{ config, lib, pkgs, ... }: with lib; let cfg = config.nixfiles.modules.loki; in { options.nixfiles.modules.loki = { enable = mkEnableOption "Loki"; port = mkOption { description = "Port."; type = with types; port; default = 30171; }; domain = mkOption { description = "Domain name sans protocol scheme."; type = with types; str; default = "loki.${config.networking.domain}"; }; }; config = mkIf cfg.enable { nixfiles.modules.nginx = with cfg; { enable = true; virtualHosts.${domain}.locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; extraConfig = '' if ($internal != 1) { return 403; } ''; }; }; services.loki = { enable = true; configuration = rec { auth_enabled = false; server = rec { http_listen_address = "127.0.0.1"; http_listen_port = cfg.port; grpc_listen_address = "127.0.0.1"; grpc_listen_port = http_listen_port + 1; log_level = "warn"; }; common = rec { path_prefix = "/var/lib/loki"; storage.filesystem = { chunks_directory = "${path_prefix}/chunker"; rules_directory = "${path_prefix}/ruler"; }; replication_factor = 1; instance_interface_names = ["lo"]; ring = { instance_addr = "127.0.0.1"; kvstore.store = "inmemory"; }; }; ruler = { rule_path = "${common.path_prefix}/ruler"; storage = { type = "local"; local.directory = pkgs.writeTextDir "ruler/ruler.yml" (generators.toJSON {} {groups = [{name = "default";}];}); }; }; schema_config.configs = [ { from = "2020-01-01"; store = "boltdb-shipper"; object_store = "filesystem"; schema = "v11"; index = { prefix = "index_"; period = "24h"; }; chunks = { prefix = "chunks_"; period = "24h"; }; } ]; analytics.reporting_enabled = false; }; }; systemd.tmpfiles.rules = [ "d /var/lib/loki 0700 loki loki - -" "d /var/lib/loki/ruler 0700 loki loki - -" ]; }; }