From 227e6100242d433338bc3a8f65e8843e07b8b02d Mon Sep 17 00:00:00 2001 From: Tigor Hutasuhut Date: Fri, 6 Sep 2024 21:13:31 +0700 Subject: [PATCH] telemetry: deployed alloy --- options/services.nix | 4 ++ system/podman/soulseek.nix | 4 -- system/services/telemetry/alloy.nix | 95 +++++++++++++++++++++++++++ system/services/telemetry/default.nix | 1 + 4 files changed, 100 insertions(+), 4 deletions(-) create mode 100644 system/services/telemetry/alloy.nix diff --git a/options/services.nix b/options/services.nix index 5e630aa..d433b41 100644 --- a/options/services.nix +++ b/options/services.nix @@ -51,6 +51,10 @@ in type = types.bool; default = config.profile.services.telemetry.enable; }; + alloy.enable = mkOption { + type = types.bool; + default = config.profile.services.telemetry.enable; + }; }; }; } diff --git a/system/podman/soulseek.nix b/system/podman/soulseek.nix index 1b0c383..1703d9e 100644 --- a/system/podman/soulseek.nix +++ b/system/podman/soulseek.nix @@ -46,10 +46,6 @@ in }; }; - # systemd.services."caddy".serviceConfig = { - # EnvironmentFile = [ config.sops.templates.${basic_auth.template}.path ]; - # }; - system.activationScripts."podman-${name}" = '' mkdir -p ${rootVolume}/{config,downloads,incomplete} chown ${uid}:${gid} ${rootVolume} ${rootVolume}/{config,downloads,incomplete} diff --git a/system/services/telemetry/alloy.nix b/system/services/telemetry/alloy.nix new file mode 100644 index 0000000..77f88c8 --- /dev/null +++ b/system/services/telemetry/alloy.nix @@ -0,0 +1,95 @@ +{ config, lib, inputs, unstable, ... }: +let + cfg = config.profile.services.telemetry.alloy; + webguiListenAddress = "0.0.0.0:5319"; + domain = "alloy.tigor.web.id"; +in +{ + imports = [ + # Grafana Alloy is still in unstable options. + "${inputs.nixpkgs-unstable}/nixos/modules/services/monitoring/alloy.nix" + ]; + + config = lib.mkIf cfg.enable { + services.alloy = { + enable = true; + extraFlags = [ + ''--server.http.listen-addr=${webguiListenAddress}'' + ]; + package = unstable.grafana-alloy; + }; + + + sops = { + secrets = + let + opts = { }; + in + { + "caddy/basic_auth/username" = opts; + "caddy/basic_auth/password" = opts; + }; + templates = { + "alloy-basic-auth".content = /*sh*/ '' + ALLOY_USERNAME=${config.sops.placeholder."caddy/basic_auth/username"} + ALLOY_PASSWORD=${config.sops.placeholder."caddy/basic_auth/password"} + ''; + }; + }; + + services.caddy.virtualHosts.${domain}.extraConfig = '' + @require_auth not remote_ip private_ranges + + basicauth @require_auth { + {$ALLOY_USERNAME} {$ALLOY_PASSWORD} + } + + reverse_proxy ${webguiListenAddress} + ''; + + systemd.services.caddy.serviceConfig.EnvironmentFile = [ + config.sops.templates."alloy-basic-auth".path + ]; + + + environment.etc."alloy/config.alloy".text = + let + lokiConfig = config.services.loki.configuration; + in + /*hcl*/ '' + otelcol.receiver.otlp "homeserver" { + grpc { + endpoint = "0.0.0.0:5317" + } + + http { + endpoint = "0.0.0.0:5318" + } + + output { + // metrics = [otelcol.processor.batch.default.input] + logs = [otelcol.processor.batch.default.input] + // traces = [otelcol.processor.batch.default.input] + } + } + + otelcol.processor.batch "default" { + output { + // metrics = [otelcol.exporter.loki.default.input] + logs = [otelcol.exporter.loki.default.input] + // traces = [otelcol.exporter.otlp.default.input] + } + } + + otelcol.exporter.loki "default" { + forward_to = [loki.write.default.receiver] + } + + loki.write "default" { + endpoint { + url = "http://${lokiConfig.server.http_listen_address}:${toString lokiConfig.server.http_listen_port}" + } + } + ''; + }; +} diff --git a/system/services/telemetry/default.nix b/system/services/telemetry/default.nix index 0200a4c..6a1e542 100644 --- a/system/services/telemetry/default.nix +++ b/system/services/telemetry/default.nix @@ -4,5 +4,6 @@ ./grafana.nix ./loki.nix ./tempo.nix + ./alloy.nix ]; }