From d5285d92491fe23027b20f4f580068635076a87a Mon Sep 17 00:00:00 2001
From: "Jill \"oatmealine\" Monoids" <oatmealine@disroot.org>
Date: Thu, 14 Dec 2023 14:48:09 +0100
Subject: [PATCH] promtail

---
 modules/services/loki-local-config.yml |  55 +++++++++++++
 modules/services/metrics.nix           | 110 +++++++++++++++++++++++++
 modules/services/promtail.yml          |  20 +++++
 3 files changed, 185 insertions(+)
 create mode 100644 modules/services/loki-local-config.yml
 create mode 100644 modules/services/metrics.nix
 create mode 100644 modules/services/promtail.yml

diff --git a/modules/services/loki-local-config.yml b/modules/services/loki-local-config.yml
new file mode 100644
index 0000000..afc9fd7
--- /dev/null
+++ b/modules/services/loki-local-config.yml
@@ -0,0 +1,55 @@
+auth_enabled: false
+
+server:
+  http_listen_port: 3100
+
+ingester:
+  lifecycler:
+    address: 0.0.0.0
+    ring:
+      kvstore:
+        store: inmemory
+      replication_factor: 1
+    final_sleep: 0s
+  chunk_idle_period: 1h       # Any chunk not receiving new logs in this time will be flushed
+  max_chunk_age: 1h           # All chunks will be flushed when they hit this age, default is 1h
+  chunk_target_size: 1048576  # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
+  chunk_retain_period: 30s    # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
+  max_transfer_retries: 0     # Chunk transfers disabled
+
+schema_config:
+  configs:
+    - from: 2023-12-08
+      store: boltdb-shipper
+      object_store: filesystem
+      schema: v11
+      index:
+        prefix: index_
+        period: 24h
+
+storage_config:
+  boltdb_shipper:
+    active_index_directory: /var/lib/loki/boltdb-shipper-active
+    cache_location: /var/lib/loki/boltdb-shipper-cache
+    cache_ttl: 24h         # Can be increased for faster performance over longer query periods, uses more disk space
+    shared_store: filesystem
+  filesystem:
+    directory: /var/lib/loki/chunks
+
+limits_config:
+  reject_old_samples: true
+  reject_old_samples_max_age: 168h
+
+chunk_store_config:
+  max_look_back_period: 0s
+
+table_manager:
+  retention_deletes_enabled: false
+  retention_period: 0s
+
+compactor:
+  working_directory: /var/lib/loki
+  shared_store: filesystem
+  compactor_ring:
+    kvstore:
+      store: inmemory
diff --git a/modules/services/metrics.nix b/modules/services/metrics.nix
new file mode 100644
index 0000000..0cc50e2
--- /dev/null
+++ b/modules/services/metrics.nix
@@ -0,0 +1,110 @@
+{ config, lib, pkgs, options, ... }:
+
+with lib;
+let
+  cfg = config.modules.services.metrics;
+in {
+  options.modules.services.metrics = {
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+    };
+    domain = mkOption {
+      type = types.str;
+      # default = "grafana.oat.zone";
+      default = null;
+    };
+    port = mkOption {
+      type = types.int;
+      default = 2342;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    assertions = [
+      { assertion = cfg.domain != null;
+        description = "please set the domain for grafana";
+      }
+    ];
+    systemd.services.promtail = {
+      description = "Promtail service for Loki";
+      wantedBy = [ "multi-user.target" ];
+
+      serviceConfig = {
+        ExecStart = ''
+          ${pkgs.grafana-loki}/bin/promtail --config.file ${./promtail.yml}
+        '';
+      };
+    };
+    services = {
+      grafana = {
+        enable = true;
+
+        settings = {
+          server = {
+            domain = cfg.domain;
+            http_port = cfg.port;
+            http_addr = "127.0.0.1";
+          };
+        };
+      };
+
+      prometheus = let
+        ports = {
+          base = 9001;
+          node = 9002;
+          nginx = 9003;
+        };
+      in {
+        enable = true;
+        port = ports.base;
+
+        exporters = {
+          node = {
+            enable = true;
+            enabledCollectors = [ "systemd" ];
+            port = ports.node;
+          };
+          nginx = {
+            enable = true;
+            port = ports.nginx;
+          };
+        };
+
+        scrapeConfigs = [
+          {
+            job_name = "lucent-firepit";
+            static_configs = [{
+              targets = [
+                "127.0.0.1:${toString ports.node}"
+                "127.0.0.1:${toString ports.nginx}"
+              ];
+            }];
+          }
+        ];
+      };
+
+      loki = {
+        enable = true;
+        configFile = ./loki-local-config.yml;
+      };
+
+      nginx.statusPage = true;
+
+      nginx.virtualHosts."${cfg.domain}" = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/" = {
+          proxyPass = "http://127.0.0.1:${toString cfg.port}";
+          proxyWebsockets = true;
+        };
+        locations."= /robots.txt" = {
+          extraConfig = ''
+            add_header Content-Type text/plain;
+            return 200 "User-agent: *\nDisallow: /\n";
+          '';
+        };
+      };
+    };
+  };
+}
diff --git a/modules/services/promtail.yml b/modules/services/promtail.yml
new file mode 100644
index 0000000..4d128c8
--- /dev/null
+++ b/modules/services/promtail.yml
@@ -0,0 +1,20 @@
+server:
+  http_listen_port: 28183
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: http://127.0.0.1:3100/loki/api/v1/push
+
+scrape_configs:
+  - job_name: journal
+    journal:
+      max_age: 12h
+      labels:
+        job: systemd-journal
+        host: lucent-firepit
+    relabel_configs:
+      - source_labels: ["__journal__systemd_unit"]
+        target_label: "unit"