157 lines
4.0 KiB
YAML
157 lines
4.0 KiB
YAML
kube-prometheus-stack:
|
|
crds:
|
|
enabled: false
|
|
defaultRules:
|
|
create: true
|
|
rules:
|
|
kubeControllerManager: false
|
|
kubeSchedulerAlerting: false
|
|
kubeSchedulerRecording: false
|
|
global:
|
|
rbac:
|
|
create: true
|
|
createAggregateClusterRoles: true
|
|
alertmanager:
|
|
enabled: true
|
|
config:
|
|
route:
|
|
group_by: ["namespace","alertname"]
|
|
group_wait: 30s
|
|
group_interval: 5m
|
|
repeat_interval: 24h
|
|
receiver: discord
|
|
routes:
|
|
- receiver: "null"
|
|
matchers:
|
|
- alertname = "Watchdog"
|
|
- receiver: 'pushover'
|
|
group_wait: 10s
|
|
group_interval: 5m
|
|
repeat_interval: 24h
|
|
matchers:
|
|
- severity = "critical"
|
|
receivers:
|
|
- name: "null"
|
|
- name: discord
|
|
discord_configs:
|
|
- send_resolved: true
|
|
webhook_url: https://discord.com/api/webhooks/1215465356315983922/CSaWG3SygslTNQo0uw07FB-0eKGl9nw2kDAqbAfH7JMe1ExVin8UvjlP4qkJoEyjDawz
|
|
- name: pushover
|
|
pushover_configs:
|
|
- send_resolved: true
|
|
user_key_file: /etc/alertmanager/secrets/alertmanager-config-secret/user_key
|
|
token_file: /etc/alertmanager/secrets/alertmanager-config-secret/pushover_token
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
|
hosts:
|
|
- alertmanager.alexlebens.net
|
|
tls:
|
|
- secretName: alertmanager-secret-tls
|
|
hosts:
|
|
- alertmanager.alexlebens.net
|
|
alertmanagerSpec:
|
|
secrets:
|
|
- alertmanager-config-secret
|
|
replicas: 1
|
|
externalUrl: https://alertmanager.alexlebens.net
|
|
grafana:
|
|
enabled: false
|
|
kubeApiServer:
|
|
tlsConfig:
|
|
insecureSkipVerify: true
|
|
kubeControllerManager:
|
|
enabled: false
|
|
kubeScheduler:
|
|
enabled: false
|
|
kubeProxy:
|
|
enabled: false
|
|
kube-state-metrics:
|
|
selfMonitor:
|
|
enabled: true
|
|
nodeExporter:
|
|
operatingSystems:
|
|
darwin:
|
|
enabled: false
|
|
prometheusOperator:
|
|
admissionWebhooks:
|
|
enabled: true
|
|
namespaces:
|
|
releaseNamespace: true
|
|
additional:
|
|
- kube-system
|
|
- argo-workflows
|
|
- argocd
|
|
- authentik
|
|
- cert-manager
|
|
- cloudnative-pg
|
|
- descheduler
|
|
- external-dns
|
|
- freshrss
|
|
- ghost
|
|
- gitea
|
|
- grafana
|
|
- home-assistant
|
|
- koel
|
|
- kyoo
|
|
- lidarr2
|
|
- linkwarden
|
|
- local-static-provisioner
|
|
- loki
|
|
- matrix-synapse
|
|
- outline
|
|
- penpot
|
|
- qbittorrent
|
|
- radarr5
|
|
- radarr5-4k
|
|
- readarr-audiobooks
|
|
- readarr-books
|
|
- reloader
|
|
- rook-ceph
|
|
- roundcube
|
|
- sonarr4
|
|
- sonarr4-4k
|
|
- speedtest-exporter
|
|
- stalwart
|
|
- taiga
|
|
- tdarr
|
|
- traefik
|
|
- trivy
|
|
- unpoller
|
|
- vault
|
|
- vaultwarden
|
|
- vikunja
|
|
- volsync
|
|
prometheus:
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
|
hosts:
|
|
- prometheus.alexlebens.net
|
|
tls:
|
|
- secretName: prometheus-secret-tls
|
|
hosts:
|
|
- prometheus.alexlebens.net
|
|
prometheusSpec:
|
|
scrapeInterval: 30s
|
|
retention: 30d
|
|
externalUrl: https://prometheus.alexlebens.net
|
|
serviceMonitorSelectorNilUsesHelmValues: false
|
|
podMonitorSelectorNilUsesHelmValues: false
|
|
storageSpec:
|
|
volumeClaimTemplate:
|
|
spec:
|
|
storageClassName: ceph-block
|
|
accessModes: ["ReadWriteOnce"]
|
|
resources:
|
|
requests:
|
|
storage: 100Gi
|