docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/compose.yaml.j2') }}"
docker_compose__configuration_files:
  - name: grafana.ini
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/grafana.ini.j2') }}"
  - name: grafana-datasource.yml
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml') }}"
  - name: prometheus.yml
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus.yml') }}"
  - name: alertmanager.yaml
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2') }}"
  - name: prometheus_alerts.rules.yaml
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml') }}"
  - name: alertmanager_alert_templates.tmpl
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}"
  - name: loki.yaml
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/loki.yaml') }}"
  - name: ntfy-alertmanager-ccchh-critical
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2') }}"
  - name: ntfy-alertmanager-ccchh
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2') }}"
  - name: ntfy-alertmanager-fux-critical
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2') }}"
  - name: ntfy-alertmanager-fux
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2') }}"

certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
certbot__certificate_domains:
  - "grafana.hamburg.ccc.de"
  - "loki.hamburg.ccc.de"
  - "metrics.hamburg.ccc.de"

certbot__new_cert_commands:
  - "systemctl reload nginx.service"

nginx__version_spec: ""
nginx__deploy_redirect_conf: false
nginx__deploy_htpasswds: true
nginx__htpasswds:
  - name: loki
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/loki.htpasswd.j2') }}"
  - name: metrics
    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2') }}"
nginx__configurations:
  - name: redirectv6
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/redirect.conf') }}"
  - name: grafana.hamburg.ccc.de
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf') }}"
  - name: loki.hamburg.ccc.de
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf') }}"
  - name: metrics.hamburg.ccc.de
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf') }}"


alloy_config: |
  prometheus.remote_write "default" {
    endpoint {
      url = "https://metrics.hamburg.ccc.de/api/v1/write"
      basic_auth {
        username = "chaos"
        password = "{{ secret__metrics_chaos }}"
      }
    }
  }
  loki.write "default" {
    endpoint {
      url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
      basic_auth {
        username = "chaos"
        password = "{{ secret__loki_chaos }}"
      }
    }
  }

  loki.relabel "journal" {
    forward_to = []

    rule {
      source_labels = ["__journal__systemd_unit"]
      target_label  = "systemd_unit"
    }
    rule {
      source_labels = ["__journal__hostname"]
      target_label = "instance"
    }
    rule {
      source_labels = ["__journal__transport"]
      target_label = "systemd_transport"
    }
    rule {
      source_labels = ["__journal_syslog_identifier"]
      target_label = "syslog_identifier"
    }
    rule {
      source_labels = ["__journal_priority_keyword"]
      target_label  = "level"
    }
    rule {
      source_labels = ["__journal__hostname"]
      target_label = "host"
      regex  = "([^:]+)"
      replacement = "${1}.hamburg.ccc.de"
      action = "replace"
    }
  }

  loki.source.journal "read_journal"  {
    forward_to    = [loki.write.default.receiver]
    relabel_rules = loki.relabel.journal.rules
    format_as_json = true
    labels        = {component = "loki.source.journal", org = "ccchh"}
  }

  logging {
    level = "info"
  }
  prometheus.exporter.unix "local_system" {
    enable_collectors = ["systemd"]
  }

  prometheus.relabel "default" {
    forward_to = [prometheus.remote_write.default.receiver]
    rule {
      target_label = "org"
      replacement = "ccchh"
    }
    rule {
      source_labels = ["instance"]
      target_label = "host"
      regex  = "([^:]+)"
      replacement = "${1}.hamburg.ccc.de"
      action = "replace"
    }
  }

  prometheus.scrape "scrape_metrics" {
    targets           = prometheus.exporter.unix.local_system.targets
    forward_to        = [prometheus.relabel.default.receiver]
  }