public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #103289 from Mic92/loki

Browse Source
This commit is contained in:
Jörg Thalheim 2020-11-10 11:03:19 +01:00 committed by GitHub
commit 8cc52aa5d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nixos/modules/services/logging/promtail.nix
View File

@ -6,25 +6,14 @@ let
echo '${builtins.toJSON conf}' | ${pkgs.buildPackages.jq}/bin/jq 'del(._module)' > $out echo '${builtins.toJSON conf}' | ${pkgs.buildPackages.jq}/bin/jq 'del(._module)' > $out
''; '';
allowSystemdJournal = cfg.configuration ? scrape_configs && lib.any (v: v ? journal) cfg.configuration.scrape_configs;
in { in {
options.services.promtail = with types; { options.services.promtail = with types; {
enable = mkEnableOption "the Promtail ingresser"; enable = mkEnableOption "the Promtail ingresser";
configuration = mkOption { configuration = mkOption {
type = with lib.types; let type = (pkgs.formats.json {}).type;
valueType = nullOr (oneOf [
bool
int
float
str
(lazyAttrsOf valueType)
(listOf valueType)
]) // {
description = "JSON value";
emptyValue.value = {};
deprecationMessage = null;
};
in valueType;
description = '' description = ''
Specify the configuration for Promtail in Nix. Specify the configuration for Promtail in Nix.
''; '';
@ -80,6 +69,8 @@ in {
RestrictRealtime = true; RestrictRealtime = true;
MemoryDenyWriteExecute = true; MemoryDenyWriteExecute = true;
PrivateUsers = true; PrivateUsers = true;
SupplementaryGroups = lib.optional (allowSystemdJournal) "systemd-journal";
} // (optionalAttrs (!pkgs.stdenv.isAarch64) { # FIXME: figure out why this breaks on aarch64 } // (optionalAttrs (!pkgs.stdenv.isAarch64) { # FIXME: figure out why this breaks on aarch64
SystemCallFilter = "@system-service"; SystemCallFilter = "@system-service";
}); });

4
nixos/modules/services/monitoring/loki.nix
View File

@ -39,7 +39,7 @@ in {
}; };
configuration = mkOption { configuration = mkOption {
type = types.attrs; type = (pkgs.formats.json {}).type;
default = {}; default = {};
description = '' description = ''
Specify the configuration for Loki in Nix. Specify the configuration for Loki in Nix.
@ -78,6 +78,8 @@ in {
''; '';
}]; }];
environment.systemPackages = [ pkgs.grafana-loki ]; # logcli
users.groups.${cfg.group} = { }; users.groups.${cfg.group} = { };
users.users.${cfg.user} = { users.users.${cfg.user} = {
description = "Loki Service User"; description = "Loki Service User";

2
nixos/tests/loki.nix
View File

@ -45,6 +45,8 @@ import ./make-test-python.nix ({ lib, pkgs, ... }:
machine.wait_for_open_port(3100) machine.wait_for_open_port(3100)
machine.wait_for_open_port(9080) machine.wait_for_open_port(9080)
machine.succeed("echo 'Loki Ingestion Test' > /var/log/testlog") machine.succeed("echo 'Loki Ingestion Test' > /var/log/testlog")
# should not have access to journal unless specified
machine.fail("systemctl show --property=SupplementaryGroups promtail | grep -q systemd-journal")
machine.wait_until_succeeds( machine.wait_until_succeeds(
"${pkgs.grafana-loki}/bin/logcli --addr='http://localhost:3100' query --no-labels '{job=\"varlogs\",filename=\"/var/log/testlog\"}' | grep -q 'Loki Ingestion Test'" "${pkgs.grafana-loki}/bin/logcli --addr='http://localhost:3100' query --no-labels '{job=\"varlogs\",filename=\"/var/log/testlog\"}' | grep -q 'Loki Ingestion Test'"
) )

12
pkgs/servers/monitoring/loki/default.nix
View File

@ -1,4 +1,12 @@
{ stdenv, lib, buildGoModule, fetchFromGitHub, makeWrapper, systemd, fetchpatch }: { stdenv
, lib
, buildGoModule
, fetchFromGitHub
, makeWrapper
, nixosTests
, systemd
, fetchpatch
}:
buildGoModule rec { buildGoModule rec {
version = "2.0.0"; version = "2.0.0";
@ -32,6 +40,8 @@ buildGoModule rec {
--prefix LD_LIBRARY_PATH : "${lib.getLib systemd}/lib" --prefix LD_LIBRARY_PATH : "${lib.getLib systemd}/lib"
''; '';
passthru.tests = { inherit (nixosTests) loki; };
doCheck = true; doCheck = true;
meta = with stdenv.lib; { meta = with stdenv.lib; {