├── loki ├── icon.png ├── logo.png ├── rootfs │ └── etc │ │ ├── nginx │ │ ├── includes │ │ │ ├── upstream.conf │ │ │ ├── server_params.conf │ │ │ ├── ssl_params.conf │ │ │ ├── proxy_params.conf │ │ │ └── mime.types │ │ ├── servers │ │ │ ├── direct.disabled │ │ │ ├── ready.conf │ │ │ ├── direct-ssl.disabled │ │ │ └── direct-mtls.disabled │ │ └── nginx.conf │ │ ├── services.d │ │ ├── nginx │ │ │ ├── run │ │ │ └── finish │ │ └── loki │ │ │ ├── finish │ │ │ └── run │ │ ├── loki │ │ └── default-config.yaml │ │ └── cont-init.d │ │ └── nginx.sh ├── build.yaml ├── config.yaml ├── Dockerfile ├── apparmor.txt ├── .README.j2 └── DOCS.md ├── .github ├── dependabot.yaml ├── workflows │ ├── lock.yaml │ ├── stale.yaml │ ├── labels.yaml │ ├── release-drafter.yaml │ ├── pr-labels.yaml │ ├── ci.yaml │ └── deploy.yaml └── ISSUE_TEMPLATE │ ├── feature_request.md │ └── bug_report.md ├── .devcontainer ├── devcontainer.json ├── Dockerfile └── supervisor.sh ├── .vscode └── tasks.json ├── LICENSE ├── .yamllint └── README.md /loki/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdegat01/addon-loki/HEAD/loki/icon.png -------------------------------------------------------------------------------- /loki/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mdegat01/addon-loki/HEAD/loki/logo.png -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/includes/upstream.conf: -------------------------------------------------------------------------------- 1 | upstream backend { 2 | server 127.0.0.1:8080; 3 | } 4 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/includes/server_params.conf: -------------------------------------------------------------------------------- 1 | root /dev/null; 2 | server_name $hostname; 3 | 4 | add_header X-Content-Type-Options nosniff; 5 | add_header X-XSS-Protection "1; mode=block"; 6 | add_header X-Robots-Tag none; 7 | -------------------------------------------------------------------------------- /.github/dependabot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 2 3 | updates: 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | interval: daily 8 | - package-ecosystem: docker 9 | directory: "/loki" 10 | schedule: 11 | interval: daily 12 | -------------------------------------------------------------------------------- /.github/workflows/lock.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Lock 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | schedule: 7 | - cron: "0 9 * * *" 8 | workflow_dispatch: 9 | 10 | jobs: 11 | workflows: 12 | uses: mdegat01/addon-workflows/.github/workflows/lock.yaml@main 13 | -------------------------------------------------------------------------------- /.github/workflows/stale.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Stale 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | schedule: 7 | - cron: "0 8 * * *" 8 | workflow_dispatch: 9 | 10 | jobs: 11 | workflows: 12 | uses: mdegat01/addon-workflows/.github/workflows/stale.yaml@main 13 | -------------------------------------------------------------------------------- /.github/workflows/labels.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Sync labels 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | schedule: 7 | - cron: "34 5 * * *" 8 | workflow_dispatch: 9 | 10 | jobs: 11 | workflows: 12 | uses: mdegat01/addon-workflows/.github/workflows/labels.yaml@main 13 | -------------------------------------------------------------------------------- /.github/workflows/release-drafter.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Release Drafter 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | push: 7 | branches: 8 | - main 9 | 10 | jobs: 11 | workflows: 12 | uses: mdegat01/addon-workflows/.github/workflows/release-drafter.yaml@main 13 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/servers/direct.disabled: -------------------------------------------------------------------------------- 1 | server { 2 | listen 3100 default_server; 3 | 4 | include /etc/nginx/includes/server_params.conf; 5 | include /etc/nginx/includes/proxy_params.conf; 6 | 7 | location / { 8 | proxy_pass http://backend; 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /.github/workflows/pr-labels.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: PR Labels 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | pull_request: 7 | types: 8 | - opened 9 | - labeled 10 | - unlabeled 11 | - synchronize 12 | 13 | jobs: 14 | workflows: 15 | uses: mdegat01/addon-workflows/.github/workflows/pr-labels.yaml@main 16 | -------------------------------------------------------------------------------- /loki/build.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | build_from: 3 | amd64: ghcr.io/hassio-addons/base/amd64:12.2.3 4 | armhf: ghcr.io/hassio-addons/base/armhf:12.2.3 5 | armv7: ghcr.io/hassio-addons/base/armv7:12.2.3 6 | aarch64: ghcr.io/hassio-addons/base/aarch64:12.2.3 7 | codenotary: 8 | base_image: codenotary@frenck.dev 9 | signer: codenotary@degatano.com 10 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/servers/ready.