apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: loki namespace: argocd annotations: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true finalizers: - resources-finalizer.argocd.argoproj.io spec: destination: namespace: loki server: 'https://kubernetes.default.svc' project: aux ignoreDifferences: - group: apps kind: StatefulSet jsonPointers: - /spec/persistentVolumeClaimRetentionPolicy syncPolicy: managedNamespaceMetadata: labels: component: aux syncOptions: - CreateNamespace=true - ApplyOutOfSyncOnly=true automated: prune: true selfHeal: true sources: - repoURL: https://gitlab.com/serit/k8s/serit-platform-manifests.git path: network-policies/netpol-loki targetRevision: HEAD - repoURL: 'https://grafana.github.io/helm-charts' targetRevision: 6.12.0 chart: loki helm: values: | loki: auth_enabled: false storage: bucketNames: chunks: loki-chunks ruler: loki-chunks admin: loki-chunks s3: endpoint: http://10.255.241.30:30080 region: tos accessKeyId: ${S3KEY} secretAccessKey: ${S3SECRET} s3ForcePathStyle: true http_config: insecure_skip_verify: true schemaConfig: configs: - from: "2024-04-01" index: period: 24h prefix: loki_index_ object_store: s3 schema: v13 store: tsdb compactor: compaction_interval: 10m working_directory: /tmp/loki/compactor retention_enabled: true retention_delete_delay: 2h retention_delete_worker_count: 150 delete_request_store: s3 limits_config: retention_period: 744h write: extraArgs: - -config.expand-env=true extraEnv: - name: S3KEY valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_ID - name: S3SECRET valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_SECRET tolerations: - effect: "NoSchedule" operator: "Equal" key: "unschedulable" value: "true" read: extraArgs: - -config.expand-env=true extraEnv: - name: S3KEY valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_ID - name: S3SECRET valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_SECRET tolerations: - effect: "NoSchedule" operator: "Equal" key: "unschedulable" value: "true" ingress: enabled: true ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-staging nginx.ingress.kubernetes.io/ssl-redirect: "true" atlantis.oceanbox.io/expose: internal hosts: - loki.adm.oceanbox.io tls: - hosts: - loki.adm.oceanbox.io secretName: loki-distributed-tls compactor: extraArgs: - -config.expand-env=true extraEnv: - name: S3KEY valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_ID - name: S3SECRET valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_SECRET backend: extraArgs: - -config.expand-env=true extraEnv: - name: S3KEY valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_ID - name: S3SECRET valueFrom: secretKeyRef: name: loki-s3 key: AWS_ACCESS_KEY_SECRET