From 7753d5ef2d90a3d78a015d025822a55cc3c874da Mon Sep 17 00:00:00 2001 From: Juhani Pelli Date: Fri, 26 Jul 2024 04:23:14 +0300 Subject: [PATCH] Add secret for grafana credentials --- .gitignore | 4 +++- .../.khz-k3s/credentials-secret.sealed.yaml | 17 +++++++++++++++++ packages/grafana/.khz-k3s/deployment.yaml | 7 ++++++- 3 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 packages/grafana/.khz-k3s/credentials-secret.sealed.yaml diff --git a/.gitignore b/.gitignore index 28e5e12..840c230 100644 --- a/.gitignore +++ b/.gitignore @@ -42,4 +42,6 @@ Thumbs.db node_modules.bun # Nx -.env.local \ No newline at end of file +.env.local + +*-secret.yaml \ No newline at end of file diff --git a/packages/grafana/.khz-k3s/credentials-secret.sealed.yaml b/packages/grafana/.khz-k3s/credentials-secret.sealed.yaml new file mode 100644 index 0000000..574c765 --- /dev/null +++ b/packages/grafana/.khz-k3s/credentials-secret.sealed.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: ruuvipuserrin-grafana-credentials + namespace: kube-system +spec: + encryptedData: + password: AgBNUOYkX/1L1eBmJaKI7YLTphJ7970+OrVNtBxzZ6DNJoZygHQFbgoFy2vPlfKfBBZYK8FWsOBgv3HZCcp5oDF2xpcNUYVfXRByLHoKT+SCyMvhqMt1IlqbZ/zO7Xbp9JgvtQLwL5JkbFj2KvzlO0/dgTaJ73DCSOv6eC9J1kHTWw8gCqCgFIazYR3lxBkbpOFTvNq8vWSMuHksTGhEQ3m3X7xEoHfhyelo2ZSBueg6+U4hWNACY6WIUFb9UrgxkCxeWl0NqMySGHI2lGA5C0hqE+dk8UyxSOQ3TkKB05vjUXD0ps3mRy7u8vCFZS4a0gHUPuHi6DbKr/4ZAg378O0pLOxi31IVO7wY0PfKvehSeMLoE5hXMs/IXElKLnloaKsJAAJXToQwzHi4U0dDIf/5SHKy4TI+cbw5LIq3wzN2r4JFDS9BxagjA1QWJ5gnvYMokdajZPjnI5vMuCnsIhH91NkLus3eOfH1wj734Gud5sULtfCRy3Ef7B33/RN0hWtyvoKhvevZ9OMY0yIVfz0m7bWvo3NCLr40obTuMHgk2q0zx+TXJvf29Nj9F2aV6PYAqxUsampzhWdGvJPZuN20whK/0xu/3FyfcMOMXIvTeAWR8JfBzTQUncVhhtkX9mlOjedSioBWLbgzFLbGwOu38+He5qIh06TEZtbn4PDHQ36dpLuDA5QRk2fFfUVlFK9DYW9WByFoh+UcBFcbjtVuJHDqBX4E1Q== + username: AgAJQSPIoFt9UUf46p0vwQoZl9caogx7LnfPDtRW2/ZrixLm/jSBV77+K93C99V5uW6hFxbqhZ3adq43SVnmm0R0Y+W2PxMPe1C0H1qlN4kWCPGiz0jUhPCRTZW9tIpJ+PC5kC5eUBDlW/EA7B2Da918Q/ElggJg5Zqm6SiN1vzA8jGqfM9L7DohDqpDj0HwI2KuDqlyBJ2cSLJyrQZ9fqiNwHsdAiW74EzTRZUMFTk2V6NMV3KecmOheNBBPmQXojXqiqSnmKHTWdzc37Y2pSl/RkZYjSOx/c4Hmv+FUBLweOZJca/Ad8tS+auMhXBEijfdohuDja0jxTtLEU/VGx+mocTj0Jgy5/eI28+o1Ma1e3CnrmMEPFY9NP8P1hFvooXZdU54oVmFNvex8DQHSqPweEA4oMzd+kjYsKi1ye4Inuxq4LkjeulOPFduu4W+F0QYfy7uOpWKLvZwRHc3NPmRDZ+3quEaJ27M/D0IW8WM2Pm5AQMQBWhWJ+lgUD2G6yqwideCRWxiJN4WGIwcWhw0jhU19f3Yo9pvyRKls4HOkmR4iLVMWV5DZVe/V3V/yxZHdRRtHDTTJLpRB8/jcyKjlnCW2BAArAa4NqH19dpOIZWT/F0DRTzUigS5EvH3kiinDWxfe+1grrD/l9HH2Igq5H6Lla5LZpt05DkEsIXtiWF4G8O/4DBQFYDl1rokG0QXgk16jw== + template: + metadata: + creationTimestamp: null + name: ruuvipuserrin-grafana-credentials + namespace: kube-system + type: Opaque diff --git a/packages/grafana/.khz-k3s/deployment.yaml b/packages/grafana/.khz-k3s/deployment.yaml index 4ee8b6f..72885a1 100644 --- a/packages/grafana/.khz-k3s/deployment.yaml +++ b/packages/grafana/.khz-k3s/deployment.yaml @@ -19,10 +19,15 @@ spec: ports: - containerPort: 3000 env: + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + name: ruuvipuserrin-grafana-credentials + key: password - name: GF_SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: - name: archive.ruuvipuserrin.credentials.postgresql.acid.zalan.do + name: ruuvipuserrin-grafana-credentials key: password - name: PG_USER valueFrom: