[grafana] First try at grafana + loki

ansible/group_vars/jails

@@ -1,127 +1,135 @@
 $ANSIBLE_VAULT;1.1;AES256
-30616466613238303664666338333532386162663934646436303031623963383936316539613262
-6465386261623764623934393962373966663530666664620a613566316336373764653731633732
-34363733666266636534343761636434626663333963313239376663646130323337623965343862
-3738316137616334640a343464626536636233643432353430653030663933653463656333316138
-39663765386230616337373131626237616633663835323434383931323339393634343231373936
-61653136643563393563386462323331653963383937356462616565636639646635393864303066
-35346465633831643531393362626637646436306131633531643934386538613139316231353761
-61316638333537626462356561353163343335386638363936656530653230663738366263353437
-36643938373730393931393033623863396661323964363330636230666438393962363062313766
-37363930373064303630363838383130643936663862363338376131313131626636653834656263
-65336163363839353261653066313165633936323664383834623438613535313033643833626637
-38653634383934353931666262353566303233666534396464383338383662373835363631353238
-34633461663364353934373039663734643734623162333932333337613232616262653336616130
-62646133336466336339363230333561383933623861666431636561333831326531376364313939
-30656236646165366364383733386566383737343065303332306332333261353739656265333932
-30633530363338333834663263393463343763376563323830633831613362656262656433356364
-30623739623638613838373531326261353536623164326137363664396636623235663765623934
-65366139636234623136646536383963323030653237316365356263336138353838353937363232
-63326261323039623264363938616663313236663930333862393139356539326132653731616633
-37356665613663306663343631336361363839323338646234626137353663336233346634363039
-39623938636438323936323239393263663533376434306162656336303531613630353437633965
-65306362313336333363363634623234316333333361386437346533646435323261303062386265
-63353436313239336635306132353865626331643832656439363332306237663439653664663438
-34343536346230656537383566323336373565386232303865633838386230653363623036623163
-33646465333533356332653266343930633937653062313234656337316464666331626461646132
-66393430363461653265306432306562323866363534333933323963666537626531336638396431
-35636161666265656432393238333436306336653531663066336536323264306334666661303531
-31386131323561626136306166396266343461383630383135616166366164366537636261353131
-30643838656531643865643266373632373733306634313934663332373432323933633835333833
-66636530636335323231663266393565663836306336663832303863656139653464363134623233
-37336334336339393466626131636134623961656461343236646465373035653264333237386437
-30623037623563613832643237626661666239653831393638356333386339666466303338663361
-62373338623232636439623730376365313231306439373834323663623865326362383638373430
-61646632386231633434333735393933373365616634653765353230643462363237316565313763
-66353337326361653633633435303361626431353333376161383264633966666630633031373531
-36343631383164626330636137316566313534393537643362613762313866313363326564323161
-33383338383937316166623463333538343137383034343961623032376137616665316630643633
-39643239396565323465346664323663396665626165343530346563363936363935636530316664
-61366137316133303738363536313834663630616235303062336561623761663536616235316133
-30373538626338663664646531636565353337656166373131373838306431303338356362643234
-66363931633739366330363263393630356538313438323361383766616138623634353238303437
-32306338373535383461653732343230326338303561643332356364633232646166343262633762
-63653761363437353930333337636533323838326137663332306131326632643434313463386663
-65366137326566666239373930393861366561366333646538616136626530636438333364613635
-32303661653865326363303538313263616432643538633163316264323839316463303565633537
-35663166303866636562623035396265383732653839626439613631303035303265313031346239
-66306333386138666462643532393334663136303136616632316166646561656536306462626331
-30316332656263656661373466366230393433336538346638316236613065663265363731633564
-33356136303964306431343031396131306539363563393364303434363666623934666564343435
-37303566636132623436643033326239363461653266333135636238393039393035386138666239
-34613433626530306632343931326437646534363735396131653138353331366230376339333765
-36663231303363376563646331633439366634663837373765366631653336303439636436343132
-63613137306133626639303831303032636139643061633861386633383161323464326262616335
-63316664653739636533633733643730383339343639353935646437386562396534323834386531
-39643733613634383337383765616662333038353235393733346366323131623566653262363338
-39626565633933383839663638363037663336643161383635636166363730363331613038313833
-38316130656461386230306637646566393037316232323538636135353835653734646131636435
-63313464656131623634646139386166333734336562366363326239346138363239346437613436
-30613062643336326535666466636234376338346264363235393130623065323837353864633437
-61636135613334633861636238333766346638353765643136363732303162336334323034653261
-63313466316430353266646434643039323734303933653735663032393537666264663530383237
-31306430623861663533313936323061616263313933653463363537653663336430313938383637
-38303638666135373466323266356561313331343937646233373338636263383232366164333364
-35633334383039306130356361303833663738326462303332376536366135316361666534643566
-34343932303839396636636436306337346434383462656632353165626134323237646633633466
-30333937376534336363333637346335366537353261373334633233333063653663346465663536
-31626363376465313064313936656363646364333039343739393966316639356164333162323839
-39613664656461646335343939663461303866363365626238633461376433626266383964656331
-38656335336466616539346162343733653131363031336261623732396364313739356265346631
-65343864313135616332643232353435366532356537633933356235653834316163636564613233
-39303931643263343533363561646361633265633836383464383830303465663163383538323865
-31646362393033646433343936643132346330616235313862616266643933396430396137646431
-33373766373131353637313533306336396363376364336564346164636261656131393064376432
-62353232316464393166666263633635393532616633303035666537336234383833313066663630
-35313964313930363533333666373265366238313237636563393365653835393637633932343931
-63643638336163643936653461393463383063623136613065306135666463316466336636633066
-30396662643230653066613935663163343931343961363964666265613966623662633235303466
-32613435303365393835373066313334356466626530356433663637643137666664363864656363
-66303165663362356232666538623534353330343134336263653738333636393762623935316135
-66366230646135346337333030643530313061353036343136396365393139663230666164356536
-36353033663865356536613533313830373533666233313266303963646662643635393665626266
-33633032633163663939333364323139306534303830303337613130626531373433393730343734
-39646362343765396538383734316265613365343162323830353133343061656561663966623137
-64323332616238316663336434613366396233363439666538323032663661613963653132653333
-31346336373639336331343330366137306333356362643136636331343035343539353966353462
-37313631383465353062626532333136343666323662633633346364356135353633353034633832
-32376238633866303333353965636232343765623165316532656238643637656532363966306535
-31393436663635353535663339623532313266656639333938356566643064356239306536303861
-32306565366335633834393363663539643839396266313335626233343637303566306235303461
-33373933653636383730396137336533613337343166613262353664666231303063633437613063
-31383465346430636435346436393836633933336565653939373433643364613837373931643331
-30323063653166653732373937626235303662313535383465326665653935373238346365306164
-36313463626131653732386362653961656433616564323039653064383938383335383436633339
-38643163316232393363393834333132653536386333326435336638313031663662356664393732
-32313634356235363635663232393335653233643166643161336634636266366333666531633066
-65636633356562363934313834333262343632323239343830353861626632623234663833326231
-30323735623931663961653363343633633232363561303061366461376263663837313637623965
-65643261333237333639333137343061386161373266343339393930386234343562353639336562
-61366330393833623662323630326432336266633036656330313563653763313538363762653730
-32326335326565376233356133336633646565356133663739643839636339626366333131636238
-64346134373439616335303766393536336538643237616435313336613536356266366331653536
-62326539376439623862353431623033663563366261393635336136633839363335636362613236
-64656632326261626561613633366236626631383738316438393762313434366538393930336633
-39313138643866393039303231306136396461303133633636636162346130373033373139333034
-65383863643461633263383635646366346164613665363164363866636366356332393835353565
-35663732653561653539663863393962393736633862356439363033613061663834313133393737
-36323630316530663963393237323966323030633937303466333933666137666662353064643838
-65383936393062363265333933396234336437346636373039613635373466663335373561393533
-61366236363366343839333537396439336631326636626565353763616630313730653931363239
-33663166323438366437653533333233666634373665366630656165393966633139333633616537
-36613934656639373666346630306533636630333363353437663135383865343333663336383538
-33656336616638353863366134663563653332356366616633313363373265623863306566373832
-62386537376230626265373532396136333438333139353665613164623533626566663133646163
-30366430333961306437623832396435616332613038613234616235323433356339666666623737
-36326565626638636366313634366136353464623531373538353536643764343337356336663065
-36346231336132383361343535303033356532326535303332306564613834643563313733373834
-35326130323830353861386662653533356264343462376565623336646465393664306532646432
-66396133653962363461323561326165626632643832643963623636353639383361316133393435
-39343535353665396361343833346534326561353230663162383032613164613938333735376563
-62333734303964333436633236613539373335653138363966306632343738376261333239366666
-35383738623338363065303335643832343937343437616232343034396234316666326665343031
-62373030363838313663346264343735383966363030366264373236316335643535656136303332
-65653939366437663639346563333761346138656262346434663363646464393163643333396635
-39306531353034306331636334336263383131313137653535393238313763643261626638303333
-62646462643031386637343963626638393534643131396634316535636330346565643337373431
-3830646666356161366434356565656162643039386165373834
+63313437383263653433656562353639363638333661393333333432386366343437333535316230
+3333643932366632623761616633396432636336656336380a636137373133336336636631323533
+64636631316164316234336435323130343063313837303233383865316230663331663332346264
+6263613932656432620a656563343730626462393932646234613237363434323231623436386237
+65663936623432316164656437616264393462666566333765303834363033323431383039386132
+61323233646162653264303031626162303933353937306663646236303530316436373634383863
+65306336313830313265366663306564313566666234313235356635663839313061386530396263
+37303664333536326237343336633764323631373732333231666130323930303735306137323434
+35353832373736386630616532363433343035303664643066653734366366326638616237306537
+64666661313338613832313533363634353963353164663765663634356531363663666133396237
+36646661313864393833646132323934626365643032363364383563316531333263646366326531
+63613064626638653263633736646134656434633966356366613231383937323732626165613236
+66343035343830346430343834653436336636646436393530396663316461333935636661366534
+32353834383961306365386139363231313539313162643364636461373264336563643636643166
+66376436623733613163306132666437363337633334653038343662653636373635373236336135
+33383039383262303835343631376636303363313565386236613035383239333432346334343865
+34636365653632363964636332343937306532643436373062346334346265626139363035323931
+66383334313334623961303764303464623265363635353237663166623365323639643236653466
+32633062633464383931346338323935386163303531323432613230393234326138336531363265
+61653639326638643637373634653931323831326661353863376436303037386336663830363262
+31323032643937356338373737613963303762363636303665303637653031326339663831653738
+34333532363632373730333165376561643863306364613038323432306161303363366139363734
+62383463303364393563616237386338303064616134666165626363623966323535393261396332
+61353863633534336231376266313866323566396238313435363034623362323237313766306662
+66363337333766616132393635333931663561363439323230663138613339323638666135353739
+61393436333864656265393734633862626238626639646538313264663836336435336463326163
+66386261633136633764643262376234643334323436313466613062616265383062323930396634
+37303961353839616639656537396336343763333531326261626463373663363539643733303139
+62636135303332383163633530626663373538356131326332626162313038666334393462373864
+30646436616365326136643338623961623132633735376337343263613063303833353361336137
+32633336313661613633663135653737346230316330623438373833373338396266353235633939
+32343930306135613662663236663039393538333665393338346634326637633839363563353763
+65326365336239616432376366373464616333633633363735653866393733663561353864613735
+39366636363133656362323832393535373537353836323765353238613962346664646238646237
+62663430656635383835316230343966366165646563343637383166616131386338303765363833
+31616234663038643561373135343337383738393036383633626534376432363536326436363335
+30383563316462363230646164323466643564383938633664303234363637336263333339356635
+39393637343034306231643831613336653534346136383731306236313539663365656336313364
+66366266623165393537393635636563656638383037383438336134353235343134343233336337
+30356461313139653261663561393062376231336661366139663437313638633331383433636130
+34636231623133633634343566353330336136646334356538363834613662353864356136373439
+62623539336436616339383932393634353863333063653432313266633236323165326664636237
+31373533316163396538376239306538343834336133623938313035353762356234353836343136
+39333763666637396535633439316461373835663733643438653136316264613734303365616234
+65336464383533393063303566663138396662633734313438393030656663653838353730663265
+62373762303133373230376561366633376530653134373034373461666366343062393161653066
+32343661313235656638383962373561666463333437643366646662366339313131623162343130
+30353335653462316536666263326234666262656466343633353762616334343564343730663136
+39306137363339336134326161343034373463376263666639313739376263353037636335366363
+64336566646537663966386435626465613832333030653866363561656363336134643038363632
+61356363616365383461336232326437343930663936363038366562623138316233663261303339
+35356338663333346237643530356135303530303236343330613834393739613636326664636439
+63653964636366326630313339356161613964643764653966383035663930613937336633363430
+36633031613366353737613536303933366432386562663535653534663830643635663338343962
+63343861383262666361323039376238343833376439656637636439616562653633363862646431
+62313135623939346638656462363133636436623037393938626138313932306665666163663239
+35316233303566366264383732326333663061303830356265386366336335343865663139616139
+32336533663136323964393031356537366631363137376365653066623932616135343063646636
+66643330656234383030373833373165323139646533636332353438656336626466626635363163
+63363137383761316139343338633134653364383165613261356664383963353534373430383766
+66653536396331333431313334663639666662376664373436393034326333323839653264333836
+61613664326364383832396362366163656536386332316632336535323730356434326365323438
+35346131383730623032626464613333663534356566343631326637623762616662343766323865
+32623235363939323136313634383833336436656665323062653462656366663566356561646363
+61353562376466373539326166326361306331396663636534396432316337303632383564636231
+35313664633839376464626337303461393461303964613632636565613034613162303638336133
+35646635323334363264323233333339393839613436643832373738666236613335636635303761
+66653332393363636331373131663130633431656161346231386535336264613464333465343133
+61333336666139336361333332333938643064646433636666373362333764666563336262383461
+35633837313961363730323930653164356130663836343961303164646330396538303961643766
+65323438613038336431393131373563646361613038343736383637646464333834366334363435
+32393834653434643536616166373966653665396362656138646235653863353234613837336639
+39613038366138313534633263643033353366326666383536373564616437623164616161303133
+65343065623538333863616162326363383061623862376565663330396166643866643035383562
+63633665363462363431303039343738343064393365636639353732393661643932643761306266
+39326261646333326331336635313238323332346532313433656631376664613536343331656136
+37646232353962616461326165663764633863626162383930333439313439346562303761646262
+37333865666139623265666265643338336365396164393663396361313632643465383139636532
+63353238333862613232616666663034666664313535663161313966326364623831363164633731
+38663663333233613462386564626133653832376135376635373731353735636466666565356561
+33323161376635343065333864333266613266376230343764333461393762623434306439363032
+61343138653730346336623035653463393664376464376565393465666462313761303961613630
+61623437666536373062333939366666613633353837313839343031396331626463393065363137
+64306263336330323464303138353733333863623261646134623332626633626436383835396265
+39663032663263343761356265656337303364346164393232373937643662343364393532643036
+32623364366335656438623665666264313231643332663363396437636561653739653264646334
+65666138633431633464323238353963396433316262313239383931356239303238366133663539
+64393631616266343936633539643861343761633737636461636461316465383739396337346663
+36636463643765343531616566623964373663383061393930656533623163633739333532633238
+61373563323633346235373666336564666134386262633138636165343530313865346137656134
+39666265303839316230323863396362656331656437376437303938343933313764303338386132
+38646435303763313635613232643439663433643635653536646430623138353932323436346130
+31373436343439356231323436666164303836393139396363396534346239363735306362653133
+36333536626561373634643439613034613239646439613039376239616161366162336434343631
+65653066316234353566383931336264353939663334396538663564373030383131633439343330
+31313933316665643566323662653033613164313865363437316361633436363532333062666466
+32636631306631396561356264363264343936396231623165323166336665356535636366366637
+64656138666561633135356461646431626532336539363866633938616637333835623066343633
+38393139393666616361643637356633316136323434363539306261383863626632346131633563
+38623365653261386635653664653564623565626535636536336661393037313463313561363165
+64626666386261343536303362316262396362653136343435643563366133346461366361663038
+63653337333835653537663239633466386237393035643466333835373336313362623230653562
+38373666386638383664313030656634353337656137386461333635376166356234333265653438
+66623134633933376639326232373765323765643932626633663439663337386334393565343663
+32393737383934643738386366656637376430663163636637336330396531346637343131323634
+30303932313130333161336332346534313665323032616236326166643861383032613866366461
+38626330346134383763313766396137663430396237653835303330613462393637353035303136
+35326565626261373639643261616337336333313137613937333962656161653533643839323735
+36623938376165643233633135386536343762353761633432346530376335326564326236663733
+33316431663430343161343162366266323737383436373832363265633035363932653633343266
+61656662663762393233376433663936386561613333386332343436343630376234373535366438
+63663139343032663761646533383732313731386332646330663233353435343939636430343437
+38356561363130626237643064366465626266353132356536316438396532326665393933383234
+64643339653739343235353935343164623636633662303561386265613462636537343164306334
+38316461656531383436323536316431333132366131373262333331616532653261366335336534
+34646336313931393366353736623939643539376231313535373862646139623938633563656663
+30303435306537613930336137633132626531623137363063666232623564626265303064373631
+62373633383364636430376461636464663866383564356339656238353461623233373731343962
+64336434626439363637356532633932643164316334306137656536303836383365366561623831
+61616133313530343061653833623936656461656536363365353931393434613365396133313837
+36383537346164333231326663356635306130363638303539643661376132663332363163326164
+65316436646364303137646339663332666637656430343735346637613739343363366430326264
+65653734626538656265393431313636323064643735323633333236633362333532393931656331
+32326431363238326135376138623463353833663766643462663362373865316339303038373333
+32633334346132383638386164643433666637646130626236656263336465653834353637373739
+30623563643838366138386330646634666431346666326366333766323134326231373332616137
+32663339303337346436626661333664356661393139336165383166316165333066343831656363
+38313761376162373036636164333037396634373564316433643863353135343332346161333138
+66333361343234366634636138633531363066616231663535303861396633306461326461303633
+62373532353065336266343865356337386636653064356330656439363637633361323439636430
+39316161633661643162653635663137366565613031656639366233316534633562353738373138
+30376663633265333934343766336234336132306332653838633338326661393564326135333135
+66626164346663643138313066343164313962356135343835663934616134353662613762306666
+3236323834626632366361333036663031343337323462366630

ansible/hosts

@@ -17,6 +17,7 @@ books.local
 photos.local
 podcasts.local
 fifteen5.local
+grafana.local
 
 [bhyve]
 mopidy.local ansible_become=true
@@ -115,6 +116,9 @@ miniflux.local
 [tor]
 tor.local
 
+[invidious]
+invidious.local
+
 [pbp]
 pbp.local
 
@@ -122,7 +126,7 @@ pbp.local
 fifteen5.local
 
 [db]
-postgres.local
+db.local
 
 [dev_mail]
 mailhog.local
@@ -139,3 +143,6 @@ photoview.local
 
 [podcasts]
 podcasts.local
+
+[logs]
+grafana.local

ansible/playbook.yml

@@ -12,10 +12,6 @@
     - role: supervisor
     - role: mailhog
 
-- hosts: invidious
-  roles:
-    - role: invidious
-
 - hosts: db
   roles:
     - role: postgres
@@ -26,6 +22,12 @@
   roles:
     - role: caddy
 
+- hosts: logs
+  roles:
+    - role: supervisor
+    - role: grafana
+    - role: loki
+
 - hosts: pbp
   roles:
     - role: supervisor

ansible/roles/grafana/tasks/main.yml

@@ -0,0 +1,23 @@
+---
+- name: Dependencies installed
+  community.general.pkgng:
+    name: grafana7,redis
+    state: latest
+
+- name: Redis enabled
+  shell: sysrc redis_enable="YES"
+
+- name: Redis started
+  service: name=redis state=started
+
+- name: Grafana enabled
+  shell: sysrc grafana_enable="YES"
+
+- name: Grafana config installed
+  template:
+    src: grafana.conf.j2
+    dest: /usr/local/etc/grafana.conf
+    mode: 0644
+
+- name: Grafana started
+  service: name=grafana state=started

ansible/roles/grafana/templates/grafana.conf.j2

@@ -0,0 +1,493 @@
+app_mode = production
+instance_name = ${HOSTNAME}
+
+[paths]
+data = /var/db/grafana/
+temp_data_lifetime = 24h
+logs = /var/log/grafana/
+plugins = /var/db/grafana/plugins
+provisioning = /var/db/grafana/provisioning
+
+#################################### Server ####################################
+[server]
+protocol = http
+domain = grafana.local
+;enforce_domain = false
+;router_logging = false
+
+#################################### Database ############################
+[database]
+# You can configure the database connection by specifying type, host, name, user and password
+# as separate properties or as on string using the url property.
+
+# Either "mysql", "postgres" or "sqlite3", it's your choice
+type = postgres
+host = db.local
+name = grafana
+user = grafana
+password = {{ grafana_db_pass }}
+log_queries =
+
+#################################### Cache server #############################
+[remote_cache]
+# Either "redis", "memcached" or "database" default is "database"
+type = redis
+connstr = addr=127.0.0.1:6379,pool_size=100,db=0,ssl=false
+
+#################################### Analytics ###########################
+[analytics]
+reporting_enabled = true
+check_for_updates = true
+
+#################################### Security ############################
+[security]
+admin_user = secstate
+admin_password = {{ grafana_admin_pass }}
+
+#################################### Users ###############################
+[users]
+allow_sign_up = false
+allow_org_create = false
+
+
+#################################### Anonymous Auth ######################
+[auth.anonymous]
+enabled = true
+org_name = GAnon
+org_role = Viewer
+
+#################################### Github Auth #########################
+[auth.github]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email,read:org
+;auth_url = https://github.com/login/oauth/authorize
+;token_url = https://github.com/login/oauth/access_token
+;api_url = https://api.github.com/user
+;allowed_domains =
+;team_ids =
+;allowed_organizations =
+
+#################################### GitLab Auth #########################
+[auth.gitlab]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = api
+;auth_url = https://gitlab.com/oauth/authorize
+;token_url = https://gitlab.com/oauth/token
+;api_url = https://gitlab.com/api/v4
+;allowed_domains =
+;allowed_groups =
+
+#################################### Google Auth #########################
+[auth.google]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_client_id
+;client_secret = some_client_secret
+;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
+;auth_url = https://accounts.google.com/o/oauth2/auth
+;token_url = https://accounts.google.com/o/oauth2/token
+;api_url = https://www.googleapis.com/oauth2/v1/userinfo
+;allowed_domains =
+;hosted_domain =
+
+#################################### Grafana.com Auth ####################
+# legacy key names (so they work in env variables)
+[auth.grafananet]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email
+;allowed_organizations =
+
+[auth.grafana_com]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email
+;allowed_organizations =
+
+#################################### Azure AD OAuth #######################
+[auth.azuread]
+;name = Azure AD
+;enabled = false
+;allow_sign_up = true
+;client_id = some_client_id
+;client_secret = some_client_secret
+;scopes = openid email profile
+;auth_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/authorize
+;token_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
+;allowed_domains =
+;allowed_groups =
+
+#################################### Okta OAuth #######################
+[auth.okta]
+;name = Okta
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = openid profile email groups
+;auth_url = https://<tenant-id>.okta.com/oauth2/v1/authorize
+;token_url = https://<tenant-id>.okta.com/oauth2/v1/token
+;api_url = https://<tenant-id>.okta.com/oauth2/v1/userinfo
+;allowed_domains =
+;allowed_groups =
+;role_attribute_path =
+
+#################################### Generic OAuth #######################
+[auth.generic_oauth]
+;name = OAuth
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email
+;email_attribute_name = email:primary
+;email_attribute_path =
+;role_attribute_path =
+;auth_url =
+;token_url =
+;api_url =
+;allowed_domains =
+;team_ids =
+;allowed_organizations =
+;tls_skip_verify_insecure = false
+;tls_client_cert =
+;tls_client_key =
+;tls_client_ca =
+
+#################################### Basic Auth ##########################
+[auth.basic]
+;enabled = true
+
+#################################### Auth Proxy ##########################
+[auth.proxy]
+;enabled = false
+;header_name = X-WEBAUTH-USER
+;header_property = username
+;auto_sign_up = true
+# Deprecated, use sync_ttl instead
+;ldap_sync_ttl = 60
+;sync_ttl = 60
+;whitelist =
+;headers =
+;enable_login_token = false
+
+#################################### Auth LDAP ###########################
+[auth.ldap]
+;enabled = false
+;config_file = /etc/grafana/ldap.toml
+;allow_sign_up = true
+
+# LDAP backround sync (Enterprise only)
+# At 1 am every day
+;sync_cron = "0 0 1 * * *"
+;active_sync_enabled = true
+
+#################################### SMTP / Emailing #####################
+[smtp]
+;enabled = false
+;host = localhost:25
+;user =
+# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
+;password =
+;cert_file =
+;key_file =
+;skip_verify = false
+;from_address = admin@grafana.localhost
+;from_name = Grafana
+;ehlo_identity =
+
+[emails]
+;welcome_email_on_sign_up = false
+;templates_pattern = emails/*.html
+
+#################################### Logging ##########################
+[log]
+# Either "console", "file", "syslog". Default is console and file
+# Use space to separate multiple modes, e.g. "console file"
+;mode = console file
+
+# Either "debug", "info", "warn", "error", "critical", default is "info"
+;level = info
+
+# optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
+;filters =
+
+# For "console" mode only
+[log.console]
+;level =
+
+# log line format, valid options are text, console and json
+;format = console
+
+# For "file" mode only
+[log.file]
+level = info
+format = json
+log_rotate = true
+;max_lines = 1000000
+max_days = 14
+
+[log.syslog]
+;level =
+
+# log line format, valid options are text, console and json
+;format = text
+
+# Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
+;network =
+;address =
+
+# Syslog facility. user, daemon and local0 through local7 are valid.
+;facility =
+
+# Syslog tag. By default, the process' argv[0] is used.
+;tag =
+
+#################################### Usage Quotas ########################
+[quota]
+;enabled = false
+
+#### set quotas to -1 to make unlimited. ####
+# limit number of users per Org.
+;org_user = 10
+
+# limit number of dashboards per Org.
+;org_dashboard = 100
+
+# limit number of data_sources per Org.
+;org_data_source = 10
+
+# limit number of api_keys per Org.
+;org_api_key = 10
+
+# limit number of orgs a user can create.
+;user_org = 10
+
+# Global limit of users.
+;global_user = -1
+
+# global limit of orgs.
+;global_org = -1
+
+# global limit of dashboards
+;global_dashboard = -1
+
+# global limit of api_keys
+;global_api_key = -1
+
+# global limit on number of logged in users.
+;global_session = -1
+
+#################################### Alerting ############################
+[alerting]
+# Disable alerting engine & UI features
+;enabled = true
+# Makes it possible to turn off alert rule execution but alerting UI is visible
+;execute_alerts = true
+
+# Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)
+;error_or_timeout = alerting
+
+# Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok)
+;nodata_or_nullvalues = no_data
+
+# Alert notifications can include images, but rendering many images at the same time can overload the server
+# This limit will protect the server from render overloading and make sure notifications are sent out quickly
+;concurrent_render_limit = 5
+
+# Default setting for alert calculation timeout. Default value is 30
+;evaluation_timeout_seconds = 30
+
+# Default setting for alert notification timeout. Default value is 30
+;notification_timeout_seconds = 30
+
+# Default setting for max attempts to sending alert notifications. Default value is 3
+;max_attempts = 3
+
+# Makes it possible to enforce a minimal interval between evaluations, to reduce load on the backend
+;min_interval_seconds = 1
+
+#################################### Explore #############################
+[explore]
+# Enable the Explore section
+;enabled = true
+
+#################################### Internal Grafana Metrics ############
+# Metrics available at HTTP API Url /metrics
+[metrics]
+;enabled              = true
+;interval_seconds     = 10
+# Disable total stats (stat_totals_*) metrics to be generated
+;disable_total_stats = false
+
+#If both are set, basic auth will be required for the metrics endpoint.
+;basic_auth_username =
+;basic_auth_password =
+
+# Send internal Grafana metrics to graphite
+[metrics.graphite]
+# Enable by setting the address setting (ex localhost:2003)
+;address =
+;prefix = prod.grafana.%(instance_name)s.
+
+#################################### Grafana.com integration  ##########################
+[grafana_net]
+;url = https://grafana.com
+
+[grafana_com]
+;url = https://grafana.com
+
+#################################### Distributed tracing ############
+[tracing.jaeger]
+# jaeger destination (ex localhost:6831)
+;address =
+# tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2)
+;always_included_tag =
+# Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
+;sampler_type = const
+# jaeger samplerconfig param
+# for "const" sampler, 0 or 1 for always false/true respectively
+# for "probabilistic" sampler, a probability between 0 and 1
+# for "rateLimiting" sampler, the number of spans per second
+# for "remote" sampler, param is the same as for "probabilistic"
+# and indicates the initial sampling rate before the actual one
+# is received from the mothership
+;sampler_param = 1
+# Whether or not to use Zipkin span propagation (x-b3- HTTP headers).
+;zipkin_propagation = false
+# Setting this to true disables shared RPC spans.
+# Not disabling is the most common setting when using Zipkin elsewhere in your infrastructure.
+;disable_shared_zipkin_spans = false
+
+#################################### External Image Storage ##############
+[external_image_storage]
+# Used for uploading images to public servers so they can be included in slack/email messages.
+# You can choose between (s3, webdav, gcs, azure_blob, local)
+;provider =
+
+[external_image_storage.s3]
+;endpoint =
+;path_style_access =
+;bucket_url =
+;bucket =
+;region =
+;path =
+;access_key =
+;secret_key =
+
+[external_image_storage.webdav]
