          options:
-            path: /var/lib/grafana/dashboards/app-gitea
-        - name: "srv-gitea"
-          orgId: 1
-          folder: "Service"
-          type: file
-          disableDeletion: true
-          editable: false
-          options:
-            path: /var/lib/grafana/dashboards/srv-gitea
-        - name: "sys-gitea"
-          orgId: 1
-          folder: "System"
-          type: file
-          disableDeletion: true
-          editable: false
-          options:
-            path: /var/lib/grafana/dashboards/sys-gitea
-  dashboards:
-    app-gitea:
-      immich:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/immich.json
-      radarr:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/radarr.json
-      sonarr:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/sonarr.json
-    srv-gitea:
-      argocd:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/argocd.json
-      authentik:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/authentik.json
-      blocky:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/blocky.json
-      cert-manager:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cert-manager.json
-      cloudnativepg:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cloudnativepg.json
-      coredns:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/coredns.json
-      descheduler:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/descheduler.json
-      minio:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/minio.json
-      speedtest-exporter:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/speedtest-exporter.json
-      spegel:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/spegel.json
-      traefik:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/traefik.json
-      trivy:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/trivy.json
-      unpoller:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/unpoller.json
-      vault:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/vault.json
-      volsync:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/volsync.json
-    sys-gitea:
-      ceph:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/ceph.json
-      etcd:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/etcd.json
-      loki:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/loki.json
-      node-full:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-full.json
-      node-short:
-        url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-short.json
-  grafana.ini:
-    analytics:
-      check_for_updates: false
-    server:
-      domain: alexlebens.net
-      root_url: https://grafana.alexlebens.net
-    users:
-      auto_assign_org: true
-      auto_assign_org_id: 1
-    auth:
-      disable_login_form: true
-      oauth_auto_login: true
-      signout_redirect_url: https://authentik.alexlebens.net/application/o/grafana/end-session/
-    auth.generic_oauth:
-      enabled: true
-      name: Authentik
-      allow_sign_up: true
-      scopes: openid profile email
-      auth_url: https://authentik.alexlebens.net/application/o/authorize/
-      token_url: https://authentik.alexlebens.net/application/o/token/
-      api_url: https://authentik.alexlebens.net/application/o/userinfo/
-      role_attribute_path: contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'
--- a/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml
+++ b/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml
@@ -97,7 +97,7 @@ kube-prometheus-stack:
        - freshrss
        - generic-device-plugin
        - gitea
-        - grafana
+        - grafana-operator
        - harbor
        - hoarder
        - home-assistant