NixOS/system/services/telemetry/tempo.nix

107 lines
2.9 KiB
Nix
Raw Normal View History

2024-09-02 18:17:03 +07:00
{ config, lib, ... }:
let
cfg = config.profile.services.telemetry.tempo;
inherit (lib) mkIf;
domain = "tempo.tigor.web.id";
basic_auth = {
username = "tempo/caddy/basic_auth/username";
password = "tempo/caddy/basic_auth/password";
template = "tempo/caddy/basic_auth";
};
server = config.services.tempo.settings.server;
in
{
config = mkIf cfg.enable {
sops = {
secrets =
let
opts = { sopsFile = ../../../secrets/telemetry.yaml; owner = "grafana"; };
in
{
${basic_auth.username} = opts;
${basic_auth.password} = opts;
};
templates = {
${basic_auth.template}.content = /*sh*/ ''
TEMPO_USERNAME=${config.sops.placeholder.${basic_auth.username}}
TEMPO_PASSWORD=${config.sops.placeholder.${basic_auth.password}}
'';
};
};
systemd.services."caddy".serviceConfig = {
EnvironmentFile = [ config.sops.templates.${basic_auth.template}.path ];
};
services.caddy.virtualHosts.${domain}.extraConfig = ''
@require_auth not remote_ip private_ranges
basicauth @require_auth {
2024-09-02 18:17:03 +07:00
{$TEMPO_USERNAME} {$TEMPO_PASSWORD}
}
reverse_proxy ${server.http_listen_address}:3200
2024-09-02 18:17:03 +07:00
'';
services.tempo = {
enable = true;
settings = {
server = {
http_listen_address = "0.0.0.0";
http_listen_port = 3200;
grpc_listen_port = 9096;
};
distributor = {
receivers = {
otlp = {
protocols = {
http = { };
};
};
};
};
storage.trace = {
backend = "local";
local.path = "/var/lib/tempo/traces";
wal.path = "/var/lib/tempo/wal";
};
ingester = {
lifecycler.ring.replication_factor = 1;
};
};
};
services.grafana.provision.datasources.settings.datasources = [
{
name = "Tempo";
type = "tempo";
access = "proxy";
url = "http://${server.http_listen_address}:${toString server.http_listen_port}";
basicAuth = false;
jsonData = {
nodeGraph.enabled = true;
search.hide = false;
traceQuery = {
timeShiftEnabled = true;
spanStartTimeShift = "1h";
spanEndTimeShift = "1h";
};
spanBar = {
type = "Tag";
tag = "http.path";
};
tracesToLogsV2 = mkIf config.profile.services.telemetry.loki.enable {
datasourceUid = "loki";
spanStartTimeShift = "-1h";
spanEndTimeShift = "1h";
tags = [ "job" "instance" "pod" "namespace" ];
filterByTraceID = false;
filterBySpanID = false;
customQuery = true;
query = ''method="$''${__span.tags.method}"'';
};
};
}
];
};
}