From a932b4598d490026c6c56d4b635b3f01c77192e8 Mon Sep 17 00:00:00 2001 From: GHOSCHT <31184695+GHOSCHT@users.noreply.github.com> Date: Tue, 25 Jun 2024 22:06:01 +0200 Subject: [PATCH] Arion: Add Grafana+Loki log aggregation --- hosts/franz/arion/default.nix | 1 + hosts/franz/arion/stats/arion-compose.nix | 58 +++++++++++++++++++++++ hosts/franz/arion/stats/arion-pkgs.nix | 6 +++ hosts/franz/arion/stats/default.nix | 38 +++++++++++++++ 4 files changed, 103 insertions(+) create mode 100644 hosts/franz/arion/stats/arion-compose.nix create mode 100644 hosts/franz/arion/stats/arion-pkgs.nix create mode 100644 hosts/franz/arion/stats/default.nix diff --git a/hosts/franz/arion/default.nix b/hosts/franz/arion/default.nix index a153b64..651a833 100644 --- a/hosts/franz/arion/default.nix +++ b/hosts/franz/arion/default.nix @@ -21,6 +21,7 @@ ./headscale ./auth ./minio + ./stats ]; environment.systemPackages = with pkgs; [arion]; diff --git a/hosts/franz/arion/stats/arion-compose.nix b/hosts/franz/arion/stats/arion-compose.nix new file mode 100644 index 0000000..c3d662b --- /dev/null +++ b/hosts/franz/arion/stats/arion-compose.nix @@ -0,0 +1,58 @@ +{ + project.name = "stats"; + + networks.dmz = { + name = "dmz"; + external = true; + }; + networks.internal = {}; + + services = { + grafana.service = { + image = "grafana/grafana:10.4.4"; + user = "1000"; + container_name = "grafana"; + labels = { + "traefik.enable" = "true"; + + "traefik.http.services.grafana.loadbalancer.server.port" = "3000"; + "traefik.http.routers.grafana.service" = "grafana"; + "traefik.http.routers.grafana.rule" = "Host(`grafana.ghoscht.com`)"; + "traefik.http.routers.grafana.entrypoints" = "websecure"; + "traefik.http.routers.grafana.tls" = "true"; + "traefik.http.routers.grafana.tls.certresolver" = "letsencrypt"; + }; + volumes = [ + "/storage/dataset/docker/stats/grafana_data:/var/lib/grafana" + ]; + networks = [ + "dmz" + "internal" + ]; + }; + loki.service = { + image = "grafana/loki:3.0.0"; + volumes = [ + "/storage/dataset/docker/stats/loki_data:/etc/loki" + ]; + ports = [ + "3100:3100" + ]; + command = "-config.file=/etc/loki/loki-config.yml"; + networks = [ + "internal" + ]; + }; + promtail.service = { + image = "grafana/promtail:3.0.0"; + volumes = [ + "/var/log:/var/log" + "/storage/dataset/docker/stats/promtail_data:/etc/promtail" + ]; + command = "-config.file=/etc/promtail/promtail-config.yml"; + networks = [ + "internal" + ]; + }; + }; +} diff --git a/hosts/franz/arion/stats/arion-pkgs.nix b/hosts/franz/arion/stats/arion-pkgs.nix new file mode 100644 index 0000000..69aad13 --- /dev/null +++ b/hosts/franz/arion/stats/arion-pkgs.nix @@ -0,0 +1,6 @@ +# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH +import { + # We specify the architecture explicitly. Use a Linux remote builder when + # calling arion from other platforms. + system = "x86_64-linux"; +} diff --git a/hosts/franz/arion/stats/default.nix b/hosts/franz/arion/stats/default.nix new file mode 100644 index 0000000..c78eb75 --- /dev/null +++ b/hosts/franz/arion/stats/default.nix @@ -0,0 +1,38 @@ +{config, ...}: let + vars = import ../../../../vars.nix; +in { + virtualisation.arion = { + projects.stats.settings = { + imports = [./arion-compose.nix]; + }; + }; + + systemd.services.add-loki-logging-driver = { + description = "Add grafana loki docker driver"; + after = ["network.target"]; + wantedBy = ["multi-user.target"]; + + serviceConfig.Type = "oneshot"; + script = let + dockercli = "${config.virtualisation.docker.package}/bin/docker"; + in '' + # Put a true at the end to prevent getting non-zero return code, which will + # crash the whole service. + check=$(${dockercli} plugin ls | grep "loki" || true) + if [ -z "$check" ]; then + ${dockercli} plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions + else + echo "loki docker driver already exists in docker" + fi + ''; + }; + + virtualisation.docker.daemon.settings = { + debug = true; + log-driver = "loki"; + log-opts = { + loki-url = "http://localhost:3100/loki/api/v1/push"; + # loki-url = "http://host.docker.internal:3100/loki/api/v1/push"; + }; + }; +}