unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
1e44577045
puppet-prod/hieradata/roles/infra/metrics/grafana.yaml
Ben Vincent 1e44577045
All checks were successful
Build / precommit (pull_request) Successful in 4m56s
Details
feat: add external grafana access 
- enable access to grafana through haproxy
- ensure grafana cert created from letsencrypt
- enable user access to grafana
2025-07-28 21:01:32 +10:00

56 lines
1.8 KiB
YAML
Raw Blame History

---
hiera_include:
- profiles::nginx::simpleproxy
profiles::sql::postgresdb::cluster_name: "patroni-shared-%{facts.environment}"
profiles::sql::postgresdb::dbname: grafana
profiles::sql::postgresdb::dbuser: grafana
profiles::metrics::grafana::db_host: "master.%{hiera('profiles::sql::postgresdb::cluster_name')}.service.%{facts.country}-%{facts.region}.consul"
profiles::metrics::grafana::db_port: 5432
profiles::metrics::grafana::db_name: "%{hiera('profiles::sql::postgresdb::dbname')}"
profiles::metrics::grafana::db_user: "%{hiera('profiles::sql::postgresdb::dbuser')}"
profiles::metrics::grafana::db_pass: "%{hiera('profiles::sql::postgresdb::dbpass')}"
profiles::metrics::grafana::pgsql_backend: true
# additional altnames
profiles::pki::vault::alt_names:
- grafana.unkin.net
- grafana.service.consul
- grafana.query.consul
- "grafana.service.%{facts.country}-%{facts.region}.consul"
profiles::ssh::sign::principals:
- grafana.unkin.net
- grafana.service.consul
- grafana.query.consul
consul::services:
grafana:
service_name: 'grafana'
tags:
- 'grafana'
address: "%{facts.networking.ip}"
port: 443
checks:
- id: 'Grafana_https_check'
name: 'Grafana HTTPS Check'
http: "https://%{facts.networking.fqdn}:443"
method: 'GET'
tls_skip_verify: true
interval: '10s'
timeout: '1s'
profiles::consul::client::node_rules:
- resource: service
segment: grafana
disposition: write
# manage a simple nginx reverse proxy
profiles::nginx::simpleproxy::nginx_vhost: 'grafana.query.consul'
profiles::nginx::simpleproxy::nginx_aliases:
- grafana.unkin.net
- grafana.service.consul
- grafana.query.consul
- "grafana.service.%{facts.country}-%{facts.region}.consul"
profiles::nginx::simpleproxy::proxy_port: 8080
profiles::nginx::simpleproxy::proxy_path: '/'
Reference in New Issue View Git Blame Copy Permalink