From 3aa5a5cb1096d67d047cc7717bd3efc51c234a69 Mon Sep 17 00:00:00 2001
From: RGBCube <git@rgbcu.be>
Date: Sat, 13 Jan 2024 22:34:01 +0300
Subject: [PATCH] Add Loki

---
 hosts/cube/loki.nix       | 101 ++++++++++++++++++++++++++++++++++++++
 hosts/cube/mail.nix       |   2 +-
 hosts/cube/nginx.nix      |   2 +-
 hosts/cube/postgresql.nix |   4 +-
 hosts/cube/prometheus.nix |   5 +-
 5 files changed, 109 insertions(+), 5 deletions(-)
 create mode 100644 hosts/cube/loki.nix

diff --git a/hosts/cube/loki.nix b/hosts/cube/loki.nix
new file mode 100644
index 0000000..b41c7ed
--- /dev/null
+++ b/hosts/cube/loki.nix
@@ -0,0 +1,101 @@
+{ config, ulib, ... }: with ulib;
+
+serverSystemConfiguration {
+  services.grafana.provision.datasources.settings.datasources = [{
+    name = "Loki";
+    type = "loki";
+    url  = "http://[::]:${toString config.services.promtail.configuration.server.http_listen_port}";
+  }];
+
+  services.promtail = enabled {
+    configuration = {
+      server.http_listen_port = 9002;
+      server.grpc_listen_port = 0;
+
+      positions.filename = "/tmp/promtail-positions.yml";
+
+      clients = [{
+        url = "http://[::]:${toString config.services.loki.configuration.server.http_listen_port}/loki/api/v1/push";
+      }];
+
+      scrape_configs = [{
+        job_name = "journal";
+
+        journal.max_age = "1w";
+        journal.labels  = {
+          job = "journal";
+          host = config.networking.hostName;
+        };
+
+        relabel_configs = [{
+          source_labels = [ "__journal__systemd_unit" ];
+          target_label  = "journal";
+        }];
+      }];
+    };
+  };
+
+  services.loki = enabled {
+    configuration = {
+      auth_enabled = false;
+
+      server.http_listen_port = 9001;
+
+      ingester = {
+        lifecycler.address     = "::";
+
+        lifecycler.ring = {
+          kvstore.store      = "inmemory";
+          replication_factor = 1;
+        };
+
+        chunk_idle_period    = "1h";
+        chunk_retain_period  = "1h";
+        chunk_target_size    = 999999;
+        max_chunk_age        = "1h";
+        max_transfer_retries = 0;
+      };
+
+      schema_config.configs = [{
+        from   = "2022-06-06";
+        schema = "v12";
+
+        store        = "boltdb-shipper";
+        object_store = "filesystem";
+
+        index.period = "24h";
+        index.prefix = "index_";
+      }];
+
+      storage_config = {
+        filesystem.directory = "/var/lib/loki/chunks";
+
+        boltdb_shipper = {
+          active_index_directory = "/var/lib/loki/boltdb-shipper-active";
+          cache_location         = "/var/lib/loki/boltdb-shipper-cache";
+          cache_ttl              = "1d";
+          shared_store           = "filesystem";
+        };
+      };
+
+      limits_config = {
+        reject_old_samples         = true;
+        reject_old_samples_max_age = "2w";
+      };
+
+      chunk_store_config.max_look_back_period = "0s";
+
+      table_manager = {
+        retention_deletes_enabled = false;
+        retention_period          = "0s";
+      };
+
+      compactor = {
+        compactor_ring.kvstore.store = "inmemory";
+        shared_store                 = "filesystem";
+
+        working_directory = "/var/lib/loki";
+      };
+    };
+  };
+}
diff --git a/hosts/cube/mail.nix b/hosts/cube/mail.nix
index 102c430..691adaa 100644
--- a/hosts/cube/mail.nix
+++ b/hosts/cube/mail.nix
@@ -6,7 +6,7 @@ let
   fqdn = "mail.${domain}";
 in serverSystemConfiguration {
   services.prometheus.exporters.postfix = enabled {
-    port = 9020;
+    port = 9030;
   };
 
   services.prometheus.scrapeConfigs = [{
diff --git a/hosts/cube/nginx.nix b/hosts/cube/nginx.nix
index a37113b..ade033d 100644
--- a/hosts/cube/nginx.nix
+++ b/hosts/cube/nginx.nix
@@ -4,7 +4,7 @@ serverSystemConfiguration {
   networking.firewall.allowedTCPPorts = [ 80 443 ];
 
   services.prometheus.exporters.nginx = enabled {
-    port = 9010;
+    port = 9020;
   };
 
   services.prometheus.scrapeConfigs = [{
diff --git a/hosts/cube/postgresql.nix b/hosts/cube/postgresql.nix
index 1623754..cbaec4b 100644
--- a/hosts/cube/postgresql.nix
+++ b/hosts/cube/postgresql.nix
@@ -2,7 +2,7 @@
 
 (serverSystemConfiguration {
   services.prometheus.exporters.postgres = enabled {
-    port                = 9030;
+    port                = 9040;
     runAsLocalSuperUser = true;
   };
 
@@ -33,6 +33,8 @@
     ensureDatabases = [ "grafana" "nextcloud" ];
 
     initialScript   = pkgs.writeText "postgresql-initial-script" ''
+      CREATE ROLE root WITH LOGIN PASSWORD NULL CREATEDB;
+
       CREATE ROLE grafana WITH LOGIN PASSWORD NULL CREATEDB;
       GRANT ALL PRIVILEGES ON DATABASE grafana TO grafana;
 
diff --git a/hosts/cube/prometheus.nix b/hosts/cube/prometheus.nix
index 437005f..76f46a8 100644
--- a/hosts/cube/prometheus.nix
+++ b/hosts/cube/prometheus.nix
@@ -8,11 +8,12 @@ serverSystemConfiguration {
   }];
 
   services.prometheus = enabled {
-    port = 9000;
+    port          = 9000;
+    retentionTime = "1w";
 
     exporters.node = enabled {
       enabledCollectors = [ "processes" "systemd" ];
-      port              = 9001;
+      port              = 9010;
     };
 
     scrapeConfigs = [{