shorten basic_auth secret
This commit is contained in:
parent
42c3695bf3
commit
d4c6bd4c12
|
@ -5,7 +5,7 @@ DOMAIN=monitoring.example.com
|
||||||
TIMEOUT=120
|
TIMEOUT=120
|
||||||
|
|
||||||
## Enable this secret for Promtail / Prometheus
|
## Enable this secret for Promtail / Prometheus
|
||||||
# SECRET_BASIC_AUTH_ADMIN_PASSWORD_VERSION=v1
|
# SECRET_BASIC_AUTH_VERSION=v1
|
||||||
#
|
#
|
||||||
# Promtail (Gathering Logs)
|
# Promtail (Gathering Logs)
|
||||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.promtail.yml"
|
# COMPOSE_FILE="$COMPOSE_FILE:compose.promtail.yml"
|
||||||
|
@ -58,4 +58,4 @@ TIMEOUT=120
|
||||||
# GF_SMTP_FROM_ADDRESS=grafana@example.com
|
# GF_SMTP_FROM_ADDRESS=grafana@example.com
|
||||||
# GF_SMTP_SKIP_VERIFY=false
|
# GF_SMTP_SKIP_VERIFY=false
|
||||||
# SECRET_GRAFANA_SMTP_PASSWORD_VERSION=v1
|
# SECRET_GRAFANA_SMTP_PASSWORD_VERSION=v1
|
||||||
#
|
#
|
||||||
|
|
|
@ -58,7 +58,7 @@ Where gathering.org is the node you want to gather metrics from.
|
||||||
- `abra app new monitoring-ng`
|
- `abra app new monitoring-ng`
|
||||||
- `abra app config monitoring.example.org`
|
- `abra app config monitoring.example.org`
|
||||||
Uncomment all the stuff
|
Uncomment all the stuff
|
||||||
- `abra app secret insert monitoring.example.org basic_auth_admin_password v1 <secret>`
|
- `abra app secret insert monitoring.example.org basic_auth v1 <secret>`
|
||||||
this needs the plaintext traefik basic-auth secret, not the hashed one!
|
this needs the plaintext traefik basic-auth secret, not the hashed one!
|
||||||
- `abra app secret ls monitoring.example.org`
|
- `abra app secret ls monitoring.example.org`
|
||||||
- `abra app deploy monitoring.example.org`
|
- `abra app deploy monitoring.example.org`
|
||||||
|
@ -118,4 +118,4 @@ $ systemctl restart docker.service
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
THX to the previous work of @decentral1se @knooflok @3wc @cellarspoon @mirsal
|
THX to the previous work of @decentral1se @knooflok @3wc @cellarspoon @mirsal
|
||||||
|
|
|
@ -4,7 +4,7 @@ services:
|
||||||
prometheus:
|
prometheus:
|
||||||
image: prom/prometheus:v2.45.0
|
image: prom/prometheus:v2.45.0
|
||||||
secrets:
|
secrets:
|
||||||
- basic_auth_admin_password
|
- basic_auth
|
||||||
volumes:
|
volumes:
|
||||||
- prometheus-data:/prometheus:rw
|
- prometheus-data:/prometheus:rw
|
||||||
configs:
|
configs:
|
||||||
|
@ -38,4 +38,4 @@ configs:
|
||||||
file: prometheus.yml.tmpl
|
file: prometheus.yml.tmpl
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
prometheus-data:
|
prometheus-data:
|
||||||
|
|
|
@ -13,7 +13,7 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
secrets:
|
secrets:
|
||||||
- basic_auth_admin_password
|
- basic_auth
|
||||||
environment:
|
environment:
|
||||||
- DOMAIN
|
- DOMAIN
|
||||||
- LOKI_PUSH_URL
|
- LOKI_PUSH_URL
|
||||||
|
@ -25,6 +25,6 @@ configs:
|
||||||
template_driver: golang
|
template_driver: golang
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
basic_auth_admin_password:
|
basic_auth:
|
||||||
external: true
|
external: true
|
||||||
name: ${STACK_NAME}_basic_auth_admin_password_${SECRET_BASIC_AUTH_ADMIN_PASSWORD_VERSION}
|
name: ${STACK_NAME}_basic_auth_${SECRET_BASIC_AUTH_VERSION}
|
||||||
|
|
|
@ -17,4 +17,4 @@ scrape_configs:
|
||||||
- /prometheus/scrape_configs/*.yml
|
- /prometheus/scrape_configs/*.yml
|
||||||
basic_auth:
|
basic_auth:
|
||||||
username: admin
|
username: admin
|
||||||
password: {{ secret "basic_auth_admin_password" }}
|
password: {{ secret "basic_auth" }}
|
||||||
|
|
|
@ -9,7 +9,7 @@ clients:
|
||||||
- url: {{ env "LOKI_PUSH_URL" }}
|
- url: {{ env "LOKI_PUSH_URL" }}
|
||||||
basic_auth:
|
basic_auth:
|
||||||
username: admin
|
username: admin
|
||||||
password: {{ secret "basic_auth_admin_password" }}
|
password: {{ secret "basic_auth" }}
|
||||||
external_labels:
|
external_labels:
|
||||||
hostname: {{ env "DOMAIN" }}
|
hostname: {{ env "DOMAIN" }}
|
||||||
|
|
||||||
|
@ -34,4 +34,4 @@ scrape_configs:
|
||||||
- source_labels: ['__meta_docker_container_label_com_docker_stack_namespace']
|
- source_labels: ['__meta_docker_container_label_com_docker_stack_namespace']
|
||||||
target_label: "stack_namespace"
|
target_label: "stack_namespace"
|
||||||
- source_labels: ['__meta_docker_container_label_com_docker_swarm_service_name']
|
- source_labels: ['__meta_docker_container_label_com_docker_swarm_service_name']
|
||||||
target_label: "service_name"
|
target_label: "service_name"
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
Breakng change: secret `basic_auth_admin_password` was renamed to `basic_auth`. Insert the secret before upgrading.
|
||||||
|
|
||||||
|
abra app secret insert monitoring.example.com basic_auth v1 $(abra app run monitoring.example.com promtail cat /var/run/secrets/basic_auth_admin_password)
|
Loading…
Reference in New Issue