diff options
author | Franck Cuny <franck@fcuny.net> | 2023-05-12 14:53:59 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2023-05-12 14:55:31 -0700 |
commit | 03707f1c0d9615d3c6385132af52de60c2fedfc0 (patch) | |
tree | b3e1a344693cb4c151e014812d42bac63d616567 /profiles/monitoring | |
parent | profiles/monitoring: move promtail to a profile (diff) | |
download | world-03707f1c0d9615d3c6385132af52de60c2fedfc0.tar.gz |
profiles/monitoring: move loki to a profile
Add a nginx virtualhost for loki too, so that we can use a valid SSL certificate.
Diffstat (limited to 'profiles/monitoring')
-rw-r--r-- | profiles/monitoring/loki.nix | 103 | ||||
-rw-r--r-- | profiles/monitoring/promtail.nix | 2 |
2 files changed, 104 insertions, 1 deletions
diff --git a/profiles/monitoring/loki.nix b/profiles/monitoring/loki.nix new file mode 100644 index 0000000..1200846 --- /dev/null +++ b/profiles/monitoring/loki.nix @@ -0,0 +1,103 @@ +{ config, lib, pkgs, ... }: +{ + services.loki.enable = true; + services.loki.configuration = { + # no need for authentication, since we're binding on the + # wireguard interface, we can trust the connections. + auth_enabled = false; + + server = { + http_listen_port = 3100; + http_listen_address = "127.0.0.1"; + }; + + ingester = { + lifecycler = { + address = cfg.listenAddress; + ring = { + kvstore = { store = "inmemory"; }; + replication_factor = 1; + }; + final_sleep = "0s"; + }; + + # Any chunk not receiving new logs in this time will be flushed + chunk_idle_period = "1h"; + + # All chunks will be flushed when they hit this age, default is 1h + max_chunk_age = "1h"; + + # Loki will attempt to build chunks up to 1.5MB, flushing first if + # chunk_idle_period or max_chunk_age is reached first + chunk_target_size = 1048576; + + # Must be greater than index read cache TTL if using an index cache (Default + # index read cache TTL is 5m) + chunk_retain_period = "30s"; + + # Chunk transfers disabled + max_transfer_retries = 0; + }; + + schema_config = { + configs = [{ + from = "2020-10-24"; + store = "boltdb-shipper"; + object_store = "filesystem"; + schema = "v11"; + index = { + prefix = "index_"; + period = "24h"; + }; + }]; + }; + + storage_config = { + boltdb_shipper = { + active_index_directory = "/var/lib/loki/boltdb-shipper-active"; + cache_location = "/var/lib/loki/boltdb-shipper-cache"; + + # Can be increased for faster performance over longer query periods, + # uses more disk space + cache_ttl = "24h"; + + shared_store = "filesystem"; + }; + + filesystem = { directory = "/var/lib/loki/chunks"; }; + }; + + limits_config = { + reject_old_samples = true; + reject_old_samples_max_age = "168h"; + }; + + chunk_store_config = { max_look_back_period = "0s"; }; + + table_manager = { + retention_deletes_enabled = false; + retention_period = "0s"; + }; + + compactor = { + working_directory = "/var/lib/loki/boltdb-shipper-compactor"; + shared_store = "filesystem"; + }; + }; + + services.nginx.virtualHosts."loki.${config.homelab.domain}" = { + default = true; + forceSSL = true; + enableACME = true; + listen = [ + { + addr = "192.168.6.40"; + port = 443; + ssl = true; + } + ]; + locations."/" = { + proxyPass = "http://127.0.0.1::${toString services.loki.configuration.server.http_listen_port}"; + }; + }; +} diff --git a/profiles/monitoring/promtail.nix b/profiles/monitoring/promtail.nix index 23b6669..a3b95c2 100644 --- a/profiles/monitoring/promtail.nix +++ b/profiles/monitoring/promtail.nix @@ -2,7 +2,7 @@ { services.promtail.enable = true; services.promtail.configuration = { - clients = [{ url = "https://loki.${config.homelab.domain}:3100/loki/api/v1/push"; }]; + clients = [{ url = "https://loki.${config.homelab.domain}/loki/api/v1/push"; }]; scrape_configs = [ { job_name = "journal"; |