diff --git a/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml b/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml index 9a482ca65..bd81abcea 100644 --- a/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml @@ -50,3 +50,26 @@ spec: remoteRef: key: /cl01tl/authentik/oidc/dawarich property: secret + +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: dawarich-metrics-credentials + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: dawarich-metrics-credentials + {{- include "custom.labels" . | nindent 4 }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: openbao + data: + - secretKey: user + remoteRef: + key: /cl01tl/dawarich/metrics + property: user + - secretKey: password + remoteRef: + key: /cl01tl/dawarich/metrics + property: password diff --git a/clusters/cl01tl/helm/dawarich/values.yaml b/clusters/cl01tl/helm/dawarich/values.yaml index 888d29b88..da39031c5 100644 --- a/clusters/cl01tl/helm/dawarich/values.yaml +++ b/clusters/cl01tl/helm/dawarich/values.yaml @@ -78,6 +78,16 @@ dawarich: value: 0.0.0.0 - name: PROMETHEUS_EXPORTER_PORT value: 9394 + - name: METRICS_USERNAME + valueFrom: + secretKeyRef: + name: dawarich-metrics-credentials + key: user + - name: METRICS_PASSWORD + valueFrom: + secretKeyRef: + name: dawarich-metrics-credentials + key: password - name: SECRET_KEY_BASE valueFrom: secretKeyRef: @@ -256,6 +266,13 @@ dawarich: interval: 30s scrapeTimeout: 15s path: /metrics + basicAuth: + password: + name: dawarich-metrics-credentials + key: password + username: + name: dawarich-metrics-credentials + key: user route: main: kind: HTTPRoute