apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: kube-prometheus-stack
  namespace: monitoring
spec:
  interval: 5m
  chart:
    spec:
      chart: kube-prometheus-stack
      version: "58.1.3"
      sourceRef:
        kind: HelmRepository
        name: prometheus-community-charts
        namespace: flux-system

  values:
    namespaceOverride: "monitoring"

    alertmanager:
      ingress:
        enabled: true
        annotations:
          cert-manager.io/cluster-issuer: letsencrypt-production
          traefik.ingress.kubernetes.io/router.entrypoints: websecure
          traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
        hosts:
          - &alertmanager-host alertmanager.${SECRET_NEW_DOMAIN}
        paths:
          - "/"
        tls:
          - hosts:
              - *alertmanager-host

      alertmanagerSpec:
        alertmanagerConfiguration:
          name: alertmanager-config
                
    grafana:
      enabled: false
      # enabled dashboards even with grafana being disabled
      #forceDeployDashboards: true
      #defaultDashboardsTimezone: America/New_York

    prometheus:
      ingress:
        enabled: true
        annotations:
          cert-manager.io/cluster-issuer: letsencrypt-production
          traefik.ingress.kubernetes.io/router.entrypoints: websecure
          traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
        hosts:
          - &prometheus-host metrics.${SECRET_NEW_DOMAIN}
        paths:
          - "/"
        tls:
          - hosts:
              - *prometheus-host

      prometheusSpec:
        enableAdminAPI: false

        retention: 1d

        remoteWrite:
        - url: http://victoria-metrics-server.monitoring.svc:8428/api/v1/write

        storageSpec:
          volumeClaimTemplate:
            spec:
              storageClassName: longhorn
              selector:
                matchLabels:
                  app.kubernetes.io/name: kube-prometheus-stack-pv
              resources:
                requests:
                  storage: 15Gi

    kubeControllerManager:
      enabled: true
      endpoints:
      - 192.168.87.250
      service:
        enabled: true
        port: 10257
        targetPort: 10257
      serviceMonitor:
        enabled: true
        https: true
        insecureSkipVerify: true

    kubeScheduler:
      enabled: true
      endpoints:
      - 192.168.87.250
      service:
        enabled: true
        port: 10259
        targetPort: 10259
      serviceMonitor:
        enabled: true
        https: true
        insecureSkipVerify: true

    kubeProxy:
      enabled: true
      endpoints:
      - 192.168.87.250
      service:
        enabled: true
        port: 10249
        targetPort: 10249
      serviceMonitor:
        enabled: true
        https: false

    kubeEtcd:
      enabled: false