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 3101 default_server; 3 | 4 | include /etc/nginx/includes/server_params.conf; 5 | include /etc/nginx/includes/proxy_params.conf; 6 | 7 | location = /ready { 8 | proxy_pass http://backend; 9 | } 10 | 11 | location / { 12 | return 444; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: CI 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | schedule: 7 | - cron: "0 4 * * *" 8 | push: 9 | branches: 10 | - main 11 | pull_request: 12 | types: 13 | - opened 14 | - reopened 15 | - synchronize 16 | workflow_dispatch: 17 | 18 | jobs: 19 | workflows: 20 | uses: mdegat01/addon-workflows/.github/workflows/addon-ci.yaml@main 21 | -------------------------------------------------------------------------------- /loki/rootfs/etc/services.d/nginx/run: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bashio 2 | # shellcheck shell=bash 3 | # ============================================================================== 4 | # Home Assistant Add-on: Loki 5 | # Runs the Nginx daemon 6 | # ============================================================================== 7 | bashio::net.wait_for 8080 8 | bashio::log.info "Starting NGinx..." 9 | 10 | exec /usr/sbin/nginx 11 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/servers/direct-ssl.disabled: -------------------------------------------------------------------------------- 1 | server { 2 | listen 3100 default_server ssl; 3 | 4 | include /etc/nginx/includes/server_params.conf; 5 | include /etc/nginx/includes/ssl_params.conf; 6 | include /etc/nginx/includes/proxy_params.conf; 7 | 8 | ssl_certificate /ssl/%%certfile%%; 9 | ssl_certificate_key /ssl/%%keyfile%%; 10 | 11 | location / { 12 | proxy_pass http://backend; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/includes/ssl_params.conf: -------------------------------------------------------------------------------- 1 | ssl_protocols TLSv1.2 TLSv1.3; 2 | ssl_prefer_server_ciphers off; 3 | ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; 4 | ssl_session_timeout 10m; 5 | ssl_session_cache shared:SSL:10m; 6 | ssl_session_tickets off; 7 | ssl_stapling on; 8 | ssl_stapling_verify on; 9 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/servers/direct-mtls.disabled: -------------------------------------------------------------------------------- 1 | server { 2 | listen 3100 default_server ssl; 3 | 4 | include /etc/nginx/includes/server_params.conf; 5 | include /etc/nginx/includes/ssl_params.conf; 6 | include /etc/nginx/includes/proxy_params.conf; 7 | 8 | ssl_certificate /ssl/%%certfile%%; 9 | ssl_certificate_key /ssl/%%keyfile%%; 10 | 11 | ssl_client_certificate %%cafile%%; 12 | ssl_verify_client on; 13 | 14 | location / { 15 | proxy_pass http://backend; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /.github/workflows/deploy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Deploy 3 | 4 | # yamllint disable-line rule:truthy 5 | on: 6 | release: 7 | types: 8 | - published 9 | workflow_run: 10 | workflows: ["CI"] 11 | branches: [main] 12 | types: 13 | - completed 14 | 15 | jobs: 16 | workflows: 17 | uses: mdegat01/addon-workflows/.github/workflows/addon-deploy.yaml@main 18 | secrets: 19 | CAS_API_KEY: ${{ secrets.CAS_API_KEY }} 20 | DISPATCH_TOKEN: ${{ secrets.DISPATCH_TOKEN }} 21 | GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }} 22 | -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Home Assistant Add-Ons", 3 | "context": "..", 4 | "dockerFile": "Dockerfile", 5 | "appPort": ["7123:8123", "7357:4357"], 6 | "postStartCommand": "service docker start", 7 | "runArgs": ["-e", "GIT_EDITOR=code --wait", "--privileged"], 8 | "extensions": ["timonwong.shellcheck", "esbenp.prettier-vscode"], 9 | "settings": { 10 | "terminal.integrated.shell.linux": "/bin/bash" 11 | }, 12 | "workspaceMount": "source=${localWorkspaceFolder},target=/workspaces/addons,type=bind,consistency=delegated", 13 | "workspaceFolder": "/workspaces/addons" 14 | } 15 | -------------------------------------------------------------------------------- /loki/rootfs/etc/services.d/nginx/finish: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bashio 2 | # ============================================================================== 3 | # Home Assistant Add-on: Loki 4 | # Take down the S6 supervision tree when Nginx fails 5 | # ============================================================================== 6 | 7 | declare APP_EXIT_CODE=${1} 8 | 9 | if [[ "${APP_EXIT_CODE}" -ne 0 ]] && [[ "${APP_EXIT_CODE}" -ne 256 ]]; then 10 | bashio::log.warning "Halt add-on with exit code ${APP_EXIT_CODE}" 11 | echo "${APP_EXIT_CODE}" > /run/s6-linux-init-container-results/exitcode 12 | exec /run/s6/basedir/bin/halt 13 | fi 14 | -------------------------------------------------------------------------------- /loki/rootfs/etc/services.d/loki/finish: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bashio 2 | # ============================================================================== 3 | # Home Assistant Add-on: Loki 4 | # Take down the S6 supervision tree when Loki fails 5 | # ============================================================================== 6 | 7 | declare