argon: syslog; loki, telegraf, grafana

2024-01-23 22:57:01 +01:00 · 2024-01-23 22:57:01 +01:00 · 0dc2d46449
commit 0dc2d46449
parent fa220411bc
4 changed files with 104 additions and 0 deletions
--- a/system/hosts/argon.nix
+++ b/system/hosts/argon.nix
@ -25,6 +25,10 @@ in
    (import ../nixos/forgejo-runner.nix (args // { name = "argon"; tag = "ubuntu-latest-arm64"; nixTag = "arm64"; }))
    ../nixos/grafana.nix
    ../nixos/loki.nix
    ../nixos/telegraf.nix
    ../nixos/tailscale.nix
    ../nixos/unbound.nix
--- a/system/nixos/grafana.nix
+++ b/system/nixos/grafana.nix
@ -0,0 +1,36 @@
 let
  fqdn = "grafana.internal.kempkens.network";
 in
 {
  services.grafana = {
    enable = true;
    settings = {
      analytics.reporting_enabled = false;
      server = {
        root_url = "https://${fqdn}";
        domain = fqdn;
        enforce_domain = true;
        enable_gzip = true;
        http_addr = "127.0.0.1";
        http_port = 3099;
      };
    };
  };
  services.nginx.virtualHosts."${fqdn}" = {
    quic = true;
    http3 = true;
    onlySSL = true;
    useACMEHost = "internal.kempkens.network";
    locations."/" = {
      recommendedProxySettings = true;
      proxyPass = "http://127.0.0.1:3099";
      proxyWebsockets = true;
    };
  };
 }
--- a/system/nixos/loki.nix
+++ b/system/nixos/loki.nix
@ -0,0 +1,39 @@
 {
  services.loki = {
    enable = true;
    configuration = {
      auth_enabled = false;
      analytics.reporting_enabled = false;
      server = {
        http_listen_port = 3100;
      };
      common = {
        ring = {
          instance_addr = "127.0.0.1";
          kvstore.store = "inmemory";
        };
        replication_factor = 1;
        path_prefix = "/var/lib/loki/common";
      };
      schema_config = {
        configs = [
          {
            from = "2024-01-23";
            store = "tsdb";
            object_store = "filesystem";
            schema = "v12";
            index = {
              prefix = "index_";
              period = "24h";
            };
          }
        ];
      };
    };
  };
 }
--- a/system/nixos/telegraf.nix
+++ b/system/nixos/telegraf.nix
@ -0,0 +1,25 @@
 {
  services.telegraf = {
    enable = true;
    extraConfig = {
      inputs = {
        syslog = {
          server = "udp://:6514";
          syslog_standard = "RFC3164";
          best_effort = true;
        };
      };
      outputs = {
        loki = {
          domain = "http://127.0.0.1:3100";
          endpoint = "/loki/api/v1/push";
          timeout = "15s";
        };
      };
    };
  };
  networking.firewall.interfaces."vlan777".allowedUDPPorts = [ 6514 ];
 }