privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/monitoring: prepare loki for s3

Browse source
This commit is contained in:
Max Headroom 2023-11-07 20:29:45 +01:00
parent 7fdafae1c2
commit ee8750f748
3 changed files with 33 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
cluster/services/monitoring/logging.nix
View file

@ -8,8 +8,12 @@ let
cfg = config.services.loki; cfg = config.services.loki;
in in
{ {
age.secrets.lokiSecrets.file = ./secrets/loki-secrets.age;
links.loki-grpc.protocol = "grpc"; links.loki-grpc.protocol = "grpc";
systemd.services.loki.after = [ "wireguard-wgmesh.service" ]; systemd.services.loki = {
after = [ "wireguard-wgmesh.service" ];
serviceConfig.EnvironmentFile = config.age.secrets.lokiSecrets.path;
};
services.loki = { services.loki = {
enable = true; enable = true;
dataDir = "/srv/storage/private/loki"; dataDir = "/srv/storage/private/loki";
@ -46,10 +50,37 @@ in
period = "168h"; period = "168h";
}; };
} }
{
from = "2023-11-08";
store = "boltdb-shipper";
object_store = "s3";
schema = "v11";
index = {
prefix = "index_";
period = "24h";
};
}
]; ];
storage_config = { storage_config = {
boltdb.directory = "${cfg.dataDir}/boltdb-index"; boltdb.directory = "${cfg.dataDir}/boltdb-index";
filesystem.directory = "${cfg.dataDir}/storage-chunks"; filesystem.directory = "${cfg.dataDir}/storage-chunks";
boltdb_shipper = {
shared_store = "s3";
active_index_directory = "${cfg.dataDir}/boltdb-shipper-index";
cache_location = "${cfg.dataDir}/boltdb-shipper-cache";
};
aws = {
endpoint = cluster.config.links.garageS3.url;
s3forcepathstyle = true;
bucketnames = "loki-chunks";
region = "us-east-1";
access_key_id = "\${AWS_ACCESS_KEY_ID}";
secret_access_key = "\${AWS_SECRET_ACCESS_KEY}";
};
};
compactor = {
shared_store = "s3";
working_directory = "${cfg.dataDir}/compactor-work";
}; };
limits_config = { limits_config = {
enforce_metric_name = false; enforce_metric_name = false;

BIN
cluster/services/monitoring/secrets/loki-secrets.age Normal file
View file

Binary file not shown.

1
secrets.nix
View file

@ -41,6 +41,7 @@ in with hosts;
"cluster/services/irc/irc-peer-key.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ]; "cluster/services/irc/irc-peer-key.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ];
"cluster/services/monitoring/secrets/grafana-db-credentials.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ]; "cluster/services/monitoring/secrets/grafana-db-credentials.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ];
"cluster/services/monitoring/secrets/grafana-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ]; "cluster/services/monitoring/secrets/grafana-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ];
"cluster/services/monitoring/secrets/loki-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"cluster/services/monitoring/secrets/secret-monitoring/blackbox.age".publicKeys = max ++ map systemKeys [ checkmate grail prophet ]; "cluster/services/monitoring/secrets/secret-monitoring/blackbox.age".publicKeys = max ++ map systemKeys [ checkmate grail prophet ];
"cluster/services/patroni/passwords/metrics.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ]; "cluster/services/patroni/passwords/metrics.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ];
"cluster/services/patroni/passwords/replication.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ]; "cluster/services/patroni/passwords/replication.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ];