about summary refs log tree commit diff
path: root/profiles/monitoring
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-05-12 14:53:59 -0700
committerFranck Cuny <franck@fcuny.net>2023-05-12 14:55:31 -0700
commit03707f1c0d9615d3c6385132af52de60c2fedfc0 (patch)
treeb3e1a344693cb4c151e014812d42bac63d616567 /profiles/monitoring
parentprofiles/monitoring: move promtail to a profile (diff)
downloadworld-03707f1c0d9615d3c6385132af52de60c2fedfc0.tar.gz
profiles/monitoring: move loki to a profile
Add a nginx virtualhost for loki too, so that we can use a valid SSL
certificate.
Diffstat (limited to 'profiles/monitoring')
-rw-r--r--profiles/monitoring/loki.nix103
-rw-r--r--profiles/monitoring/promtail.nix2
2 files changed, 104 insertions, 1 deletions
diff --git a/profiles/monitoring/loki.nix b/profiles/monitoring/loki.nix
new file mode 100644
index 0000000..1200846
--- /dev/null
+++ b/profiles/monitoring/loki.nix
@@ -0,0 +1,103 @@
+{ config, lib, pkgs, ... }:
+{
+  services.loki.enable = true;
+  services.loki.configuration = {
+    # no need for authentication, since we're binding on the
+    # wireguard interface, we can trust the connections.
+    auth_enabled = false;
+
+    server = {
+      http_listen_port = 3100;
+      http_listen_address = "127.0.0.1";
+    };
+
+    ingester = {
+      lifecycler = {
+        address = cfg.listenAddress;
+        ring = {
+          kvstore = { store = "inmemory"; };
+          replication_factor = 1;
+        };
+        final_sleep = "0s";
+      };
+
+      # Any chunk not receiving new logs in this time will be flushed
+      chunk_idle_period = "1h";
+
+      # All chunks will be flushed when they hit this age, default is 1h
+      max_chunk_age = "1h";
+
+      # Loki will attempt to build chunks up to 1.5MB, flushing first if
+      # chunk_idle_period or max_chunk_age is reached first
+      chunk_target_size = 1048576;
+
+      # Must be greater than index read cache TTL if using an index cache (Default
+      # index read cache TTL is 5m)
+      chunk_retain_period = "30s";
+
+      # Chunk transfers disabled
+      max_transfer_retries = 0;
+    };
+
+    schema_config = {
+      configs = [{
+        from = "2020-10-24";
+        store = "boltdb-shipper";
+        object_store = "filesystem";
+        schema = "v11";
+        index = {
+          prefix = "index_";
+          period = "24h";
+        };
+      }];
+    };
+
+    storage_config = {
+      boltdb_shipper = {
+        active_index_directory = "/var/lib/loki/boltdb-shipper-active";
+        cache_location = "/var/lib/loki/boltdb-shipper-cache";
+
+        # Can be increased for faster performance over longer query periods,
+        # uses more disk space
+        cache_ttl = "24h";
+
+        shared_store = "filesystem";
+      };
+
+      filesystem = { directory = "/var/lib/loki/chunks"; };
+    };
+
+    limits_config = {
+      reject_old_samples = true;
+      reject_old_samples_max_age = "168h";
+    };
+
+    chunk_store_config = { max_look_back_period = "0s"; };
+
+    table_manager = {
+      retention_deletes_enabled = false;
+      retention_period = "0s";
+    };
+
+    compactor = {
+      working_directory = "/var/lib/loki/boltdb-shipper-compactor";
+      shared_store = "filesystem";
+    };
+  };
+
+  services.nginx.virtualHosts."loki.${config.homelab.domain}" = {
+    default = true;
+    forceSSL = true;
+    enableACME = true;
+    listen = [
+      {
+        addr = "192.168.6.40";
+        port = 443;
+        ssl = true;
+      }
+    ];
+    locations."/" = {
+      proxyPass = "http://127.0.0.1::${toString services.loki.configuration.server.http_listen_port}";
+    };
+  };
+}
diff --git a/profiles/monitoring/promtail.nix b/profiles/monitoring/promtail.nix
index 23b6669..a3b95c2 100644
--- a/profiles/monitoring/promtail.nix
+++ b/profiles/monitoring/promtail.nix
@@ -2,7 +2,7 @@
 {
   services.promtail.enable = true;
   services.promtail.configuration = {
-    clients = [{ url = "https://loki.${config.homelab.domain}:3100/loki/api/v1/push"; }];
+    clients = [{ url = "https://loki.${config.homelab.domain}/loki/api/v1/push"; }];
     scrape_configs = [
       {
         job_name = "journal";