From e003f363675a015c7ef9dbfdb45491e3432e0d6e Mon Sep 17 00:00:00 2001
From: "waldemar.kindler" <waldemar.kindler@think-ahead.tech>
Date: Mon, 26 May 2025 17:02:43 +0000
Subject: [PATCH] Update
 otc/penguin-observability.think-ahead.cloud/stacks/observability/victoria-k8s-stack/values.yaml

---
 .../observability/victoria-k8s-stack/values.yaml      | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/otc/penguin-observability.think-ahead.cloud/stacks/observability/victoria-k8s-stack/values.yaml b/otc/penguin-observability.think-ahead.cloud/stacks/observability/victoria-k8s-stack/values.yaml
index 145ef52..1933a2a 100644
--- a/otc/penguin-observability.think-ahead.cloud/stacks/observability/victoria-k8s-stack/values.yaml
+++ b/otc/penguin-observability.think-ahead.cloud/stacks/observability/victoria-k8s-stack/values.yaml
@@ -749,7 +749,7 @@ vmalert:
 
 vmauth:
   # -- Enable VMAuth CR
-  enabled: false
+  enabled: true
   # -- VMAuth annotations
   annotations: {}
   # -- (object) Full spec for VMAuth CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmauthspec)
@@ -758,6 +758,15 @@ vmauth:
   # * `{{ .vm.write }}` - parsed vminsert, vmsingle or external.vm.write URL
   spec:
     port: "8427"
+    ingress:
+      class_name: nginx
+      annotations:
+        nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+        cert-manager.io/cluster-issuer: main
+      host: o12y.penguin-observability.think-ahead.cloud
+      tlsHosts:
+        - o12y.penguin-observability.think-ahead.cloud
+      tlsSecretName: vmauth-tls-secret
     unauthorizedUserAccessSpec:
       # -- Flag, that allows to disable default VMAuth unauthorized user access config
       disabled: false