a/dnsservice
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

noot

Browse Source
This commit is contained in:
a 2025-07-20 18:27:50 -05:00
parent 67d25ab275
commit 3a8cdf80f0
No known key found for this signature in database
GPG Key ID: 2F22877AA4DFDADB
6 changed files with 150 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
ansible/files/alloy.river Normal file
View File

@ -0,0 +1,61 @@
logging {
level = "info"
}
loki.write "default" {
endpoint {
url = "https://loki.put.gay/loki/api/v1/push"
basic_auth {
username = "loki"
password = "{{hostvars[inventory_hostname].metrics_password}}"
}
}
}
local.file_match "system_logs" {
path_targets = [
{__path__ = "/var/log/syslog"},
{__path__ = "/var/log/messages"},
{__path__ = "/var/log/*.log"},
]
}
loki.source.file "system_logs" {
targets = local.file_match.system_logs.targets
forward_to = [loki.write.default.receiver]
tail_from_end = true
}
local.file_match "journal_logs" {
path_targets = [
{__path__ = "/var/log/journal/*/*"},
]
}
loki.source.journal "journal" {
forward_to = [loki.write.default.receiver]
relabel_rules = loki.relabel.journal.rules
labels = {
job = "systemd-journal",
}
}
loki.relabel "journal" {
forward_to = [loki.write.default.receiver]
rule {
source_labels = ["__journal__systemd_unit"]
target_label = "unit"
}
rule {
source_labels = ["__journal__hostname"]
target_label = "hostname"
}
rule {
source_labels = ["__journal_priority_keyword"]
target_label = "level"
}
}

24
ansible/files/alloy.service Normal file
View File

@ -0,0 +1,24 @@
[Unit]
Description=Grafana Alloy
Documentation=https://grafana.com/docs/alloy/latest/
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
User=alloy
Environment=HOSTNAME=%H
Environment="ALLOY_DEPLOY_MODE=default"
Environment="ALLOY_ENABLE_FEATURES="
Environment="ALLOY_DISABLE_FEATURES="
Environment="ALLOY_CLUSTER_ENABLED=false"
Environment="ALLOY_DISABLE_REPORTING=false"
ExecStart=/usr/bin/alloy run --storage.path=/var/lib/alloy/data /etc/alloy/config.river
ExecReload=/usr/bin/env kill -SIGHUP $MAINPID
Restart=always
RestartSec=10
TimeoutStopSec=10s
SendSIGKILL=yes
[Install]
WantedBy=multi-user.target

7
ansible/handlers/global.yml
View File

@ -19,3 +19,10 @@
- name: restart blocky - name: restart blocky
service: name=blocky state=restarted enabled=yes daemon-reload=true service: name=blocky state=restarted enabled=yes daemon-reload=true
listen: "restart blocky" listen: "restart blocky"
- name: restart alloy
service: name=alloy state=restarted enabled=yes
listen: "restart alloy"
- name: reload systemd
systemd:
daemon_reload: yes
listen: "reload systemd"

2
ansible/playbook.yml
View File

@ -7,6 +7,7 @@
- import_tasks: ./tasks/debian.yml - import_tasks: ./tasks/debian.yml
- import_tasks: ./tasks/dns.yml - import_tasks: ./tasks/dns.yml
- import_tasks: ./tasks/prometheus.yml - import_tasks: ./tasks/prometheus.yml
- import_tasks: ./tasks/alloy.yml
handlers: handlers:
- import_tasks: ./handlers/global.yml - import_tasks: ./handlers/global.yml
- hosts: lb_ord - hosts: lb_ord
@ -17,6 +18,7 @@
- import_tasks: ./tasks/blocky.yml - import_tasks: ./tasks/blocky.yml
- import_tasks: ./tasks/dnsdist.yml - import_tasks: ./tasks/dnsdist.yml
- import_tasks: ./tasks/caddy.yml - import_tasks: ./tasks/caddy.yml
- import_tasks: ./tasks/alloy.yml
- name: copy dnsdist service override - name: copy dnsdist service override
template: template:
src: "{{ playbook_dir }}/files/dnsdist.service" src: "{{ playbook_dir }}/files/dnsdist.service"

55
ansible/tasks/alloy.yml Normal file
View File

@ -0,0 +1,55 @@
---
- name: Install Grafana Alloy
block:
- name: Add Grafana GPG apt key
ansible.builtin.apt_key:
url: https://apt.grafana.com/gpg.key
state: present
- name: Add Grafana repository
ansible.builtin.apt_repository:
repo: "deb https://apt.grafana.com stable main"
state: present
update_cache: yes
- name: Install Alloy
ansible.builtin.apt:
name: alloy
state: present
update_cache: yes
- name: Create Alloy configuration directory
ansible.builtin.file:
path: /etc/alloy
state: directory
mode: '0755'
- name: Copy Alloy configuration
template:
src: "{{ playbook_dir }}/files/alloy.river"
dest: /etc/alloy/config.river
mode: '0644'
notify: restart alloy
- name: Add alloy user to systemd-journal and adm groups
ansible.builtin.user:
name: alloy
groups: systemd-journal,adm
append: yes
notify: restart alloy
- name: Copy Alloy systemd service file
ansible.builtin.copy:
src: "{{ playbook_dir }}/files/alloy.service"
dest: /etc/systemd/system/alloy.service
mode: '0644'
notify:
- reload systemd
- restart alloy
- name: Enable and start Alloy service
ansible.builtin.systemd:
name: alloy
enabled: yes
state: started
daemon_reload: yes

2
ansible/tasks/dnsdist.yml
View File

@ -1,6 +1,6 @@
# vi: ft=yaml.ansible # vi: ft=yaml.ansible
- name: install dnsdist - name: install dnsdist
apt: apt:
deb: https://repo.powerdns.com/debian/pool/main/d/dnsdist/dnsdist_1.9.6-1pdns.bookworm_amd64.deb deb: https://repo.powerdns.com/debian/pool/main/d/dnsdist/dnsdist_1.9.10-1pdns.bookworm_amd64.deb
- name: ensure dnsdist default svc is not running - name: ensure dnsdist default svc is not running
service: name=dnsdist state=stopped enabled=no service: name=dnsdist state=stopped enabled=no