shorten basic_auth secret
This commit is contained in:
parent
42c3695bf3
commit
d4c6bd4c12
|
@ -5,7 +5,7 @@ DOMAIN=monitoring.example.com
|
|||
TIMEOUT=120
|
||||
|
||||
## Enable this secret for Promtail / Prometheus
|
||||
# SECRET_BASIC_AUTH_ADMIN_PASSWORD_VERSION=v1
|
||||
# SECRET_BASIC_AUTH_VERSION=v1
|
||||
#
|
||||
# Promtail (Gathering Logs)
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.promtail.yml"
|
||||
|
@ -58,4 +58,4 @@ TIMEOUT=120
|
|||
# GF_SMTP_FROM_ADDRESS=grafana@example.com
|
||||
# GF_SMTP_SKIP_VERIFY=false
|
||||
# SECRET_GRAFANA_SMTP_PASSWORD_VERSION=v1
|
||||
#
|
||||
#
|
||||
|
|
|
@ -58,7 +58,7 @@ Where gathering.org is the node you want to gather metrics from.
|
|||
- `abra app new monitoring-ng`
|
||||
- `abra app config monitoring.example.org`
|
||||
Uncomment all the stuff
|
||||
- `abra app secret insert monitoring.example.org basic_auth_admin_password v1 <secret>`
|
||||
- `abra app secret insert monitoring.example.org basic_auth v1 <secret>`
|
||||
this needs the plaintext traefik basic-auth secret, not the hashed one!
|
||||
- `abra app secret ls monitoring.example.org`
|
||||
- `abra app deploy monitoring.example.org`
|
||||
|
@ -118,4 +118,4 @@ $ systemctl restart docker.service
|
|||
|
||||
---
|
||||
|
||||
THX to the previous work of @decentral1se @knooflok @3wc @cellarspoon @mirsal
|
||||
THX to the previous work of @decentral1se @knooflok @3wc @cellarspoon @mirsal
|
||||
|
|
|
@ -4,7 +4,7 @@ services:
|
|||
prometheus:
|
||||
image: prom/prometheus:v2.45.0
|
||||
secrets:
|
||||
- basic_auth_admin_password
|
||||
- basic_auth
|
||||
volumes:
|
||||
- prometheus-data:/prometheus:rw
|
||||
configs:
|
||||
|
@ -38,4 +38,4 @@ configs:
|
|||
file: prometheus.yml.tmpl
|
||||
|
||||
volumes:
|
||||
prometheus-data:
|
||||
prometheus-data:
|
||||
|
|
|
@ -13,7 +13,7 @@ services:
|
|||
networks:
|
||||
- internal
|
||||
secrets:
|
||||
- basic_auth_admin_password
|
||||
- basic_auth
|
||||
environment:
|
||||
- DOMAIN
|
||||
- LOKI_PUSH_URL
|
||||
|
@ -25,6 +25,6 @@ configs:
|
|||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
basic_auth_admin_password:
|
||||
basic_auth:
|
||||
external: true
|
||||
name: ${STACK_NAME}_basic_auth_admin_password_${SECRET_BASIC_AUTH_ADMIN_PASSWORD_VERSION}
|
||||
name: ${STACK_NAME}_basic_auth_${SECRET_BASIC_AUTH_VERSION}
|
||||
|
|
|
@ -17,4 +17,4 @@ scrape_configs:
|
|||
- /prometheus/scrape_configs/*.yml
|
||||
basic_auth:
|
||||
username: admin
|
||||
password: {{ secret "basic_auth_admin_password" }}
|
||||
password: {{ secret "basic_auth" }}
|
||||
|
|
|
@ -9,7 +9,7 @@ clients:
|
|||
- url: {{ env "LOKI_PUSH_URL" }}
|
||||
basic_auth:
|
||||
username: admin
|
||||
password: {{ secret "basic_auth_admin_password" }}
|
||||
password: {{ secret "basic_auth" }}
|
||||
external_labels:
|
||||
hostname: {{ env "DOMAIN" }}
|
||||
|
||||
|
@ -34,4 +34,4 @@ scrape_configs:
|
|||
- source_labels: ['__meta_docker_container_label_com_docker_stack_namespace']
|
||||
target_label: "stack_namespace"
|
||||
- source_labels: ['__meta_docker_container_label_com_docker_swarm_service_name']
|
||||
target_label: "service_name"
|
||||
target_label: "service_name"
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
Breakng change: secret `basic_auth_admin_password` was renamed to `basic_auth`. Insert the secret before upgrading.
|
||||
|
||||
abra app secret insert monitoring.example.com basic_auth v1 $(abra app run monitoring.example.com promtail cat /var/run/secrets/basic_auth_admin_password)
|
Loading…
Reference in New Issue