APP_EXIT_CODE=${1} 8 | 9 | if [[ "${APP_EXIT_CODE}" -ne 0 ]] && [[ "${APP_EXIT_CODE}" -ne 256 ]]; then 10 | bashio::log.warning "Halt add-on with exit code ${APP_EXIT_CODE}" 11 | echo "${APP_EXIT_CODE}" > /run/s6-linux-init-container-results/exitcode 12 | exec /run/s6/basedir/bin/halt 13 | fi 14 | 15 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/includes/proxy_params.conf: -------------------------------------------------------------------------------- 1 | proxy_http_version 1.1; 2 | proxy_ignore_client_abort off; 3 | proxy_read_timeout 86400s; 4 | proxy_redirect off; 5 | proxy_send_timeout 86400s; 6 | proxy_max_temp_file_size 0; 7 | 8 | proxy_set_header Accept-Encoding ""; 9 | proxy_set_header Connection $connection_upgrade; 10 | proxy_set_header Host $http_host; 11 | proxy_set_header Upgrade $http_upgrade; 12 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 13 | proxy_set_header X-Forwarded-Proto $scheme; 14 | proxy_set_header X-NginX-Proxy true; 15 | proxy_set_header X-Real-IP $remote_addr; 16 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: "" 5 | labels: "" 6 | assignees: "" 7 | --- 8 | 9 | **Is your feature request related to a problem? Please describe.** 10 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 11 | 12 | **Describe the solution you'd like** 13 | A clear and concise description of what you want to happen. 14 | 15 | **Describe alternatives you've considered** 16 | A clear and concise description of any alternative solutions or features you've considered. 17 | 18 | **Additional context** 19 | Add any other context or screenshots about the feature request here. 20 | -------------------------------------------------------------------------------- /loki/config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Loki 3 | url: https://github.com/mdegat01/addon-loki 4 | version: edge 5 | slug: loki 6 | arch: 7 | - aarch64 8 | - amd64 9 | - armv7 10 | - armhf 11 | description: Loki for Home Assistant 12 | codenotary: codenotary@degatano.com 13 | init: false 14 | startup: system 15 | map: 16 | - share 17 | - ssl 18 | watchdog: http://[HOST]:3101/ready 19 | ports: 20 | 3100/tcp: 21 | ports_description: 22 | 3100/tcp: HTTP listen port 23 | options: 24 | ssl: false 25 | days_to_keep: 30 26 | log_level: info 27 | schema: 28 | ssl: bool 29 | certfile: str? 30 | keyfile: str? 31 | cafile: str? 32 | days_to_keep: int(1,)? 33 | config_path: str? 34 | log_level: list(trace|debug|info|notice|warning|error|fatal)? 35 | -------------------------------------------------------------------------------- /.vscode/tasks.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "2.0.0", 3 | "tasks": [ 4 | { 5 | "label": "Start Home Assistant", 6 | "type": "shell", 7 | "command": "./.devcontainer/supervisor.sh", 8 | "group": { 9 | "kind": "test", 10 | "isDefault": true 11 | }, 12 | "presentation": { 13 | "reveal": "always", 14 | "panel": "new" 15 | }, 16 | "problemMatcher": [] 17 | }, 18 | { 19 | "label": "Run Home Assistant CLI", 20 | "type": "shell", 21 | "command": "docker exec -ti hassio_cli /usr/bin/cli.sh", 22 | "group": "test", 23 | "presentation": { 24 | "reveal": "always", 25 | "panel": "new" 26 | }, 27 | "problemMatcher": [] 28 | } 29 | ] 30 | } 31 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: "" 5 | labels: "" 6 | assignees: "" 7 | --- 8 | 9 | **Describe the bug** 10 | A clear and concise description of what the bug is. 11 | 12 | **To Reproduce** 13 | Steps to reproduce the behavior: 14 | 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Logs** 24 | 25 | ``` 26 | Include any relevant logs 27 | ``` 28 | 29 | **Environment (please complete the following information):** 30 | 31 | - Add-on version: [e.g. 1.0.2] 32 | - Supervisor version: [e.g.supervisor-2021.03.6] 33 | - Operating system [e.g. Home Assistant OS 5.12] 34 | 35 | **Additional context** 36 | Add any other context about the problem here. 37 | -------------------------------------------------------------------------------- /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM mcr.microsoft.com/vscode/devcontainers/base:debian 2 | 3 | WORKDIR /workspaces 4 | 5 | SHELL ["/bin/bash", "-o", "pipefail", "-c"] 6 | 7 | # Set Docker daemon config 8 | RUN \ 9 | mkdir -p /etc/docker \ 10 | && echo '{"storage-driver": "vfs"}' > /etc/docker/daemon.json 11 | 12 | # Installa aditional tools 13 | RUN \ 14 | apt-get update \ 15 | && apt-get install -y --no-install-recommends \ 16 | dbus \ 17 | network-manager \ 18 | libpulse0 \ 19 | xz-utils 20 | 21 | # Install docker 22 | RUN curl -fsSL https://get.docker.com | sh - 23 | 24 | # Install shellcheck 25 | RUN \ 26 | curl -fLs \ 27 | "https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz" \ 28 | | tar -xJ \ 29 | \ 30 | && mv -f "./shellcheck-stable/shellcheck" "/usr/bin/shellcheck" \ 31 | && rm -rf "./shellcheck-stable" 32 | 33 | # Generate a machine-id for this container 34 | RUN rm /etc/machine-id && dbus-uuidgen --ensure=/etc/machine-id 35 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | # MIT License 2 | 3 | Copyright (c) 2021-2022 Mike Degatano 