From 4448ee62476619d8896dca84103b3fa7b03d59d9 Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Tue, 26 Nov 2024 06:05:02 +0000
Subject: [PATCH] consolidated users file

---
 configuration.nix | 32 ++++++-------------
 loki.nix          | 81 +++++++++++++++++++++++++++++++++++++++++++++++
 users.nix         | 21 ------------
 3 files changed, 91 insertions(+), 43 deletions(-)
 create mode 100644 loki.nix
 delete mode 100644 users.nix

diff --git a/configuration.nix b/configuration.nix
index 16e4b4f..22e8921 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,8 +1,8 @@
 { pkgs, lib, modulesPath, ... }:
 let
   stateVersion = "24.05";
-  userName = "myuser";
-  repoPath = "/srv/nix-docker";
+  userName = "loki";
+  repoPath = "/srv/loki";
   unstable = import <nixos-unstable> {};
 in
 {
@@ -11,12 +11,7 @@ in
     (modulesPath + "/virtualisation/proxmox-lxc.nix")
     (import "${builtins.fetchTarball https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz}/nixos")
     (fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master")
-    (import ./users.nix {
-      inherit stateVersion;
-      inherit userName;
-      inherit repoPath;
-    })
-    # ./mounts.nix
+    (import ./loki.nix { inherit pkgs; inherit userName; })
   ];
 
   environment.systemPackages = with pkgs; [
@@ -26,7 +21,6 @@ in
     busybox
     git
     eza
-    gh
   ];
 
   # For SSH access
@@ -35,20 +29,7 @@ in
   # Networking stuff
   services.avahi = { enable = true; nssmdns4 = true; };
 
-  # https://nixos.wiki/wiki/Docker
-  virtualisation.docker = {
-    enable = true;
-    # https://docs.docker.com/engine/security/rootless/
-    # rootless = {
-    #   enable = true;
-    #   setSocketVariable = true;
-    # };
-  };
   services.vscode-server.enable = true;
-  
-  system.activationScripts.startup = ''
-    echo "Starting Nix-Docker container"
-  '';
 
   # Uses rust-based sudo
   security.sudo-rs = {
@@ -57,4 +38,11 @@ in
     wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
   };
 
+  home-manager = {
+    useGlobalPkgs = true;
+    users.root = {
+      home.stateVersion = stateVersion;
+      imports = [ (import ./git.nix { inherit repoPath; }) ];
+    };
+  };
 }
diff --git a/loki.nix b/loki.nix
new file mode 100644
index 0000000..4ec6fea
--- /dev/null
+++ b/loki.nix
@@ -0,0 +1,81 @@
+{ pkgs, userName, ... }:
+{
+  networking.firewall.allowedTCPPorts = [ 3100 ];
+
+  environment.systemPackages = with pkgs; [
+    (pkgs.writeShellScriptBin "loki-check" "curl http://127.0.0.1:3100/ready")
+  ];
+  
+  services.loki = {
+    enable = true;
+    user = "${userName}";
+
+    configuration = {
+      server.http_listen_port = 3100;
+      server.grpc_listen_port = 9096;
+      auth_enabled = false;
+
+      ingester = {
+        lifecycler = {
+          address = "0.0.0.0";
+          ring = {
+            kvstore = {
+              store = "inmemory";
+            };
+            replication_factor = 1;
+          };
+        };
+        chunk_idle_period = "1h";
+        max_chunk_age = "1h";
+        chunk_target_size = 1048576;
+        chunk_retain_period = "30s";
+      };
+
+      schema_config = {
+        configs = [{
+          from = "2024-04-01";
+          object_store = "filesystem";
+          store = "tsdb";
+          schema = "v13";
+          index = {
+            prefix = "index_";
+            period = "24h";
+          };
+        }];
+      };
+      
+      storage_config = {
+        tsdb_shipper = {
+          active_index_directory = "/var/lib/loki/index";
+          cache_location = "/var/lib/loki/index_cache";
+        };
+        filesystem = {
+          directory = "/var/lib/loki/chunks";
+        };
+      };
+      
+      compactor = {
+        retention_enabled = true;
+        compaction_interval = "10m";
+        working_directory = "/tmp/loki";
+        retention_delete_delay = "2h";
+        retention_delete_worker_count = 150;
+        delete_request_store = "filesystem";
+      };
+
+      limits_config = {
+        retention_period = "744h";
+        reject_old_samples = true;
+        reject_old_samples_max_age = "168h";
+        split_queries_by_interval = "24h";
+        ingestion_rate_mb = 10;
+        ingestion_burst_size_mb = 200;
+        allow_structured_metadata = true;
+      };
+
+      query_scheduler.max_outstanding_requests_per_tenant = 4096;
+      frontend.max_outstanding_per_tenant = 4096;
+      query_range.parallelise_shardable_queries = true;
+    };
+  };
+}
\ No newline at end of file
diff --git a/users.nix b/users.nix
deleted file mode 100644
index b1edf33..0000000
--- a/users.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ stateVersion, userName, repoPath, ... }:
-{
-  users.users.${userName} = {
-    isNormalUser = true;
-    extraGroups = [
-      "wheel"   # needed for sudo without password
-      "docker"  # needed for docker without sudo
-    ];
-    openssh.authorizedKeys.keyFiles = [
-      "/root/.ssh/authorized_keys" # should already have your public SSH key inside
-    ];
-  };
-
-  home-manager = {
-    useGlobalPkgs = true;
-    users.${userName} = {
-      home.stateVersion = stateVersion;
-      imports = [ (import ./git.nix { inherit repoPath; }) ];
-    };
-  };
-}