86 lines
2.1 KiB
Nix
86 lines
2.1 KiB
Nix
|
{ config, lib, ... }:
|
||
|
|
||
|
let
|
||
|
cfg = config.services.loki;
|
||
|
nginxCfg = config.services.nginx;
|
||
|
basePath = "/var/lib/loki";
|
||
|
in
|
||
|
{
|
||
|
age.secrets.loki-basicauth = {
|
||
|
file = ./loki-basicauth.age;
|
||
|
owner = nginxCfg.user;
|
||
|
inherit (nginxCfg) group;
|
||
|
};
|
||
|
|
||
|
services.loki = {
|
||
|
enable = true;
|
||
|
configuration = {
|
||
|
auth_enabled = false;
|
||
|
server = {
|
||
|
http_listen_address = "127.0.0.1";
|
||
|
http_listen_port = 3100;
|
||
|
};
|
||
|
common = {
|
||
|
path_prefix = basePath;
|
||
|
};
|
||
|
ingester = {
|
||
|
lifecycler = {
|
||
|
address = "127.0.0.1";
|
||
|
ring = {
|
||
|
kvstore = {
|
||
|
store = "inmemory";
|
||
|
};
|
||
|
replication_factor = 1;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
compactor = {
|
||
|
working_directory = "${basePath}/compactor";
|
||
|
};
|
||
|
schema_config = {
|
||
|
configs = [
|
||
|
{
|
||
|
from = "2025-02-04";
|
||
|
store = "tsdb";
|
||
|
object_store = "filesystem";
|
||
|
schema = "v13";
|
||
|
index = {
|
||
|
prefix = "index_";
|
||
|
period = "24h";
|
||
|
};
|
||
|
}
|
||
|
];
|
||
|
};
|
||
|
storage_config = {
|
||
|
filesystem = {
|
||
|
directory = "${basePath}/chunks";
|
||
|
};
|
||
|
tsdb_shipper = {
|
||
|
active_index_directory = "${basePath}/tsdb-index";
|
||
|
cache_location = "${basePath}/tsdb-cache";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
# Лимиты
|
||
|
limits_config = {
|
||
|
reject_old_samples = true;
|
||
|
reject_old_samples_max_age = "168h"; # Максимальный возраст логов (7 дней)
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
|
||
|
systemd.tmpfiles.rules = lib.mkIf cfg.enable [
|
||
|
"d ${basePath} 0755 ${cfg.user} ${cfg.group} -"
|
||
|
];
|
||
|
|
||
|
services.nginx.virtualHosts."loki.pleshevski.ru" = lib.mkIf cfg.enable {
|
||
|
enableACME = true;
|
||
|
forceSSL = true;
|
||
|
locations."/" = let inherit (cfg.configuration.server) http_listen_port http_listen_address; in {
|
||
|
proxyPass = "http://${http_listen_address}:${toString http_listen_port}";
|
||
|
proxyWebsockets = true;
|
||
|
basicAuthFile = config.age.secrets.loki-basicauth.path;
|
||
|
};
|
||
|
};
|
||
|
}
|