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /loki/rootfs/etc/loki/default-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | auth_enabled: false 3 | 4 | server: {} 5 | 6 | ingester: 7 | lifecycler: 8 | address: 127.0.0.1 9 | ring: 10 | kvstore: 11 | store: inmemory 12 | replication_factor: 1 13 | final_sleep: 0s 14 | chunk_idle_period: 1h 15 | max_chunk_age: 1h 16 | chunk_target_size: 1048576 17 | chunk_retain_period: 30s 18 | max_transfer_retries: 0 19 | wal: 20 | dir: /data/loki/wal 21 | 22 | schema_config: 23 | configs: 24 | - from: 2020-10-24 25 | store: boltdb-shipper 26 | object_store: filesystem 27 | schema: v11 28 | index: 29 | prefix: index_ 30 | period: 24h 31 | 32 | storage_config: 33 | boltdb_shipper: 34 | active_index_directory: /data/loki/boltdb-shipper-active 35 | cache_location: /data/loki/boltdb-shipper-cache 36 | cache_ttl: 24h 37 | shared_store: filesystem 38 | filesystem: 39 | directory: /data/loki/chunks 40 | 41 | compactor: 42 | working_directory: /data/loki/boltdb-shipper-compactor 43 | shared_store: filesystem 44 | retention_enabled: true 45 | 46 | limits_config: 47 | reject_old_samples: true 48 | reject_old_samples_max_age: 168h 49 | retention_period: ${RETENTION_PERIOD:29d} 50 | 51 | chunk_store_config: 52 | max_look_back_period: 0s 53 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | # Run nginx in foreground. 2 | daemon off; 3 | 4 | # Set user 5 | user abc; 6 | 7 | # Pid storage location. 8 | pid /var/run/nginx.pid; 9 | 10 | # Set number of worker processes. 11 | worker_processes 1; 12 | 13 | # Enables the use of JIT for regular expressions to speed-up their processing. 14 | pcre_jit on; 15 | 16 | # Write error log to the add-on log. 17 | error_log /proc/1/fd/1 error; 18 | 19 | # Load dynamic modules. 20 | include /etc/nginx/modules/*.conf; 21 | 22 | # Max num of simultaneous connections by a worker process. 23 | events { 24 | worker_connections 512; 25 | } 26 | 27 | http { 28 | include /etc/nginx/includes/mime.types; 29 | 30 | log_format homeassistant '[$time_local] $status ' 31 | '$http_x_forwarded_for($remote_addr) ' 32 | '$request ($http_user_agent)'; 33 | 34 | access_log off; 35 | client_max_body_size 4G; 36 | default_type application/octet-stream; 37 | gzip on; 38 | keepalive_timeout 65; 39 | sendfile on; 40 | server_tokens off; 41 | tcp_nodelay on; 42 | tcp_nopush on; 43 | 44 | map $http_upgrade $connection_upgrade { 45 | default upgrade; 46 | '' close; 47 | } 48 | 49 | include /etc/nginx/includes/upstream.conf; 50 | 51 | include /etc/nginx/servers/*.conf; 52 | } 53 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | rules: 3 | braces: 4 | level: error 5 | min-spaces-inside: 0 6 | max-spaces-inside: 1 7 | min-spaces-inside-empty: -1 8 | max-spaces-inside-empty: -1 9 | brackets: 10 | level: error 11 | min-spaces-inside: 0 12 | max-spaces-inside: 0 13 | min-spaces-inside-empty: -1 14 | max-spaces-inside-empty: -1 15 | colons: 16 | level: error 17 | max-spaces-before: 0 18 | max-spaces-after: 1 19 | commas: 20 | level: error 21 | max-spaces-before: 0 22 | min-spaces-after: 1 23 | max-spaces-after: 1 24 | comments: 25 | level: error 26 | require-starting-space: true 27 | min-spaces-from-content: 2 28 | comments-indentation: 29 | level: error 30 | document-end: 31 | level: error 32 | present: false 33 | document-start: 34 | level: error 35 | present: true 36 | empty-lines: 37 | level: error 38 | max: 1 39 | max-start: 0 40 | max-end: 1 41 | hyphens: 42 | level: error 43 | max-spaces-after: 1 44 | indentation: 45 | level: error 46 | spaces: 2 47 | indent-sequences: true 48 | check-multi-line-strings: false 49 | key-duplicates: 50 | level: error 51 | line-length: 52 | ignore: | 53 | .github/support.yml 54 | level: warning 55 | max: 120 56 | allow-non-breakable-words: true 57 | allow-non-breakable-inline-mappings: true 58 | new-line-at-end-of-file: 59 | level: error 60 | new-lines: 61 | level: error 62 | type: unix 63 | trailing-spaces: 64 | level: error 65 | truthy: 66 | level: error 67 | -------------------------------------------------------------------------------- /loki/rootfs/etc/services.d/loki/run: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bashio 2 | # shellcheck shell=bash 3 | # ============================================================================== 4 | # Home Assistant Add-on: Loki 5 | # Runs Loki 6 | # ============================================================================== 7 | 8 | readonly BIND_ADDR=127.0.0.1 9 | readonly HTTP_PORT=8080 10 | declare log_level 11 | loki_config='/etc/loki/default-config.yaml' 12 | 13 | bashio::log.info 'Starting Loki...' 14 | 15 | if bashio::config.exists 'config_path'; then 16 | loki_config=$(bashio::config 'config_path') 17 | bashio::log.info "Using config at ${loki_config}" 18 | else 19 | bashio::log.info "Using default config" 20 | fi 21 | 22 | retention_period="$(bashio::config 'days_to_keep' 1)d" 23 | bashio::log.info "Retention period set to ${retention_period}" 24 | export "RETENTION_PERIOD=${retention_period}" 25 | 26 | case "$(bashio::config 'log_level')" in \ 27 | trace) ;& \ 28 | debug) log_level='debug' ;; \ 29 | notice) ;& \ 30 | warning) log_level='warn' ;; \ 31 | error) ;& \ 32 | fatal) log_level='error' ;; \ 33 | *) log_level='info' ;; \ 34 | esac; 35 | bashio::log.info "Loki log level set to ${log_level}" 36 | 37 | loki_args=( 38 | "-config.expand-env=true" 39 | "-config.file=${loki_config}" 40 | "-server.http-listen-address=${BIND_ADDR}" 41 | "-server.http-listen-port=${HTTP_PORT}" 42 | "-log.level=${log_level}" 43 | ) 44 | if [ "${log_level}" == "debug" ]; then 45 | bashio::log.debug "Logging full config on startup for debugging..." 