openstack/openstack-helm-infra
Code Issues Proposed changes
367bed952f
openstack-helm-infra/grafana/values_overrides/tls.yaml
Lo, Chi (cl566n) 181cbf5599 Secure ingress path for Grafana and Kibana 
The change enables TLS for the ingress path of
Grafana and Kibana.

Change-Id: I1bca5a3d78421873bff275d315ec0cca6682a498
2021-05-12 08:50:28 -07:00

40 lines
1.1 KiB
YAML
Raw Blame History

---
conf:
grafana:
database:
ssl_mode: true
ca_cert_path: /etc/mysql/certs/ca.crt
client_key_path: /etc/mysql/certs/tls.key
client_cert_path: /etc/mysql/certs/tls.crt
provisioning:
datasources:
template: |
{{ $prom_host := tuple "monitoring" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
{{ $prom_uri := printf "https://%s" $prom_host }}
apiVersion: 1
datasources:
- name: prometheus
type: prometheus
access: proxy
orgId: 1
editable: true
basicAuth: true
basicAuthUser: {{ .Values.endpoints.monitoring.auth.user.username }}
jsonData:
tlsAuthWithCACert: true
secureJsonData:
basicAuthPassword: {{ .Values.endpoints.monitoring.auth.user.password }}
tlsCACert: $CACERT
url: {{ $prom_uri }}
endpoints:
grafana:
host_fqdn_override:
default:
tls:
issuerRef:
name: ca-issuer
kind: ClusterIssuer
manifests:
certificates: true
...
View Git Blame Copy Permalink