EH22/nox
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

monitoring: move alloy to nix module

Browse source
This commit is contained in:
chris 2025-03-14 19:36:54 +01:00
parent 9590463580
commit fa61e32fca
Signed by: c6ristian
SSH key fingerprint: SHA256:B3m+yzpaxGXSEcDBpPHfvza/DNC0wuX+CKMeGq8wgak
6 changed files with 103 additions and 54 deletions
modules
alloy.nix

81
modules/alloy.nix Normal file
View file

@ -0,0 +1,81 @@
{
modulesPath,
config,
lib,
pkgs,
...
}:
{
sops = {
secrets."services/loki/basic_auth" = {
mode = "0440";
owner = "alloy";
group = "alloy";
restartUnits = [ "alloy.service" ];
sopsFile = ../secrets/passwords.yaml;
};
secrets."services/mimir/basic_auth" = {
mode = "0440";
owner = "alloy";
group = "alloy";
restartUnits = [ "alloy.service" ];
sopsFile = ../secrets/passwords.yaml;
};
};
services.alloy = {
enable = true;
configPath = "/etc/alloy/config.alloy";
};
environment.etc."alloy/config.alloy" = {
text = ''
prometheus.remote_write "default" {
endpoint {
url = "http://mimir.noc.eh22.intern/api/v1/push"
basic_auth {
username = "noc"
password_file = "${config.sops.secrets."services/mimir/basic_auth".path}"
}
}
}
loki.write "default" {
endpoint {
url = "http://loki.noc.eh22.intern/loki/api/v1/push"
basic_auth {
username = "noc"
password_file = "${config.sops.secrets."services/loki/basic_auth".path}"
}
}
}
loki.relabel "journal" {
forward_to = []
rule {
source_labels = ["__journal__systemd_unit"]
target_label = "unit"
}
}
loki.source.journal "read_journal" {
forward_to = [loki.write.default.receiver]
relabel_rules = loki.relabel.journal.rules
labels = {component = "loki.source.journal", host = "${config.networking.hostName}"}
}
logging {
level = "info"
format = "logfmt"
}
prometheus.exporter.unix "local_system" { }
prometheus.scrape "scrape_metrics" {
targets = prometheus.exporter.unix.local_system.targets
forward_to = [prometheus.remote_write.default.receiver]
scrape_interval = "10s"
}
'';
};
}