46 | loki_args+=("-print-config-stderr=true") 47 | fi 48 | 49 | bashio::log.info "Handing over control to Loki..." 50 | exec s6-setuidgid abc \ 51 | /usr/bin/loki "${loki_args[@]}" 52 | -------------------------------------------------------------------------------- /loki/rootfs/etc/cont-init.d/nginx.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bashio 2 | # shellcheck shell=bash 3 | # ============================================================================== 4 | # Home Assistant Add-on: Loki 5 | # This file configures nginx 6 | # ============================================================================== 7 | readonly NGINX_SERVERS=/etc/nginx/servers 8 | readonly NGINX_CONF="${NGINX_SERVERS}/direct.conf" 9 | declare certfile 10 | declare keyfile 11 | 12 | bashio::config.require.ssl 13 | 14 | if bashio::config.true 'ssl'; then 15 | bashio::log.info 'Setting up SSL...' 16 | 17 | certfile=$(bashio::config 'certfile') 18 | keyfile=$(bashio::config 'keyfile') 19 | 20 | if ! bashio::config.is_empty 'cafile'; then 21 | bashio::log.info 'Setting up mTLS...' 22 | cafile=$(bashio::config 'cafile') 23 | 24 | # Absolute path support deprecated 4/21 for release 1.5.0. 25 | # Wait until at least 5/21 to remove 26 | if [[ $cafile =~ ^\/ ]]; then 27 | bashio::log.warning "Providing an absolute path for 'cafile' is deprecated." 28 | bashio::log.warning "Support for absolute paths will be removed in a future release." 29 | bashio::log.warning "Please put your CA file in /ssl and provide a relative path." 30 | else 31 | cafile="/ssl/${cafile}" 32 | fi 33 | 34 | if ! bashio::fs.file_exists "${cafile}"; then 35 | bashio::log.fatal 36 | bashio::log.fatal "The file specified for 'cafile' does not exist!" 37 | bashio::log.fatal "Ensure the CA certificate file exists and full path is provided" 38 | bashio::log.fatal 39 | bashio::exit.nok 40 | fi 41 | 42 | mv "${NGINX_SERVERS}/direct-mtls.disabled" "${NGINX_CONF}" 43 | sed -i "s#%%cafile%%#${cafile}#g" "${NGINX_CONF}" 44 | else 45 | mv "${NGINX_SERVERS}/direct-ssl.disabled" "${NGINX_CONF}" 46 | fi 47 | 48 | sed -i "s#%%certfile%%#${certfile}#g" "${NGINX_CONF}" 49 | sed -i "s#%%keyfile%%#${keyfile}#g" "${NGINX_CONF}" 50 | else 51 | mv "${NGINX_SERVERS}/direct.disabled" "${NGINX_CONF}" 52 | fi 53 | -------------------------------------------------------------------------------- /loki/Dockerfile: -------------------------------------------------------------------------------- 1 | # https://github.com/hassio-addons/addon-base/releases 2 | ARG BUILD_FROM=ghcr.io/hassio-addons/base/amd64 3 | 4 | # hadolint ignore=DL3006 5 | FROM ${BUILD_FROM} 6 | 7 | # https://github.com/grafana/loki/releases 8 | ARG LOKI_VERSION=2.6.1 9 | 10 | # add Loki and Nginx 11 | RUN set -eux; \ 12 | apk update; \ 13 | \ 14 | apk add --no-cache --virtual .build-deps \ 15 | unzip=6.0-r9 \ 16 | ; \ 17 | APKARCH="$(apk --print-arch)"; \ 18 | case "$APKARCH" in \ 19 | x86_64) BINARCH='amd64' ;; \ 20 | armhf) BINARCH='arm' ;; \ 21 | armv7) BINARCH='arm' ;; \ 22 | aarch64) BINARCH='arm64' ;; \ 23 | *) echo >&2 "error: unsupported architecture ($APKARCH)"; exit 1 ;; \ 24 | esac; \ 25 | curl -s -J -L -o /tmp/loki.zip \ 26 | "https://github.com/grafana/loki/releases/download/v${LOKI_VERSION}/loki-linux-${BINARCH}.zip"; \ 27 | unzip /tmp/loki.zip -d /usr/bin; \ 28 | mv /usr/bin/loki-linux-${BINARCH} /usr/bin/loki; \ 29 | chmod a+x /usr/bin/loki; \ 30 | rm /tmp/loki.zip; \ 31 | apk del .build-deps; \ 32 | \ 33 | apk add --no-cache \ 34 | ca-certificates=20220614-r0 \ 35 | nginx=1.22.0-r1 \ 36 | ; \ 37 | update-ca-certificates; \ 38 | nginx -v; \ 39 | rm -f -r /etc/nginx; \ 40 | mkdir -p \ 41 | /var/lib/nginx/tmp/client_body \ 42 | /var/lib/nginx/tmp/fastcgi \ 43 | /var/lib/nginx/tmp/proxy \ 44 | /var/lib/nginx/tmp/scgi \ 45 | /var/lib/nginx/tmp/uwsgi \ 46 | /var/log/nginx \ 47 | /run/nginx \ 48 | ; \ 49 | touch /var/log/nginx/error.log; \ 50 | \ 51 | echo "Add user for Loki"; \ 52 | mkdir -p /data/loki; \ 53 | addgroup -S abc; \ 54 | adduser -u 12345 -h /data/loki -D -S abc -G abc; \ 55 | \ 56 | chown -R abc:abc \ 57 | /usr/lib/nginx \ 58 | /usr/share/nginx \ 59 | /var/lib/nginx \ 60 | /var/log/nginx \ 61 | ; 62 | 63 | # See https://github.com/grafana/loki/issues/1928 64 | RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf 65 | 66 | COPY --chown=abc:abc rootfs / 67 | WORKDIR /data/loki 68 | 69 | # Build arguments 70 | ARG BUILD_ARCH 71 | ARG BUILD_DATE 72 | ARG BUILD_DESCRIPTION 73 | ARG BUILD_NAME 74 | ARG BUILD_REF 75 | ARG BUILD_REPOSITORY 76 | ARG BUILD_VERSION 77 | 78 | # Labels 79 | LABEL \ 80 | io.hass.name="${BUILD_NAME}" \ 81 | io.hass.description="${BUILD_DESCRIPTION}" \ 82 | io.hass.arch="${BUILD_ARCH}" \ 83 | io.hass.type="addon" \ 84 | io.hass.version=${BUILD_VERSION} \ 85 | maintainer="mdegat01" \ 86 | org.opencontainers.image.title="${BUILD_NAME}" \ 87 | org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ 88 | org.opencontainers.image.vendor="mdegat01's Home Assistant Add-ons" \ 89 | org.opencontainers.image.authors="mdegat01" \ 90 | org.opencontainers.image.licenses="MIT" \ 91 | org.opencontainers.image.url="https://github.com/mdegat01/hassio-addons" \ 92 | org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ 93 | org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ 94 | org.opencontainers.image.created=${BUILD_DATE} \ 95 | org.opencontainers.image.revision=${BUILD_REF} \ 96 | org.opencontainers.image.version=${BUILD_VERSION} 97 | -------------------------------------------------------------------------------- /.devcontainer/supervisor.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -eE 3 | 4 | DOCKER_TIMEOUT=30 5 | DOCKER_PID=0 6 | 7 | SUPERVISOR_VERSON="$(curl -s https://version.home-assistant.io/dev.json | jq -e -r '.supervisor')" 8 | 9 | 10 | function start_docker() { 11 | local starttime 12 | local endtime 13 | 14 | echo "Starting docker." 15 | dockerd 2> /dev/null & 16 | DOCKER_PID=$! 17 | 18 | echo "Waiting for docker to initialize..." 19 | starttime="$(date +%s)" 20 | endtime="$(date +%s)" 21 | until docker info >/dev/null 2>&1; do 22 | if [ $((endtime - starttime)) -le $DOCKER_TIMEOUT ]; then 23 | sleep 1 24 | endtime=$(date +%s) 25 | else 26 | echo "Timeout while waiting for docker to come up" 27 | exit 1 28 | fi 29 | done 30 | echo "Docker was initialized" 31 | } 32 | 33 | 34 | function stop_docker() { 35 | local starttime 36 | local endtime 37 | 38 | echo "Stopping in container docker..." 39 | if [ "$DOCKER_PID" -gt 0 ] && kill -0 "$DOCKER_PID" 2> /dev/null; then 40 | starttime="$(date +%s)" 41 | endtime="$(date +%s)" 42 | 43 | # Now wait for it to die 44 | kill "$DOCKER_PID" 45 | while kill -0 "$DOCKER_PID" 2> /dev/null; do 46 | if [ $((endtime - starttime)) -le $DOCKER_TIMEOUT ]; then 47 | sleep 1 48 | endtime=$(date +%s) 49 | else 50 | echo "Timeout while waiting for container docker to die" 51 | exit 1 52 | fi 53 | done 54 | else 55 | echo "Your host might have been left with unreleased resources" 56 | fi 57 | } 58 | 59 | 60 | function cleanup_lastboot() { 61 | if [[ -f /tmp/supervisor_data/config.json ]]; then 62 | echo "Cleaning up last boot" 63 | cp /tmp/supervisor_data/config.json /tmp/config.json 64 | jq -rM 'del(.last_boot)' /tmp/config.json > /tmp/supervisor_data/config.json 65 | rm /tmp/config.json 66 | fi 67 | } 68 | 69 | 70 | function cleanup_docker() { 71 | echo "Cleaning up stopped containers..." 72 | docker rm "$(docker ps -a -q)" || true 73 | } 74 | 75 | function run_supervisor() { 76 | mkdir -p /tmp/supervisor_data 77 | docker run --rm --privileged \ 78 | --name hassio_supervisor \ 79 | --security-opt seccomp=unconfined \ 80 | --security-opt apparmor:unconfined \ 81 | -v /run/docker.sock:/run/docker.sock:rw \ 82 | -v /run/dbus:/run/dbus:ro \ 83 | -v /run/udev:/run/udev:ro \ 84 | -v /tmp/supervisor_data:/data:rw \ 85 | -v "/workspaces/addons":/data/addons/local:rw \ 86 | -v /etc/machine-id:/etc/machine-id:ro \ 87 | -e SUPERVISOR_SHARE="/tmp/supervisor_data" \ 88 | -e SUPERVISOR_NAME=hassio_supervisor \ 89 | -e SUPERVISOR_DEV=1 \ 90 | -e SUPERVISOR_MACHINE="qemux86-64" \ 91 | "homeassistant/amd64-hassio-supervisor:${SUPERVISOR_VERSON}" 92 | } 93 | 94 | function init_dbus() { 95 | if pgrep dbus-daemon; then 96 | echo "Dbus is running" 97 | return 0 98 | fi 99 | 100 | echo "Startup dbus" 101 | mkdir -p /var/lib/dbus 102 | cp -f /etc/machine-id /var/lib/dbus/machine-id 103 | 104 | # cleanups 105 | mkdir -p /run/dbus 106 | rm -f /run/dbus/pid 107 | 108 | # run 109 | dbus-daemon --system --print-address 110 | } 111 | 112 | function init_udev() { 113 | if pgrep systemd-udevd; then 114 | echo "udev is running" 115 | return 0 116 | fi 117 | 118 | echo "Startup udev" 119 | 120 | # cleanups 121 | mkdir -p /run/udev 122 | 123 | # run 124 | /lib/systemd/systemd-udevd --daemon 125 | sleep 3 126 | udevadm trigger && udevadm settle 127 | } 128 | 129 | echo "Start Test-Env" 130 | 131 | start_docker 132 | trap "stop_docker" ERR 133 | 134 | docker system prune -f 135 | 136 | cleanup_lastboot 137 | cleanup_docker 138 | init_dbus 139 | init_udev 140 | run_supervisor 141 | stop_docker 142 | -------------------------------------------------------------------------------- /loki/apparmor.txt: -------------------------------------------------------------------------------- 1 | include 2 | 3 | # Docker overlay 4 | @{docker_root}=/docker/ /var/lib/docker/ 5 | @{fs_root}=/ @{docker_root}/overlay2/*/diff/ 6 | @{do_etc}=@{fs_root}/etc/ 7 | @{do_opt}=@{fs_root}/opt/ 8 | @{do_run}=@{fs_root}/{run,var/run}/ 9 | @{do_usr}=@{fs_root}/usr/ 10 | @{do_var}=@{fs_root}/var/ 11 | 12 | # Nginx data dirs 13 | @{nginx_data}=@{do_usr}/lib/nginx/ @{do_usr}/share/nginx/ @{do_var}/lib/nginx/ 14 | 