nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull Requests Releases Wiki Activity

LoutreOS: indexation de logs nginx avec Loki

Browse Source
This commit is contained in:
nyanloutre 2021-01-06 02:12:01 +01:00
parent 8a2ca1fa21
commit 21740ed665
3 changed files with 111 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
systems/LoutreOS/monitoring.nix
View File

@ -112,8 +112,99 @@ in
ZED_EMAIL_ADDR = [ "paul@nyanlout.re" ];
ZED_NOTIFY_VERBOSE = true;
};
loki = {
enable = true;
configuration = {
auth_enabled = false;
server.http_listen_port = 3100;
ingester = {
lifecycler = {
address = "127.0.0.1";
ring = {
kvstore.store = "inmemory";
replication_factor = 1;
};
};
chunk_idle_period = "1h";
chunk_target_size = 1000000;
};
schema_config.configs = [
{
from = "2018-04-15";
store = "boltdb";
object_store = "filesystem";
schema = "v11";
index = {
prefix = "index_";
period = "168h";
};
}
];
storage_config = {
boltdb.directory = "/var/lib/loki/index";
filesystem.directory = "/var/lib/loki/chunks";
};
limits_config = {
enforce_metric_name = false;
reject_old_samples = true;
reject_old_samples_max_age = "168h";
};
chunk_store_config.max_look_back_period = "168h";
table_manager = {
retention_deletes_enabled = true;
retention_period = "168h";
};
};
};
promtail = {
enable = true;
configuration = {
server = {
http_listen_port = 9080;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [ { url = "http://127.0.0.1:3100/loki/api/v1/push"; } ];
scrape_configs = [
{
job_name = "nginx";
static_configs = [
{
labels = {
job = "nginx";
__path__ = "/var/log/nginx/*log";
};
}
];
pipeline_stages = [
{
match = {
selector = ''{job="nginx"}'';
stages = [
{
regex.expression = ''^(?P<remote_addr>[\w\.]+) - (?P<remote_user>[^ ]*) \[(?P<time_local>.*)\] "(?P<method>[^ ]*) (?P<request>[^ ]*) (?P<protocol>[^ ]*)" (?P<status>[\d]+) (?P<body_bytes_sent>[\d]+) "(?P<http_referer>[^"]*)" "(?P<http_user_agent>[^"]*)"?'';
}
{
labels = {
method = null;
request = null;
status = null;
};
}
];
};
}
];
}
];
};
};
};
systemd.services.promtail.serviceConfig.SupplementaryGroups = [ "nginx" ];
security.sudo.extraRules = [
{ commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; }
];

14
systems/LoutreOS/services.nix
View File

@ -35,6 +35,20 @@ in
];
services = {
logrotate = {
enable = true;
paths = {
nginx = {
path = "/var/log/nginx/*.log";
user = config.services.nginx.user;
group = config.services.nginx.group;
keep = 7;
extraConfig = ''
compress
'';
};
};
};
fail2ban.enable = true;

7
systems/LoutreOS/web.nix
View File

@ -222,7 +222,12 @@ in
include ${pkgs.nginx}/conf/fastcgi.conf;
'';
};
} // { root = "/mnt/medias/iso_linux"; };
} // {
root = "/mnt/medias/iso_linux";
extraConfig = ''
access_log /var/log/nginx/$host.log;
'';
};
};
appendConfig = let
rootLocation = config.services.nginx.virtualHosts."stream.nyanlout.re".locations."/".root;