From 55557f4fedd028638929c2185d310b553ee00943 Mon Sep 17 00:00:00 2001 From: Drew Haven Date: Sat, 22 Mar 2025 11:31:35 -0700 Subject: [PATCH] [metrics] Gets Loki and Prometheus set up with Grafana --- system/hosts/mcp/configuration.nix | 4 +++ system/hosts/mcp/containers/grafana.nix | 39 +++++++++++++++++++++- system/hosts/mcp/containers/lib.nix | 3 +- system/hosts/mcp/containers/prometheus.nix | 7 ++-- 4 files changed, 48 insertions(+), 5 deletions(-) diff --git a/system/hosts/mcp/configuration.nix b/system/hosts/mcp/configuration.nix index b69f881..422e813 100644 --- a/system/hosts/mcp/configuration.nix +++ b/system/hosts/mcp/configuration.nix @@ -103,6 +103,10 @@ enable = true; enabledCollectors = [ "systemd" ]; port = 9002; + # Open the firewall, but only listen on the internal address + # TODO: Add some form authentication + openFirewall = true; + listenAddress = "10.88.0.1"; }; }; }; diff --git a/system/hosts/mcp/containers/grafana.nix b/system/hosts/mcp/containers/grafana.nix index 978965f..08c1eb0 100644 --- a/system/hosts/mcp/containers/grafana.nix +++ b/system/hosts/mcp/containers/grafana.nix @@ -10,8 +10,10 @@ in { image = "grafana/grafana-enterprise"; dependsOn = [ "db" + "loki" ]; hostName = "grafana"; + domain = lib.blazestar; port = 3000; homepageOpts = { group = "Infra"; @@ -23,7 +25,42 @@ in { "grafana-storage:/var/lib/grafana" ]; environment = { - GF_SERVER_ROOT_URL = "https://grafna.havenisms.com"; + GF_SERVER_ROOT_URL = "https://grafana.${lib.blazestar}"; + }; + }; + + virtualisation.oci-containers.containers.loki = lib.mkContainer { + image = "grafana/loki"; + hostName = "loki"; + domain = lib.blazestar; + port = 3100; + homepageOpts = { + group = "Infra"; + icon = "loki.png"; + name = "Loki"; + description = "Log Database"; + }; + environment = {}; + }; + + services.promtail = { + enable = true; + configuration = { + server.http_listen_port = 9080; + clients = [ + { url = "https://loki.blazestar.net/loki/api/v1/push"; } + ]; + scrape_configs = [{ + job_name = "journal"; + journal = { + max_age = "12h"; + labels = { job = "systemd-journal"; }; + }; + relabel_configs = [{ + source_labels = ["__journal__systemd_unit"]; + target_label = "unit"; + }]; + }]; }; }; } diff --git a/system/hosts/mcp/containers/lib.nix b/system/hosts/mcp/containers/lib.nix index db165b5..49fb510 100644 --- a/system/hosts/mcp/containers/lib.nix +++ b/system/hosts/mcp/containers/lib.nix @@ -5,7 +5,8 @@ let hostRule = host: domain: "Host(`${host}.${domain}`)"; hostRuleHavenisms = host: hostRule host havenisms; localNet = "192.168.0.0/16"; - localNetRule = "ClientIP(`${localNet}`)"; + dockerNet = "10.88.0.0/16"; + localNetRule = "(ClientIP(`${localNet}`) || ClientIP(`${dockerNet}`))"; localHostRule = host: domain: "${localNetRule} && ${hostRule host domain}"; localHostRuleHavenisms = host: localHostRule host havenisms; in diff --git a/system/hosts/mcp/containers/prometheus.nix b/system/hosts/mcp/containers/prometheus.nix index 700e0a1..7bb2176 100644 --- a/system/hosts/mcp/containers/prometheus.nix +++ b/system/hosts/mcp/containers/prometheus.nix @@ -1,9 +1,10 @@ -{ config, pkgs, ... }: -let inherit (import ./lib.nix config) mkContainer; in +{ config, ... }: +let inherit (import ./lib.nix config) mkContainer blazestar; in { virtualisation.oci-containers.containers.prometheus = mkContainer { image = "prom/prometheus"; hostName = "prometheus"; + domain = blazestar; port = 9090; volumes = [ "/tank/config/prometheus:/etc/prometheus" @@ -17,4 +18,4 @@ let inherit (import ./lib.nix config) mkContainer; in description = "Prometheus monitoring"; }; }; -} \ No newline at end of file +}