--- apiVersion: grafana.integreatly.org/v1beta1 kind: Grafana metadata: name: grafana namespace: grafana labels: dashboards: "grafana" spec: disableDefaultAdminSecret: true config: log: mode: "console" server: root_url: "https://grafana.apps.undercloud.dev" auth: disable_login_form: "false" signout_redirect_url: "https://auth.apps.undercloud.dev/application/o/grafana/end-session/" auth.generic_oauth: enabled: "true" name: "authentik" allow_sign_up: "true" client_id: "${AUTH_CLIENT_ID}" client_secret: "${AUTH_CLIENT_SECRET}" scopes: "openid profile email" auth_url: "https://auth.apps.undercloud.dev/application/o/authorize/" token_url: "https://auth.apps.undercloud.dev/application/o/token/" api_url: "https://auth.apps.undercloud.dev/application/o/userinfo/" email_attribute_path: "email" login_attribute_path: "preferred_username" name_attribute_path: "name" persistentVolumeClaim: spec: accessModes: - ReadWriteMany storageClassName: cephfs-hyper resources: requests: storage: 5Gi deployment: spec: template: spec: containers: - name: grafana env: - name: GF_SECURITY_ADMIN_USER valueFrom: secretKeyRef: name: grafana-admin-credentials key: GF_SECURITY_ADMIN_USER - name: GF_SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: name: grafana-admin-credentials key: GF_SECURITY_ADMIN_PASSWORD - name: AUTH_CLIENT_ID valueFrom: secretKeyRef: name: grafana-oauth key: client-id - name: AUTH_CLIENT_SECRET valueFrom: secretKeyRef: name: grafana-oauth key: client-secret