+;url =
+;username =
+;password =
+;public_url =
+
+[external_image_storage.gcs]
+;key_file =
+;bucket =
+;path =
+
+[external_image_storage.azure_blob]
+;account_name =
+;account_key =
+;container_name =
+
+[external_image_storage.local]
+# does not require any configuration
+
+[rendering]
+# Options to configure a remote HTTP image rendering service, e.g. using https://github.com/grafana/grafana-image-renderer.
+# URL to a remote HTTP image renderer service, e.g. http://localhost:8081/render, will enable Grafana to render panels and dashboards to PNG-images using HTTP requests to an external service.
+;server_url =
+# If the remote HTTP image renderer service runs on a different server than the Grafana server you may have to configure this to a URL where Grafana is reachable, e.g. http://grafana.domain/.
+;callback_url =
+# Concurrent render request limit affects when the /render HTTP endpoint is used. Rendering many images at the same time can overload the server,
+# which this setting can help protect against by only allowing a certain amount of concurrent requests.
+;concurrent_render_request_limit = 30
+
+[panels]
+# here for to support old env variables, can remove after a few months
+;enable_alpha = false
+;disable_sanitize_html = false
+
+[plugins]
+;enable_alpha = false
+;app_tls_skip_verify_insecure = false
+# Enter a comma-separated list of plugin identifiers to identify plugins that are allowed to be loaded even if they lack a valid signature.
+;allow_loading_unsigned_plugins =
+
+#################################### Grafana Image Renderer Plugin ##########################
+[plugin.grafana-image-renderer]
+# Instruct headless browser instance to use a default timezone when not provided by Grafana, e.g. when rendering panel image of alert.
+# See ICU’s metaZones.txt (https://cs.chromium.org/chromium/src/third_party/icu/source/data/misc/metaZones.txt) for a list of supported
+# timezone IDs. Fallbacks to TZ environment variable if not set.
+;rendering_timezone =
+
+# Instruct headless browser instance to use a default language when not provided by Grafana, e.g. when rendering panel image of alert.
+# Please refer to the HTTP header Accept-Language to understand how to format this value, e.g. 'fr-CH, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5'.
+;rendering_language =
+
+# Instruct headless browser instance to use a default device scale factor when not provided by Grafana, e.g. when rendering panel image of alert.
+# Default is 1. Using a higher value will produce more detailed images (higher DPI), but will require more disk space to store an image.
+;rendering_viewport_device_scale_factor =
+
+# Instruct headless browser instance whether to ignore HTTPS errors during navigation. Per default HTTPS errors are not ignored. Due to
+# the security risk it's not recommended to ignore HTTPS errors.
+;rendering_ignore_https_errors =
+
+# Instruct headless browser instance whether to capture and log verbose information when rendering an image. Default is false and will
+# only capture and log error messages. When enabled, debug messages are captured and logged as well.
+# For the verbose information to be included in the Grafana server log you have to adjust the rendering log level to debug, configure
+# [log].filter = rendering:debug.
+;rendering_verbose_logging =
+
+# Instruct headless browser instance whether to output its debug and error messages into running process of remote rendering service.
+# Default is false. This can be useful to enable (true) when troubleshooting.
+;rendering_dumpio =
+
+# Additional arguments to pass to the headless browser instance. Default is --no-sandbox. The list of Chromium flags can be found
+# here (https://peter.sh/experiments/chromium-command-line-switches/). Multiple arguments is separated with comma-character.
+;rendering_args =
+
+# You can configure the plugin to use a different browser binary instead of the pre-packaged version of Chromium.
+# Please note that this is not recommended, since you may encounter problems if the installed version of Chrome/Chromium is not
+# compatible with the plugin.
+;rendering_chrome_bin =
+
+# Instruct how headless browser instances are created. Default is 'default' and will create a new browser instance on each request.
+# Mode 'clustered' will make sure that only a maximum of browsers/incognito pages can execute concurrently.
+# Mode 'reusable' will have one browser instance and will create a new incognito page on each request.
+;rendering_mode =
+
+# When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently. Default is 'browser'
+# and will cluster using browser instances.
+# Mode 'context' will cluster using incognito pages.
+;rendering_clustering_mode =
+# When rendering_mode = clustered you can define maximum number of browser instances/incognito pages that can execute concurrently..
+;rendering_clustering_max_concurrency =
+
+# Limit the maxiumum viewport width, height and device scale factor that can be requested.
+;rendering_viewport_max_width =
+;rendering_viewport_max_height =
+;rendering_viewport_max_device_scale_factor =
+
+# Change the listening host and port of the gRPC server. Default host is 127.0.0.1 and default port is 0 and will automatically assign
+# a port not in use.
+;grpc_host =
+;grpc_port =
+
+[enterprise]
+;license_path =
+
+[feature_toggles]
+# enable features, separated by spaces
+;enable =

