From 73f1874a595b402f5b46cf52895b992d7635161c Mon Sep 17 00:00:00 2001
From: c6ristian <c6ristian@christian.moe>
Date: Fri, 18 Apr 2025 16:22:30 +0200
Subject: [PATCH] alloy
---
deploy.yaml | 19 ++++++
inventories/eh22/host_vars/dhcp.yaml | 63 +++++++++++++++++++
inventories/eh22/host_vars/resolv-dns.yaml | 63 +++++++++++++++++++
.../files/unbound.conf.d/local-data.conf | 6 +-
4 files changed, 148 insertions(+), 3 deletions(-)
create mode 100644 inventories/eh22/host_vars/dhcp.yaml
create mode 100644 inventories/eh22/host_vars/resolv-dns.yaml
diff --git a/deploy.yaml b/deploy.yaml
index eda80d1..ce5c87a 100644
--- a/deploy.yaml
+++ b/deploy.yaml
@@ -86,3 +86,22 @@
state: restarted
daemon_reload: true
become: true
+
+
+- name: Install Alloy
+ hosts: resolv-dns
+ become: true
+
+ tasks:
+ - name: Install Alloy
+ ansible.builtin.include_role:
+ name: grafana.grafana.alloy
+
+- name: Install Alloy
+ hosts: dhcp
+ become: true
+
+ tasks:
+ - name: Install Alloy
+ ansible.builtin.include_role:
+ name: grafana.grafana.alloy
\ No newline at end of file
diff --git a/inventories/eh22/host_vars/dhcp.yaml b/inventories/eh22/host_vars/dhcp.yaml
new file mode 100644
index 0000000..354f201
--- /dev/null
+++ b/inventories/eh22/host_vars/dhcp.yaml
@@ -0,0 +1,63 @@
+alloy_config: |
+ prometheus.remote_write "default" {
+ endpoint {
+ url = "http://mimir.noc.eh22.intern/api/v1/push"
+ basic_auth {
+ username = "noc"
+ password = "{{ (lookup('community.sops.sops', 'secrets/passwords.yaml') | ansible.builtin.from_yaml)['services']['mimir']['basic_auth'] }}"
+ }
+ }
+ }
+ loki.write "default" {
+ endpoint {
+ url = "http://loki.noc.eh22.intern/loki/api/v1/push"
+ basic_auth {
+ username = "noc"
+ password = "{{ (lookup('community.sops.sops', 'secrets/passwords.yaml') | ansible.builtin.from_yaml)['services']['loki']['basic_auth'] }}"
+ }
+ }
+ }
+
+ loki.relabel "journal" {
+ forward_to = []
+
+ rule {
+ source_labels = ["__journal__systemd_unit"]
+ target_label = "systemd_unit"
+ }
+ rule {
+ source_labels = ["__journal__hostname"]
+ target_label = "instance"
+ }
+ rule {
+ source_labels = ["__journal__transport"]
+ target_label = "systemd_transport"
+ }
+ rule {
+ source_labels = ["__journal_syslog_identifier"]
+ target_label = "syslog_identifier"
+ }
+ rule {
+ source_labels = ["__journal_priority_keyword"]
+ target_label = "level"
+ }
+ }
+
+ loki.source.journal "read_journal" {
+ forward_to = [loki.write.default.receiver]
+ relabel_rules = loki.relabel.journal.rules
+ format_as_json = true
+ labels = {component = "loki.source.journal", host = "dhcp"}
+ }
+
+ logging {
+ level = "info"
+ }
+ prometheus.exporter.unix "local_system" { }
+
+ prometheus.scrape "scrape_metrics" {
+ targets = prometheus.exporter.unix.local_system.targets
+ forward_to = [prometheus.remote_write.default.receiver]
+ scrape_interval = "10s"
+ }
+
diff --git a/inventories/eh22/host_vars/resolv-dns.yaml b/inventories/eh22/host_vars/resolv-dns.yaml
new file mode 100644
index 0000000..0264d81
--- /dev/null
+++ b/inventories/eh22/host_vars/resolv-dns.yaml
@@ -0,0 +1,63 @@
+alloy_config: |
+ prometheus.remote_write "default" {
+ endpoint {
+ url = "http://mimir.noc.eh22.intern/api/v1/push"
+ basic_auth {
+ username = "noc"
+ password = "{{ (lookup('community.sops.sops', 'secrets/passwords.yaml') | ansible.builtin.from_yaml)['services']['mimir']['basic_auth'] }}"
+ }
+ }
+ }
+ loki.write "default" {
+ endpoint {
+ url = "http://loki.noc.eh22.intern/loki/api/v1/push"
+ basic_auth {
+ username = "noc"
+ password = "{{ (lookup('community.sops.sops', 'secrets/passwords.yaml') | ansible.builtin.from_yaml)['services']['loki']['basic_auth'] }}"
+ }
+ }
+ }
+
+ loki.relabel "journal" {
+ forward_to = []
+
+ rule {
+ source_labels = ["__journal__systemd_unit"]
+ target_label = "systemd_unit"
+ }
+ rule {
+ source_labels = ["__journal__hostname"]
+ target_label = "instance"
+ }
+ rule {
+ source_labels = ["__journal__transport"]
+ target_label = "systemd_transport"
+ }
+ rule {
+ source_labels = ["__journal_syslog_identifier"]
+ target_label = "syslog_identifier"
+ }
+ rule {
+ source_labels = ["__journal_priority_keyword"]
+ target_label = "level"
+ }
+ }
+
+ loki.source.journal "read_journal" {
+ forward_to = [loki.write.default.receiver]
+ relabel_rules = loki.relabel.journal.rules
+ format_as_json = true
+ labels = {component = "loki.source.journal", host = "resolv-dns"}
+ }
+
+ logging {
+ level = "info"
+ }
+ prometheus.exporter.unix "local_system" { }
+
+ prometheus.scrape "scrape_metrics" {
+ targets = prometheus.exporter.unix.local_system.targets
+ forward_to = [prometheus.remote_write.default.receiver]
+ scrape_interval = "10s"
+ }
+
diff --git a/resources/resolv-dns/files/unbound.conf.d/local-data.conf b/resources/resolv-dns/files/unbound.conf.d/local-data.conf
index a82dc5b..16f6bde 100644
--- a/resources/resolv-dns/files/unbound.conf.d/local-data.conf
+++ b/resources/resolv-dns/files/unbound.conf.d/local-data.conf
@@ -1,9 +1,9 @@
server:
local-data: "cookies.eh22.intern. A 94.45.254.3"
local-data: "jool.eh22.intern. 0 IN A 94.45.254.4"
- local-data: "grafana.noc.eh22.intern. CNAME monitoring.noc.eh22.intern"
- local-data: "loki.noc.eh22.intern. CNAME monitoring.noc.eh22.intern"
- local-data: "mimir.noc.eh22.intern. CNAME monitoring.noc.eh22.intern"
+ local-data: "grafana.noc.eh22.intern. A 94.45.254.5"
+ local-data: "loki.noc.eh22.intern. A 94.45.254.5"
+ local-data: "mimir.noc.eh22.intern. A 94.45.254.5"
local-data: "monitoring.noc.eh22.intern. A 94.45.254.5"
local-data: "proxmox.noc.eh22.intern. A 94.45.255.2"
local-data: "router.noc.eh22.intern. A 94.45.255.2"