infra/nix/hosts/caelum/modules/promtail/promtail.nix

{
  config,
  lib,
  pkgs,
  ...
}: let
  svc = "promtail.service";
in {
  sops = {
    templates = {
      promtail.content = ''
        server:
          # http_listen_port: 28183
          # http_listen_port: 0
          # grpc_listen_port: 0
          disable: true

        positions:
          # filename: /tmp/positions.yaml
          filename: /var/tmp/positions.yaml

        clients:
          - url: https://logs.${config.sops.placeholder.domainName}/loki/api/v1/push
            tenant_id: ""
            backoff_config:
              min_period: 1000ms
              # max_period: 90s
              max_period: 5m
              max_retries: 10000

        scrape_configs:
          - job_name: journal
            journal:
              #max_age: 168h
              # max_age: 968h
              max_age: 14400h
              labels:
                job: systemd-journal
            relabel_configs:
              - source_labels: ["__journal__systemd_unit"]
                target_label: "unit"
              - source_labels: ['__journal__hostname']
                target_label: nodename
              - source_labels: ['__journal_syslog_identifier']
                target_label: syslog_identifier
              # drop these because of excessive logging
              - action: drop
                regex: '.*tailscale.*'
                source_labels: ['__journal__systemd_unit', 'unit']
              - action: drop
                regex: '.*zfs-zed.*'
                source_labels: ['__journal__systemd_unit', 'unit', 'syslog_identifier']
              - action: drop
                regex: '.*zed.*'
                source_labels: ['__journal__systemd_unit', 'unit', 'syslog_identifier']

          - job_name: caddy
            static_configs:
            - targets:
                - localhost
              labels:
                job: caddy
                host: ${config.networking.hostName}
                __path__: /var/log/caddy/*log
                agent: caddy-promtail
            pipeline_stages:
            - json:
                expressions:
                  duration: duration
                  status: status
            - labels:
                duration:
                status:
      '';
    };
  };

  systemd = {
    services = {
      promtail = {
        description = "Promtail service for Loki";
        wantedBy = ["multi-user.target"];
        serviceConfig = {
          ExecStart = ''
            ${pkgs.grafana-loki}/bin/promtail --config.file ${config.sops.templates.promtail.path}
          '';
          TimeoutStopSec = "5s";
        };
      };

      promtail-watcher = {
        description = "Promtail watcher";
        wantedBy = ["multi-user.target"];
        serviceConfig = {
          Type = "oneshot";
          ExecStart = "systemctl restart ${svc}";
          RestartSec = 90;
          # Restart = "always";
          Restart = "on-failure";
        };
      };
    };
    paths.promtail-watcher = {
      pathConfig = {
        PathChanged = config.sops.templates.promtail.path;
      };
      wantedBy = ["paths.target"];
    };
  };
}