diff --git a/.env.sample b/.env.sample index 03f19c8..25116c1 100644 --- a/.env.sample +++ b/.env.sample @@ -5,7 +5,7 @@ DOMAIN=monitoring.example.com TIMEOUT=120 ## Enable this secret for Promtail / Prometheus -# SECRET_BASIC_AUTH_ADMIN_PASSWORD_VERSION=v1 +# SECRET_BASIC_AUTH_VERSION=v1 # # Promtail (Gathering Logs) # COMPOSE_FILE="$COMPOSE_FILE:compose.promtail.yml" @@ -58,4 +58,4 @@ TIMEOUT=120 # GF_SMTP_FROM_ADDRESS=grafana@example.com # GF_SMTP_SKIP_VERIFY=false # SECRET_GRAFANA_SMTP_PASSWORD_VERSION=v1 -# \ No newline at end of file +# diff --git a/README.md b/README.md index d14059a..7e29ad2 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ Where gathering.org is the node you want to gather metrics from. - `abra app new monitoring-ng` - `abra app config monitoring.example.org` Uncomment all the stuff - - `abra app secret insert monitoring.example.org basic_auth_admin_password v1 ` + - `abra app secret insert monitoring.example.org basic_auth v1 ` this needs the plaintext traefik basic-auth secret, not the hashed one! - `abra app secret ls monitoring.example.org` - `abra app deploy monitoring.example.org` @@ -118,4 +118,4 @@ $ systemctl restart docker.service --- -THX to the previous work of @decentral1se @knooflok @3wc @cellarspoon @mirsal \ No newline at end of file +THX to the previous work of @decentral1se @knooflok @3wc @cellarspoon @mirsal diff --git a/compose.prometheus.yml b/compose.prometheus.yml index 83208bb..4e676d1 100644 --- a/compose.prometheus.yml +++ b/compose.prometheus.yml @@ -4,7 +4,7 @@ services: prometheus: image: prom/prometheus:v2.45.0 secrets: - - basic_auth_admin_password + - basic_auth volumes: - prometheus-data:/prometheus:rw configs: @@ -38,4 +38,4 @@ configs: file: prometheus.yml.tmpl volumes: - prometheus-data: \ No newline at end of file + prometheus-data: diff --git a/compose.promtail.yml b/compose.promtail.yml index 0365923..09986d6 100644 --- a/compose.promtail.yml +++ b/compose.promtail.yml @@ -13,7 +13,7 @@ services: networks: - internal secrets: - - basic_auth_admin_password + - basic_auth environment: - DOMAIN - LOKI_PUSH_URL @@ -25,6 +25,6 @@ configs: template_driver: golang secrets: - basic_auth_admin_password: + basic_auth: external: true - name: ${STACK_NAME}_basic_auth_admin_password_${SECRET_BASIC_AUTH_ADMIN_PASSWORD_VERSION} \ No newline at end of file + name: ${STACK_NAME}_basic_auth_${SECRET_BASIC_AUTH_VERSION} diff --git a/prometheus.yml.tmpl b/prometheus.yml.tmpl index c145518..b7e3f2d 100644 --- a/prometheus.yml.tmpl +++ b/prometheus.yml.tmpl @@ -17,4 +17,4 @@ scrape_configs: - /prometheus/scrape_configs/*.yml basic_auth: username: admin - password: {{ secret "basic_auth_admin_password" }} \ No newline at end of file + password: {{ secret "basic_auth" }} diff --git a/promtail.yml.tmpl b/promtail.yml.tmpl index f2fd940..9a788f0 100644 --- a/promtail.yml.tmpl +++ b/promtail.yml.tmpl @@ -9,7 +9,7 @@ clients: - url: {{ env "LOKI_PUSH_URL" }} basic_auth: username: admin - password: {{ secret "basic_auth_admin_password" }} + password: {{ secret "basic_auth" }} external_labels: hostname: {{ env "DOMAIN" }} @@ -34,4 +34,4 @@ scrape_configs: - source_labels: ['__meta_docker_container_label_com_docker_stack_namespace'] target_label: "stack_namespace" - source_labels: ['__meta_docker_container_label_com_docker_swarm_service_name'] - target_label: "service_name" \ No newline at end of file + target_label: "service_name" diff --git a/release/1.0.0+v1.6.0 b/release/1.0.0+v1.6.0 new file mode 100644 index 0000000..42befbc --- /dev/null +++ b/release/1.0.0+v1.6.0 @@ -0,0 +1,3 @@ +Breakng change: secret `basic_auth_admin_password` was renamed to `basic_auth`. Insert the secret before upgrading. + +abra app secret insert monitoring.example.com basic_auth v1 $(abra app run monitoring.example.com promtail cat /var/run/secrets/basic_auth_admin_password)