From e832fc8e03b489a4a290184f2f00e9f717d3c345 Mon Sep 17 00:00:00 2001
From: = <jonas@rre.nu>
Date: Thu, 30 Mar 2023 09:42:35 +0200
Subject: [PATCH] added promtail

---
 promtail/files/promtail.conf.jinja | 20 ++++++++++
 promtail/init.sls                  | 61 ++++++++++++++++++++++++++++++
 top.sls                            |  1 +
 3 files changed, 82 insertions(+)
 create mode 100644 promtail/files/promtail.conf.jinja
 create mode 100644 promtail/init.sls

diff --git a/promtail/files/promtail.conf.jinja b/promtail/files/promtail.conf.jinja
new file mode 100644
index 0000000..4a60ad8
--- /dev/null
+++ b/promtail/files/promtail.conf.jinja
@@ -0,0 +1,20 @@
+server:
+  http_listen_port: {{ http_listen_port }}
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: "{{ client_url }}"
+
+scrape_configs:
+  - job_name: journal
+    journal:
+      max_age: 12h
+      path: /var/log/journal
+      labels:
+        job: systemd-journal
+    relabel_configs:
+      - source_labels: ['__journal__systemd_unit']
+        target_label: 'unit'
diff --git a/promtail/init.sls b/promtail/init.sls
new file mode 100644
index 0000000..31f36bb
--- /dev/null
+++ b/promtail/init.sls
@@ -0,0 +1,61 @@
+{%- set client_url = "http://loki.rre.nu:3100/loki/api/v1/push" %}
+{%- set http_listen_port = 9080 %}
+{%- set zone = "public" %}
+
+
+Create promtail configuration folder:
+  file.directory:
+    - name: /etc/promtail
+    - user: root
+    - group: root
+    - mode: "0755"
+
+Create promtail configuration:
+  file.managed:
+    - name: /etc/promtail/promtail.conf
+    - source: salt://promtail/files/promtail.conf.jinja
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+    - require:
+      - file: Create promtail configuration folder
+    - context:
+      client_url: {{ client_url }}
+      http_listen_port: {{ http_listen_port }}
+
+Define firewall service for promtail:
+  firewalld.service:
+    - name: promtail
+    - ports:
+      - {{ http_listen_port }}/tcp
+
+adding fw service for promtail in {{ zone }} zone:
+  firewalld.present:
+    - name: {{ zone }}
+    - services:
+      - promtail
+
+Create promtail container:
+  cmd.run:
+    - name: podman container create --name promtail -p {{ http_listen_port }}:{{ http_listen_port}} -v /etc/promtail:/etc/promtail:ro -v /var/log/journal:/var/log/journal:ro docker.io/grafana/promtail:latest -config.file=/etc/promtail/promtail.conf
+    - unless: podman container exists promtail
+
+Create promail unit file:
+  cmd.run:
+    - name: podman generate systemd --name promtail > /etc/systemd/system/promtail.service
+    - onchanges:
+      - cmd: Create promtail container
+
+Run daeom-reload for promtail:
+  cmd.run:
+    - name: systemctl daemon-reload
+    - onchanges:
+      - cmd: Create promail unit file
+
+start promail service:
+  service.running:
+    - name: promtail
+    - enable: true
+    - watch:
+      - cmd: Create promail unit file
diff --git a/top.sls b/top.sls
index 1ddb57a..af35162 100644
--- a/top.sls
+++ b/top.sls
@@ -10,6 +10,7 @@ base:
     - restic
     - cockpit
     - fail2ban
+    - promtail
 
   'pepper.rre.nu':
     - dnsmasq