15 | profile loki flags=(attach_disconnected,mediate_deleted) { 16 | include 17 | include 18 | 19 | # Send signals to child services 20 | signal (send) peer=@{profile_name}//*, 21 | 22 | # Network access 23 | network tcp, 24 | network udp, 25 | 26 | # Capabilities to run service as non-root 27 | capability kill, 28 | capability dac_override, 29 | capability chown, 30 | capability fowner, 31 | capability fsetid, 32 | capability setuid, 33 | capability setgid, 34 | 35 | # S6-Overlay 36 | /init rix, 37 | /bin/** rix, 38 | /usr/bin/** rix, 39 | @{do_etc}/s6*/** r, 40 | @{do_etc}/fix-attrs.d/{,**} r, 41 | @{do_etc}/cont-{init,finish}.d/{,**} rwix, 42 | @{do_etc}/services.d/{,**} rwix, 43 | @{do_run}/{s6,s6-rc*,service}/** rix, 44 | /command/** rix, 45 | /package/** rix, 46 | @{do_run}/{,**} rwk, 47 | /dev/tty rw, 48 | @{do_usr}/lib/locale/{,**} r, 49 | @{do_etc}/ssl/openssl.cnf r, 50 | @{do_etc}/ssl1.1/openssl.cnf r, 51 | @{do_etc}/{group,hosts,passwd,resolv.conf} r, 52 | /dev/null k, 53 | # Needed for v2, not v3 54 | @{do_etc}/s6/** rix, 55 | 56 | # Bashio 57 | /usr/lib/bashio/** ix, 58 | /tmp/** rw, 59 | 60 | # Options.json & addon data 61 | /data r, 62 | /data/** rw, 63 | 64 | # Needed for setup 65 | @{do_etc}/{loki,nginx}/{,**} rw, 66 | @{nginx_data}/{,**} rw, 67 | @{do_var}/log/nginx/{,**} rw, 68 | /{share,ssl}/{,**} r, 69 | 70 | # Programs 71 | /usr/bin/loki cx -> loki, 72 | /usr/sbin/nginx Cx -> nginx, 73 | 74 | profile loki flags=(attach_disconnected,mediate_deleted) { 75 | include 76 | 77 | # Receive signals from s6 78 | signal (receive) peer=*_loki, 79 | 80 | # Network access 81 | network tcp, 82 | network udp, 83 | network netlink raw, 84 | network unix dgram, 85 | 86 | # Addon data 87 | /data/** r, 88 | /data/loki/** rwk, 89 | 90 | # Config 91 | @{do_etc}/loki/* r, 92 | /share/** r, 93 | 94 | # Runtime usage 95 | owner /tmp/** rwk, 96 | /usr/bin/loki rm, 97 | @{do_etc}/hosts r, 98 | @{do_etc}/{nsswitch,resolv}.conf r, 99 | @{PROC}/sys/net/core/somaxconn r, 100 | @{PROC}/@{pid}/cpuset r, 101 | @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r, 102 | } 103 | 104 | profile nginx flags=(attach_disconnected,mediate_deleted) { 105 | include 106 | 107 | # Receive signals from s6 108 | signal (receive) peer=*_loki, 109 | 110 | # Network access 111 | network tcp, 112 | 113 | # Capabilities to lower privileges 114 | capability dac_override, 115 | capability mknod, 116 | capability setuid, 117 | capability setgid, 118 | 119 | # Allow parent to ptrace 120 | ptrace (read) peer=*_loki, 121 | 122 | # Config files 123 | @{do_etc}/nginx/** r, 124 | /ssl/** r, 125 | 126 | # Service data 127 | @{do_var}/lib/nginx/tmp/** rw, 128 | @{do_var}/log/nginx/* w, 129 | @{nginx_data}/** r, 130 | 131 | # Runtime usage 132 | @{do_run}/nginx.pid rw, 133 | @{PROC}/1/fd/1 w, 134 | /usr/sbin/nginx rm, 135 | @{do_etc}/{group,passwd} r, 136 | @{do_etc}/ssl/openssl.cnf r, 137 | @{do_etc}/ssl1.1/openssl.cnf r, 138 | } 139 | } 140 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Home Assistant Add-on: Loki 2 | 3 | [![GitHub Release][releases-shield]][releases] 4 | ![Project Stage][project-stage-shield] 5 | [![License][license-shield]](LICENSE) 6 | 7 | ![Supports aarch64 Architecture][aarch64-shield] 8 | ![Supports amd64 Architecture][amd64-shield] 9 | ![Supports armhf Architecture][armhf-shield] 10 | ![Supports armv7 Architecture][armv7-shield] 11 | ![Supports i386 Architecture][i386-shield] 12 | 13 | [![Github Actions][github-actions-shield]][github-actions] 14 | ![Project Maintenance][maintenance-shield] 15 | [![GitHub Activity][commits-shield]][commits] 16 | [![Community Forum][forum-shield]][forum] 17 | 18 | _Like Prometheus, but for logs!_ 19 | 20 | [![Open your Home Assistant instance and show the add add-on repository dialog 21 | with a specific repository URL pre-filled.][add-repo-shield]][add-repo] 22 | [![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon] 23 | 24 | ## About 25 | 26 | [Grafana Loki][loki] is a horizontally-scalable, highly-available, multi-tenant 27 | log aggregation system inspired by Prometheus. It is designed to be very cost 28 | effective and easy to operate. It does not index the contents of the logs, but 29 | rather a set of labels for each log stream. 30 | 31 | ## Support 32 | 33 | Got questions? 34 | 35 | You have several ways to get them answered: 36 | 37 | - The Home Assistant [Community Forum][forum]. I am 38 | [CentralCommand][forum-centralcommand] there. 39 | - The Home Assistant [Discord Chat Server][discord-ha]. Use the #add-ons channel, 40 | I am CentralCommand#0913 there. 41 | 42 | You could also [open an issue here][issue] on GitHub. 43 | 44 | ## Authors & contributors 45 | 46 | The original setup of this repository is by [Mike Degatano][mdegat01]. 47 | 48 | For a full list of all authors and contributors, 49 | check [the contributor's page][contributors]. 