thomasklein/terraform-app-grafana
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
41a687a5abf177eb478275c5c010b9555f7f1a53
terraform-app-grafana/helm.tf

78 lines
2.1 KiB
HCL
Raw Blame History

resource "helm_release" "this" {
name = "grafana"
namespace = kubernetes_namespace.this.metadata.0.name
repository = "https://grafana.github.io/helm-charts"
chart = "grafana"
version = "6.50.7"
values = [
jsonencode({
ingress = {
enabled = true
hosts = [local.ingress_domain]
ingressClassName = "traefik"
annotations = {
"cert-manager.io/cluster-issuer" = "acme-thomasklein-me"
}
labels = {}
tls = [
{
hosts = [local.ingress_domain]
secretName = "grafana-thomasklein-me-tls"
}
]
}
}),
jsonencode({
persistence = {
enabled = "true"
type = "pvc"
existingClaim = module.grafana_persistance.pvc_name
}
}),
jsonencode({
"grafana.ini" = {
server = {
root_url = "https://${local.ingress_domain}"
}
"auth.anonymous" = {
enabled = true
org_role = "Viewer"
hide_version = true
}
"smtp" = {
enabled = true
host = "smtp.lawndale.:25"
from = "noreply@grafana.thomasklein.me"
from_name = "Grafana"
}
}
}),
jsonencode({
envRenderSecret = {
GF_AUTH_GENERIC_OAUTH_NAME = "Cognito"
GF_AUTH_GENERIC_OAUTH_ENABLED = "true"
GF_AUTH_GENERIC_OAUTH_AUTH_URL = local.cognito_authz_url
GF_AUTH_GENERIC_OAUTH_TOKEN_URL = local.cognito_token_url
// below, the `?` is necessary to fix a bad assumtion on grafana's side
GF_AUTH_GENERIC_OAUTH_API_URL = "${local.cognito_userinfo_url}?"
GF_AUTH_GENERIC_OAUTH_SCOPES = "email openid profile"
}
})
]
set_sensitive {
name = "envRenderSecret.GF_AUTH_GENERIC_OAUTH_CLIENT_ID"
value = aws_cognito_user_pool_client.this.id
}
set_sensitive {
name = "envRenderSecret.GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET"
value = aws_cognito_user_pool_client.this.client_secret
}
}
Reference in New Issue View Git Blame Copy Permalink