modules/nixos/promtail.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

{
  config,
  lib,
  this,
  ...
}:
with lib; let
  cfg = config.nixfiles.modules.promtail;
in {
  options.nixfiles.modules.promtail = {
    enable = mkEnableOption "Promtail";

    loki = {
      url = mkOption {
        description = "Address of a listening Loki service.";
        type = with types; str;
        default = "https://${config.nixfiles.modules.loki.domain}";
      };
    };
  };

  config = mkIf cfg.enable {
    services.promtail = {
      enable = true;

      configuration = {
        server = rec {
          http_listen_address = this.wireguard.ipv4.address;
          http_listen_port = 30181;

          grpc_listen_address = this.wireguard.ipv4.address;
          grpc_listen_port = http_listen_port + 1;

          log_level = "warn";
        };

        clients = [
          {
            url = "${cfg.loki.url}/loki/api/v1/push";
            external_labels.host_id = config.networking.hostId;
          }
        ];

        positions.filename = "/tmp/positions.yaml";

        scrape_configs = [
          {
            job_name = "journal";
            journal.max_age = "24h";
            relabel_configs =
              map (n: let
                label = toLower n;
              in {
                source_labels = ["__journal_${label}"];
                target_label =
                  if hasPrefix "_" label
                  then substring 1 (stringLength label - 1) label
                  else label;
              }) [
                # Derived from systemd.journal fields[1][2].
                #
                # [1]: https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html
                # [2]: https://github.com/coreos/go-systemd/blob/main/sdjournal/journal.go#L335

                "MESSAGE"
                "MESSAGE_ID"
                "PRIORITY"
                # "CODE_FILE"
                # "CODE_LINE"
                # "CODE_FUNC"
                "ERRNO"
                "SYSLOG_FACILITY"
                "SYSLOG_IDENTIFIER"
                "SYSLOG_PID"
                "_PID"
                "_UID"
                "_GID"
                # "_COMM"
                # "_EXE"
                "_CMDLINE"
                # "_CAP_EFFECTIVE"
                # "_AUDIT_SESSION"
                # "_AUDIT_LOGINUID"
                # "_SYSTEMD_CGROUP"
                # "_SYSTEMD_SESSION"
                "_SYSTEMD_UNIT"
                "_SYSTEMD_USER_UNIT"
                # "_SYSTEMD_OWNER_UID"
                # "_SYSTEMD_SLICE"
                # "_SELINUX_CONTEXT"
                # "_SOURCE_REALTIME_TIMESTAMP"
                "_BOOT_ID"
                "_MACHINE_ID"
                "_HOSTNAME"
                "_TRANSPORT"
                # "__CURSOR"
                # "__REALTIME_TIMESTAMP"
                # "__MONOTONIC_TIMESTAMP"
              ];
          }
        ];
      };
    };
  };
}