apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: kube-prometheus-stack namespace: observability spec: interval: 10m chart: spec: chart: kube-prometheus-stack version: "65.*" sourceRef: kind: HelmRepository name: prometheus-community namespace: flux-system values: nodeExporter: enabled: false prometheus: prometheusSpec: retention: 15d storageSpec: volumeClaimTemplate: spec: storageClassName: longhorn accessModes: ["ReadWriteOnce"] resources: requests: storage: 20Gi additionalScrapeConfigs: - job_name: "vm-node-exporter" static_configs: - targets: - "192.168.51.200:9100" - "192.168.100.200:9100" - "192.168.52.200:9100" - "192.168.51.201:9100" - "192.168.100.201:9100" - "192.168.52.201:9100" - "192.168.51.203:9100" - "192.168.51.202:9100" grafana: admin: existingSecret: grafana-admin-secret userKey: admin-user passwordKey: admin-password envFromSecrets: - grafana-oidc-secret - grafana-smtp-secret grafana.ini: server: root_url: https://grafana.n0ball.tw smtp: enabled: true from_name: Grafana Homelab auth: disable_login_form: true auth.generic_oauth: enabled: true name: Keycloak allow_sign_up: true scopes: openid email profile auth_url: https://keycloak.n0ball.tw/realms/homelab/protocol/openid-connect/auth token_url: https://keycloak.n0ball.tw/realms/homelab/protocol/openid-connect/token api_url: https://keycloak.n0ball.tw/realms/homelab/protocol/openid-connect/userinfo role_attribute_path: "contains(realm_access.roles[*], 'admin') && 'Admin' || 'Viewer'" ingress: enabled: true ingressClassName: traefik annotations: cert-manager.io/cluster-issuer: "n0ball-tw-issuer" hosts: ["grafana.n0ball.tw"] tls: - secretName: grafana-tls hosts: ["grafana.n0ball.tw"] alertmanager: alertmanagerSpec: storage: volumeClaimTemplate: spec: storageClassName: longhorn accessModes: ["ReadWriteOnce"] resources: requests: storage: 2Gi