From 0dc2d464492b43affef0320a4306c21fc7842c5d Mon Sep 17 00:00:00 2001 From: Daniel Kempkens Date: Tue, 23 Jan 2024 22:57:01 +0100 Subject: [PATCH] argon: syslog; loki, telegraf, grafana --- system/hosts/argon.nix | 4 ++++ system/nixos/grafana.nix | 36 ++++++++++++++++++++++++++++++++++++ system/nixos/loki.nix | 39 +++++++++++++++++++++++++++++++++++++++ system/nixos/telegraf.nix | 25 +++++++++++++++++++++++++ 4 files changed, 104 insertions(+) create mode 100644 system/nixos/grafana.nix create mode 100644 system/nixos/loki.nix create mode 100644 system/nixos/telegraf.nix diff --git a/system/hosts/argon.nix b/system/hosts/argon.nix index 0e63b8b..e60b75f 100644 --- a/system/hosts/argon.nix +++ b/system/hosts/argon.nix @@ -25,6 +25,10 @@ in (import ../nixos/forgejo-runner.nix (args // { name = "argon"; tag = "ubuntu-latest-arm64"; nixTag = "arm64"; })) + ../nixos/grafana.nix + ../nixos/loki.nix + ../nixos/telegraf.nix + ../nixos/tailscale.nix ../nixos/unbound.nix diff --git a/system/nixos/grafana.nix b/system/nixos/grafana.nix new file mode 100644 index 0000000..8d1e21d --- /dev/null +++ b/system/nixos/grafana.nix @@ -0,0 +1,36 @@ +let + fqdn = "grafana.internal.kempkens.network"; +in +{ + services.grafana = { + enable = true; + + settings = { + analytics.reporting_enabled = false; + + + server = { + root_url = "https://${fqdn}"; + domain = fqdn; + enforce_domain = true; + enable_gzip = true; + http_addr = "127.0.0.1"; + http_port = 3099; + }; + }; + }; + + services.nginx.virtualHosts."${fqdn}" = { + quic = true; + http3 = true; + + onlySSL = true; + useACMEHost = "internal.kempkens.network"; + + locations."/" = { + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:3099"; + proxyWebsockets = true; + }; + }; +} diff --git a/system/nixos/loki.nix b/system/nixos/loki.nix new file mode 100644 index 0000000..db63b1b --- /dev/null +++ b/system/nixos/loki.nix @@ -0,0 +1,39 @@ +{ + services.loki = { + enable = true; + + configuration = { + auth_enabled = false; + analytics.reporting_enabled = false; + + server = { + http_listen_port = 3100; + }; + + common = { + ring = { + instance_addr = "127.0.0.1"; + kvstore.store = "inmemory"; + }; + + replication_factor = 1; + path_prefix = "/var/lib/loki/common"; + }; + + schema_config = { + configs = [ + { + from = "2024-01-23"; + store = "tsdb"; + object_store = "filesystem"; + schema = "v12"; + index = { + prefix = "index_"; + period = "24h"; + }; + } + ]; + }; + }; + }; +} diff --git a/system/nixos/telegraf.nix b/system/nixos/telegraf.nix new file mode 100644 index 0000000..53fb3c2 --- /dev/null +++ b/system/nixos/telegraf.nix @@ -0,0 +1,25 @@ +{ + services.telegraf = { + enable = true; + + extraConfig = { + inputs = { + syslog = { + server = "udp://:6514"; + syslog_standard = "RFC3164"; + best_effort = true; + }; + }; + + outputs = { + loki = { + domain = "http://127.0.0.1:3100"; + endpoint = "/loki/api/v1/push"; + timeout = "15s"; + }; + }; + }; + }; + + networking.firewall.interfaces."vlan777".allowedUDPPorts = [ 6514 ]; +}