-
Notifications
You must be signed in to change notification settings - Fork 11
/
base-secrets.yaml
168 lines (151 loc) · 5.73 KB
/
base-secrets.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
# --------------------------------------------------------- 00-init.yaml ---------------------------------------------------------
mongodb:
auth:
replicaSetKey: secret
rootPassword: secret
passwords:
- secret
graylog:
graylog:
rootPassword: secret
kube_prometheus_stack:
kube-prometheus-stack:
alertmanager:
config:
receivers:
- name: default
slack_configs:
- api_url: https://hooks.slack.com/services/XXX/XXX/XXX
channel: '#radar-base-alerts'
pretext: '{{ .CommonAnnotations.summary }}'
username: Radar Base
color: '{{ if eq .Status "firing" }}danger{{ else }}good{{
end }}'
title: '{{ template "slack.default.title" . }}'
title_link: '{{ template "slack.default.titlelink" . }}'
fallback: '{{ template "slack.default.fallback" . }}'
text: "{{ range .Alerts }}\n *Alert details:* \n {{ range
.Labels.SortedPairs }} • *{{ .Name }}:* `{{ .Value }}`\n
\ {{ end }}\n{{ end }}"
grafana:
adminPassword: secret
# Password for thehyve user at prometheus.<server_name> and alertmanager.<server_name>
# Generate it manually with: echo "password" | htpasswd -i -n thehyve
# Or automatically via `bin/generate-secrets` script
nginx_auth: thehyve:$apr1$5HSenBgF$9VKLQchT85Nrt5I3Vd6H3. # username: thehyve, password: password
kafka_manager:
basicAuth:
password: secret
# --------------------------------------------------------- 10-base.yaml ---------------------------------------------------------
confluent_cloud:
cc:
bootstrapServerurl: confluentBootstrapServers
schemaRegistryUrl: confluentSchemaRegistryUrl
apiKey: ccApikey
apiSecret: ccApiSecret
schemaRegistryApiKey: srApiKey
schemaRegistryApiSecret: srApiSecret
# --------------------------------------------------------- 10-managementportal.yaml ---------------------------------------------------------
postgresql:
global:
postgresql:
auth:
postgresPassword: secret
auth:
replicationPassword: secret
management_portal:
postgres:
password: secret
managementportal:
common_admin_password: secret
frontend_client_secret: secret
oauth_clients:
pRMT:
enable: true
client_secret: "saturday$SHARE$scale" # default, preferably keep it this way
aRMT:
enable: true
client_secret: ""
radar_upload_backend:
client_secret: secret
radar_upload_connect:
client_secret: secret
radar_rest_sources_auth_backend:
client_secret: secret
radar_redcap_integrator:
client_secret: secret
radar_fitbit_connector:
client_secret: secret
radar_appconfig:
client_secret: secret
radar_push_endpoint:
client_secret: secret
smtp:
password: secret
app_config:
jdbc:
password: secret
# --------------------------------------------------------- 20-appserver.yaml ---------------------------------------------------------
# The charts in 20-appserver.yaml only need to be installed if you have a custom aRMT app.
radar_appserver_postgresql:
global:
postgresql:
auth:
postgresPassword: secret
auth:
replicationPassword: secret
radar_appserver:
postgres:
password: secret
# --------------------------------------------------------- 20-fitbit.yaml ---------------------------------------------------------
# The charts in 20-fitbit.yaml only need to be installed if you will use a Fitbit or Garmin API integration.
# Get a Fitbit API client by registering a server application
# at https://dev.fitbit.com/manage/
fitbit_api_client: "secret"
fitbit_api_secret: "secret"
radar_rest_sources_backend:
postgres:
password: secret
# --------------------------------------------------------- 20-grafana.yaml ---------------------------------------------------------
timescaledb_password: secret
grafana_password: secret
grafana_metrics_password: secret
# --------------------------------------------------------- 20-redcap.yaml ---------------------------------------------------------
radar_integration:
projects: []
# Example:
#projects:
# - redcap_info:
# url: "http://example.com/"
# project_id: "1"
# enrolment_event: enrolment
# integration_form: radar_integration
# token: xxx
# mp_info:
# project_name: RADAR-BASE
# --------------------------------------------------------- 20-s3-connector.yaml ---------------------------------------------------------
# The access keys and secret keys of object storage services should match.
# If AWS S3 is used as a storage medium instead of minio, then fill in those.
s3_access_key: secret
s3_secret_key: secret
# --------------------------------------------------------- 20-upload.yaml ---------------------------------------------------------
radar_upload_postgres_password: secret
# --------------------------------------------------------- 20-push-endpoint.yaml ---------------------------------------------------------
# Get a Garmin Connect client by registering at
# https://developer.garmin.com/gc-developer-program/overview/
radar_push_endpoint:
garmin:
consumerKey: "secret"
consumerSecret: "secret"
# --------------------------------------------------------- 99-velero.yaml ---------------------------------------------------------
velero:
backup:
accessKey: secret
secretKey: secret
velero:
credentials:
secretContents:
cloud: |
[default]
aws_access_key_id=secret
aws_secret_access_key=secret