promtail/files/promtail.conf.jinja

@@ -0,0 +1,20 @@
+server:
+  http_listen_port: {{ http_listen_port }}
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: "{{ client_url }}"
+
+scrape_configs:
+  - job_name: journal
+    journal:
+      max_age: 12h
+      path: /var/log/journal
+      labels:
+        job: systemd-journal
+    relabel_configs:
+      - source_labels: ['__journal__systemd_unit']
+        target_label: 'unit'

promtail/init.sls

@@ -0,0 +1,61 @@
+{%- set client_url = "http://loki.rre.nu:3100/loki/api/v1/push" %}
+{%- set http_listen_port = 9080 %}
+{%- set zone = "public" %}
+
+
+Create promtail configuration folder:
+  file.directory:
+    - name: /etc/promtail
+    - user: root
+    - group: root
+    - mode: "0755"
+
+Create promtail configuration:
+  file.managed:
+    - name: /etc/promtail/promtail.conf
+    - source: salt://promtail/files/promtail.conf.jinja
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+    - require:
+      - file: Create promtail configuration folder
+    - context:
+      client_url: {{ client_url }}
+      http_listen_port: {{ http_listen_port }}
+
+Define firewall service for promtail:
+  firewalld.service:
+    - name: promtail
+    - ports:
+      - {{ http_listen_port }}/tcp
+
+adding fw service for promtail in {{ zone }} zone:
+  firewalld.present:
+    - name: {{ zone }}
+    - services:
+      - promtail
+
+Create promtail container:
+  cmd.run:
+    - name: podman container create --name promtail -p {{ http_listen_port }}:{{ http_listen_port}} -v /etc/promtail:/etc/promtail:ro -v /var/log/journal:/var/log/journal:ro docker.io/grafana/promtail:latest -config.file=/etc/promtail/promtail.conf
+    - unless: podman container exists promtail
+
+Create promail unit file:
+  cmd.run:
+    - name: podman generate systemd --name promtail > /etc/systemd/system/promtail.service
+    - onchanges:
+      - cmd: Create promtail container
+
+Run daeom-reload for promtail:
+  cmd.run:
+    - name: systemctl daemon-reload
+    - onchanges:
+      - cmd: Create promail unit file
+
+start promail service:
+  service.running:
+    - name: promtail
+    - enable: true
+    - watch:
+      - cmd: Create promail unit file

top.sls

@@ -10,6 +10,7 @@ base:
     - restic
     - cockpit
     - fail2ban
+    - promtail
 
   'pepper.rre.nu':
     - dnsmasq