diff --git a/cookbooks/loki/attributes.rb b/cookbooks/loki/attributes.rb new file mode 100644 index 0000000..bffdee8 --- /dev/null +++ b/cookbooks/loki/attributes.rb @@ -0,0 +1,11 @@ +# ------------------------------------------- +# Specifying the default settings: +# ------------------------------------------- +node.reverse_merge!({ + 'loki' => { + 'url' => 'https://github.com/grafana/loki/releases/download/', + 'zip' => 'loki-linux-amd64.zip', + 'storage' => '/opt/loki/', + 'location' => '/usr/local/bin/' + }, +}) diff --git a/cookbooks/loki/default.rb b/cookbooks/loki/default.rb new file mode 100644 index 0000000..f0eb864 --- /dev/null +++ b/cookbooks/loki/default.rb @@ -0,0 +1,7 @@ +# Loading the attributes: +include_recipe './attributes.rb' + +# Install loki here: +include_recipe './install.rb' +include_recipe './setup.rb' + diff --git a/cookbooks/loki/install.rb b/cookbooks/loki/install.rb new file mode 100644 index 0000000..b950d01 --- /dev/null +++ b/cookbooks/loki/install.rb @@ -0,0 +1,56 @@ +loki_url = '' +loki_bin = '' + +vtag = '' +tag = '' + +# Calculate the Download URL: +begin + require 'net/http' + + uri = URI.parse('https://github.com/grafana/loki/releases/latest') + + Timeout.timeout(3) do + response = Net::HTTP.get_response(uri) + + vtag = $1 if response.body =~ %r{tag\/(v\d+\.\d+\.\d+)} + tag = vtag.sub(/^v/, '') + + loki_bin = "#{node['loki']['zip']}" + loki_url = "#{node['loki']['url']}/#{vtag}/#{loki_bin}" + end +rescue + # Abort the chef client process: + raise 'Cannot connect to http://github.com.' +end + + +# バージョン確認して、アップデート必要かどうか確認 +result = run_command("loki --version 2>&1 | grep #{tag}", error: false) +if result.exit_status != 0 + # Download: + TMP = "/tmp/#{loki_bin}" + + execute "wget #{loki_url} -O #{TMP}" + + # Install: + directory node['loki']['storage'] do + owner 'root' + group 'root' + mode '755' + end + + execute "unzip -d #{node['loki']['storage']} #{TMP}" + + # Change Owner and Permissions: + file "#{node['loki']['storage']}loki-linux-amd64" do + owner 'root' + group 'root' + mode '755' + end + + # Create Link + link "#{node['loki']['location']}loki" do + to "#{node['loki']['storage']}loki-linux-amd64" + end +end diff --git a/cookbooks/loki/setup.rb b/cookbooks/loki/setup.rb new file mode 100644 index 0000000..297fefb --- /dev/null +++ b/cookbooks/loki/setup.rb @@ -0,0 +1,103 @@ +# Create `/etc/loki/`: +%w(/etc/loki).each do |d| + directory d do + owner 'root' + group 'root' + mode '0755' + end +end + +# Deploy `prometheus` files: +remote_file '/etc/loki/loki-config.yml' do + owner 'root' + group 'root' + mode '644' +end + +# Deploy `systemd` configuration for `prometheus`: +remote_file '/etc/systemd/system/loki.service' do + owner 'root' + group 'root' + mode '644' +end + +# Service setting: +service 'loki' do + action [ :enable, :restart ] +end + +# Depoy `consul` service configuration for `loki`: +remote_file '/etc/consul.d/service-loki.json' do + owner 'root' + group 'root' + mode '644' + + notifies :restart, 'service[supervisor]' +end + +# Depoy `promtail` configuration for `loki`: +HOSTNAME = run_command('uname -n').stdout.chomp + +template '/etc/promtail/loki.yaml' do + owner 'root' + group 'root' + mode '644' + + variables(HOSTNAME: HOSTNAME, LOKIENDPOINT: node['promtail']['lokiendpoint']) + + notifies :restart, 'service[promtail-loki]' +end + +# Deploy `systemd` configuration for `promtail-loki`: +remote_file '/etc/systemd/system/promtail-loki.service' do + owner 'root' + group 'root' + mode '644' +end + +# Service setting: +service 'promtail-loki' do + action [ :enable, :restart ] +end + +remote_file '/etc/rsyslog.d/30-loki.conf' do + owner 'root' + group 'root' + mode '644' + + notifies :restart, 'service[rsyslog]' +end + +service 'rsyslog' do + action [ :nothing ] +end + +# Deploy the `logrotated` configuration: +remote_file '/etc/logrotate.d/loki' do + owner 'root' + group 'root' + mode '644' +end + +# Restart the `supervisor`: +service 'supervisor' do + action :nothing +end + +# Firewall settings here: +%w( 3100/tcp ).each do |p| + execute "ufw allow #{p}" do + user 'root' + + not_if "LANG=c ufw status | grep #{p}" + + notifies :run, 'execute[ufw reload-or-enable]' + end +end + +execute 'ufw reload-or-enable' do + user 'root' + command 'LANG=C ufw reload | grep skipping && ufw --force enable || exit 0' + + action :nothing +end