--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/50-monitoring.imfreedom.org.yaml Sun May 03 05:42:07 2020 -0500
@@ -0,0 +1,169 @@
+# this manifest sets up an ingress using hub to the kube-prometheus stack which +# was applied directly from the manifests in github.com/coreos/kube-prometheus. +# It uses https://github.com/thomseddon/traefik-forward-auth to do OIDC based +# logins against our JetBrains Hub instance. +apiVersion: traefik.containo.us/v1alpha1 + X-Frame-Options: SAMEORIGIN +apiVersion: traefik.containo.us/v1alpha1 +apiVersion: traefik.containo.us/v1alpha1 + address: http://traefik-forward-auth.monitoring:4181 + trustForwardHeader: true +apiVersion: traefik.containo.us/v1alpha1 + - name: hub-forward-auth +apiVersion: traefik.containo.us/v1alpha1 + - match: Host(`monitoring.imfreedom.org`) && PathPrefix(`/alertmanager`) + - name: alertmanager-main + - match: Host(`monitoring.imfreedom.org`) && PathPrefix(`/grafana`) + - match: Host(`monitoring.imfreedom.org`) && PathPrefix(`/prometheus`) + - match: Host(`monitoring.imfreedom.org`) && PathPrefix(`/_oauth`) + - name: traefik-forward-auth + secretName: monitoring-tls +apiVersion: cert-manager.io/v1alpha2 + secretName: monitoring-tls + commonName: monitoring.imfreedom.org + - monitoring.imfreedom.org + name: traefik-forward-auth + app: traefik-forward-auth + app: traefik-forward-auth + app: traefik-forward-auth + - --default-provider=oidc + - name: PROVIDERS_OIDC_ISSUER_URL + value: https://hub.imfreedom.org/hub + - name: PROVIDERS_OIDC_CLIENT_ID + - name: PROVIDERS_OIDC_CLIENT_SECRET + image: thomseddon/traefik-forward-auth:2 + imagePullPolicy: Always + name: traefik-forward-auth + name: traefik-forward-auth + app: traefik-forward-auth + app: traefik-forward-auth