ansible/roles/loki/files/loki-supervisor.conf

@@ -0,0 +1,7 @@
+[program:loki]
+command=/usr/local/bin/loki-freebsd-amd64 -config.file /usr/local/etc/loki.config.yml
+autostart=true
+autorestart=true
+stdout_logfile=/var/log/loki.log
+stderr_logfile=/var/log/loki.err.log
+stopsignal=QUIT

ansible/roles/loki/tasks/main.yml

@@ -0,0 +1,30 @@
+---
+- name: Dependencies installed
+  community.general.pkgng:
+    name: gtar
+    state: latest
+
+- name: Loki binary installed
+  ansible.builtin.unarchive:
+    src: https://github.com/grafana/loki/releases/download/v2.2.0/loki-freebsd-amd64.zip
+    dest: /usr/local/bin
+    remote_src: yes
+
+- name: Supervisord enabled
+  shell: sysrc supervisord_enable="YES"
+
+- name: Loki config file installed
+  template:
+    src: loki.config.yml.j2
+    dest: /usr/local/etc/loki.config.yml
+    owner: root
+    mode: 0644
+  notify: Supervisor restarted
+
+- name: Loki supervisor file installed
+  copy:
+    src: loki-supervisor.conf
+    dest: /usr/local/etc/supervisor/conf.d/loki.conf
+    owner: root
+    mode: 0644
+  notify: Supervisor restarted

ansible/roles/loki/templates/loki.config.yml.j2

@@ -0,0 +1,45 @@
+auth_enabled: true
+
+server:
+  http_listen_port: 3100
+
+ingester:
+  lifecycler:
+    address: 0.0.0.0
+    ring:
+      kvstore:
+        store: inmemory
+      replication_factor: 1
+    final_sleep: 0s
+  chunk_idle_period: 5m
+  chunk_retain_period: 30s
+  max_transfer_retries: 0
+
+schema_config:
+  configs:
+    - from: 2018-04-15
+      store: boltdb
+      object_store: filesystem
+      schema: v11
+      index:
+        prefix: index_
+        period: 168h
+
+storage_config:
+  boltdb:
+    directory: /tmp/loki/index
+
+  filesystem:
+    directory: /tmp/loki/chunks
+
+limits_config:
+  enforce_metric_name: false
+  reject_old_samples: true
+  reject_old_samples_max_age: 168h
+
+chunk_store_config:
+  max_look_back_period: 0s
+
+table_manager:
+  retention_deletes_enabled: false
+  retention_period: 0s

ansible/roles/supervisor/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Supervisor restarted
+  service:
+    name: supervisord
+    state: restarted