From 39c5b05053bfa5a91f6e46455e277db1a15492d5 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Tue, 10 Oct 2023 16:48:03 +0200 Subject: [PATCH] Initial commit --- .gitignore | 3 +++ Makefile | 28 ++++++++++++++++++++++++++++ config-promtail-template.yml | 33 +++++++++++++++++++++++++++++++++ promtail.service | 35 +++++++++++++++++++++++++++++++++++ 4 files changed, 99 insertions(+) create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 config-promtail-template.yml create mode 100644 promtail.service diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2c0bda7 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +promtail-linux-amd64.zip +promtail-linux-amd64 +promtail diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..7f0f31b --- /dev/null +++ b/Makefile @@ -0,0 +1,28 @@ +LATEST_RELEASE = "v2.9.1" + +all: reload + +.PHONY: all reload install clean + +reload: install + systemctl daemon-reload + systemctl enable --now promtail + systemctl restart promtail + +install: promtail promtail.service generate-config + install -Dm755 promtail /usr/bin/promtail + install -Dm644 promtail.service /etc/systemd/system/ + +promtail: + curl -O -L "https://github.com/grafana/loki/releases/download/${LATEST_RELEASE}/promtail-linux-amd64.zip" + unzip -o "./promtail-linux-amd64.zip" + mv ./promtail-linux-amd64 ./promtail + chmod a+x ./promtail + +generate-config: + mkdir -p /etc/promtail + ls /etc/promtail/config-promtail.yml || install -Dm600 config-promtail-template.yml /etc/promtail/config-promtail.yml + +clean: + rm -f ./promtail-linux-amd64.zip + rm -f promtail diff --git a/config-promtail-template.yml b/config-promtail-template.yml new file mode 100644 index 0000000..ecc4f97 --- /dev/null +++ b/config-promtail-template.yml @@ -0,0 +1,33 @@ +server: + disable: true + +positions: + filename: /var/cache/promtail/positions.yaml + +clients: + - url: 'https://ildkule.pvv.ntnu.no:3100/loki/api/v1/push' + +# TODO: Add scrape configs here. +# See https://grafana.com/docs/loki/latest/send-data/promtail/configuration/#scrape_configs +scrape_configs: + - job_name: system + static_configs: + - targets: + - localhost + labels: + job: /var/logs + host: hostname + __path__: /var/log/**/**log + - job_name: systemd-journal + journal: + labels: + job: systemd-journal + max_age: 12h + relabel_configs: + - source_labels: + - __journal__systemd_unit + target_label: unit + - source_labels: + - __journal_priority_keyword + target_label: level + diff --git a/promtail.service b/promtail.service new file mode 100644 index 0000000..6e87d40 --- /dev/null +++ b/promtail.service @@ -0,0 +1,35 @@ +[Unit] +Description=Promtail log ingress + +[Service] +X-StopIfChanged=false +CacheDirectory=promtail +CapabilityBoundingSet= +ExecStart=/usr/bin/promtail -config.file=/etc/promtail/config-promtail.yml --client.external-labels=host=%H +# Group=promtail +LockPersonality=true +MemoryDenyWriteExecute=true +NoNewPrivileges=true +PrivateDevices=true +PrivateMounts=true +PrivateTmp=true +PrivateUsers=true +ProtectClock=true +ProtectControlGroups=true +ProtectHome=true +ProtectHostname=true +ProtectKernelLogs=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectSystem=strict +Restart=on-failure +RestrictRealtime=true +RestrictSUIDSGID=true +SupplementaryGroups=systemd-journal +SystemCallArchitectures=native +SystemCallFilter=@system-service +TimeoutStopSec=10 +# User=promtail + +[Install] +WantedBy=multi-user.target