john/loki-nix
1
0
Fork 0
generated from john/nix-docker
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

consolidated users file

Browse Source
This commit is contained in:
John Lancaster
2024-11-26 06:05:02 +00:00
parent feeeba6221
commit 4448ee6247
3 changed files with 91 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
configuration.nix
View File

@@ -1,8 +1,8 @@
{ pkgs, lib, modulesPath, ... }: { pkgs, lib, modulesPath, ... }:
let let
stateVersion = "24.05"; stateVersion = "24.05";
userName = "myuser"; userName = "loki";
repoPath = "/srv/nix-docker"; repoPath = "/srv/loki";
unstable = import <nixos-unstable> {}; unstable = import <nixos-unstable> {};
in in
{ {
@@ -11,12 +11,7 @@ in
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
(import "${builtins.fetchTarball https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz}/nixos") (import "${builtins.fetchTarball https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz}/nixos")
(fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master") (fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master")
(import ./users.nix { (import ./loki.nix { inherit pkgs; inherit userName; })
inherit stateVersion;
inherit userName;
inherit repoPath;
})
# ./mounts.nix
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@@ -26,7 +21,6 @@ in
busybox busybox
git git
eza eza
gh
]; ];
# For SSH access # For SSH access
@@ -35,20 +29,7 @@ in
# Networking stuff # Networking stuff
services.avahi = { enable = true; nssmdns4 = true; }; services.avahi = { enable = true; nssmdns4 = true; };
# https://nixos.wiki/wiki/Docker
virtualisation.docker = {
enable = true;
# https://docs.docker.com/engine/security/rootless/
# rootless = {
# enable = true;
# setSocketVariable = true;
# };
};
services.vscode-server.enable = true; services.vscode-server.enable = true;
system.activationScripts.startup = ''
echo "Starting Nix-Docker container"
'';
# Uses rust-based sudo # Uses rust-based sudo
security.sudo-rs = { security.sudo-rs = {
@@ -57,4 +38,11 @@ in
wheelNeedsPassword = false; # allows sudo without password for those in the wheel group wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
}; };
home-manager = {
useGlobalPkgs = true;
users.root = {
home.stateVersion = stateVersion;
imports = [ (import ./git.nix { inherit repoPath; }) ];
};
};
} }

81
loki.nix Normal file
View File

@@ -0,0 +1,81 @@
{ pkgs, userName, ... }:
{
networking.firewall.allowedTCPPorts = [ 3100 ];
environment.systemPackages = with pkgs; [
(pkgs.writeShellScriptBin "loki-check" "curl http://127.0.0.1:3100/ready")
];
services.loki = {
enable = true;
user = "${userName}";
configuration = {
server.http_listen_port = 3100;
server.grpc_listen_port = 9096;
auth_enabled = false;
ingester = {
lifecycler = {
address = "0.0.0.0";
ring = {
kvstore = {
store = "inmemory";
};
replication_factor = 1;
};
};
chunk_idle_period = "1h";
max_chunk_age = "1h";
chunk_target_size = 1048576;
chunk_retain_period = "30s";
};
schema_config = {
configs = [{
from = "2024-04-01";
object_store = "filesystem";
store = "tsdb";
schema = "v13";
index = {
prefix = "index_";
period = "24h";
};
}];
};
storage_config = {
tsdb_shipper = {
active_index_directory = "/var/lib/loki/index";
cache_location = "/var/lib/loki/index_cache";
};
filesystem = {
directory = "/var/lib/loki/chunks";
};
};
compactor = {
retention_enabled = true;
compaction_interval = "10m";
working_directory = "/tmp/loki";
retention_delete_delay = "2h";
retention_delete_worker_count = 150;
delete_request_store = "filesystem";
};
limits_config = {
retention_period = "744h";
reject_old_samples = true;
reject_old_samples_max_age = "168h";
split_queries_by_interval = "24h";
ingestion_rate_mb = 10;
ingestion_burst_size_mb = 200;
allow_structured_metadata = true;
};
query_scheduler.max_outstanding_requests_per_tenant = 4096;
frontend.max_outstanding_per_tenant = 4096;
query_range.parallelise_shardable_queries = true;
};
};
}

21
users.nix
View File

@@ -1,21 +0,0 @@
{ stateVersion, userName, repoPath, ... }:
{
users.users.${userName} = {
isNormalUser = true;
extraGroups = [
"wheel" # needed for sudo without password
"docker" # needed for docker without sudo
];
openssh.authorizedKeys.keyFiles = [
"/root/.ssh/authorized_keys" # should already have your public SSH key inside
];
};
home-manager = {
useGlobalPkgs = true;
users.${userName} = {
home.stateVersion = stateVersion;
imports = [ (import ./git.nix { inherit repoPath; }) ];
};
};
}