50 | 51 | ## License 52 | 53 | MIT License 54 | 55 | Copyright (c) 2021-2022 Mike Degatano 56 | 57 | Permission is hereby granted, free of charge, to any person obtaining a copy 58 | of this software and associated documentation files (the "Software"), to deal 59 | in the Software without restriction, including without limitation the rights 60 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 61 | copies of the Software, and to permit persons to whom the Software is 62 | furnished to do so, subject to the following conditions: 63 | 64 | The above copyright notice and this permission notice shall be included in all 65 | copies or substantial portions of the Software. 66 | 67 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 68 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 69 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 70 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 71 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 72 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 73 | SOFTWARE. 74 | 75 | [aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg 76 | [add-addon-shield]: https://my.home-assistant.io/badges/supervisor_addon.svg 77 | [add-addon]: https://my.home-assistant.io/redirect/supervisor_addon/?addon=39bd2704_loki 78 | [add-repo-shield]: https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg 79 | [add-repo]: https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fmdegat01%2Fhassio-addons 80 | [amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg 81 | [armhf-shield]: https://img.shields.io/badge/armhf-yes-green.svg 82 | [armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg 83 | [commits-shield]: https://img.shields.io/github/commit-activity/y/mdegat01/addon-loki.svg 84 | [commits]: https://github.com/mdegat01/addon-loki/commits/main 85 | [contributors]: https://github.com/mdegat01/addon-loki/graphs/contributors 86 | [discord-ha]: https://discord.gg/c5DvZ4e 87 | [forum-centralcommand]: https://community.home-assistant.io/u/CentralCommand/?u=CentralCommand 88 | [forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg 89 | [forum]: https://community.home-assistant.io/t/home-assistant-add-on-loki/293731?u=CentralCommand 90 | [loki]: https://grafana.com/oss/loki/ 91 | [mdegat01]: https://github.com/mdegat01 92 | [github-actions-shield]: https://github.com/mdegat01/addon-loki/workflows/CI/badge.svg 93 | [github-actions]: https://github.com/mdegat01/addon-loki/actions 94 | [i386-shield]: https://img.shields.io/badge/i386-no-red.svg 95 | [issue]: https://github.com/mdegat01/addon-loki/issues 96 | [license-shield]: https://img.shields.io/github/license/mdegat01/addon-loki.svg 97 | [maintenance-shield]: https://img.shields.io/maintenance/yes/2022.svg 98 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg 99 | [releases-shield]: https://img.shields.io/github/release/mdegat01/addon-loki.svg 100 | [releases]: https://github.com/mdegat01/addon-loki/releases 101 | -------------------------------------------------------------------------------- /loki/.README.j2: -------------------------------------------------------------------------------- 1 | # Home Assistant Add-on: Loki 2 | 3 | [![GitHub Release][releases-shield]][releases] 4 | ![Project Stage][project-stage-shield] 5 | [![License][license-shield]][license] 6 | 7 | ![Project Maintenance][maintenance-shield] 8 | [![Community Forum][forum-shield]][forum] 9 | 10 | _Like Prometheus, but for logs!_ 11 | 12 | {% set repository = namespace(url='https%3A//github.com/mdegat01/hassio-addons', slug='39bd2704') %} 13 | {% if channel == "edge" %} 14 | {% set repository.url = repository.url + '-edge' %} 15 | {% set repository.slug = '7eb274d5' %} 16 | ## WARNING! THIS IS AN EDGE REPOSITORY 17 | 18 | This Add-ons repository contains edge builds of add-ons. Edge 19 | builds of add-ons are based upon the latest development version. 20 | 21 | - They may not work at all. 22 | - They might stop working at any time. 23 | - They could have a negative impact on your system. 24 | 25 | This repository was created for: 26 | 27 | - Anybody willing to test. 28 | - Anybody interested in trying out upcoming add-ons or add-on features. 29 | - Developers. 30 | 31 | If you are more interested in stable releases of these add-ons: 32 | 33 | 34 | 35 | {% elif channel == "beta" %} 36 | {% set repository.url = repository.url + '-beta' %} 37 | {% set repository.slug = 'e9a81774' %} 38 | ## WARNING! THIS IS A BETA REPOSITORY 39 | 40 | This Add-ons repository contains beta builds of add-ons. Beta 41 | builds of add-ons are based upon the latest release including pre-releases. 42 | 43 | - They might stop working at any time. 44 | - They could have a negative impact on your system. 45 | 46 | This repository was created for: 47 | 48 | - Anybody willing to test. 49 | - Anybody interested in trying out upcoming add-ons or add-on features. 50 | 51 | If you are more interested in stable releases of these add-ons: 52 | 53 | 54 | 55 | {% endif %} 56 | ## About 57 | 58 | [Grafana Loki][loki] is a horizontally-scalable, 59 | highly-available, multi-tenant log aggregation system inspired by Prometheus. It 60 | is designed to be very cost effective and easy to operate. It does not index the 61 | contents of the logs, but rather a set of labels for each log stream. 62 | 63 | ## Support 64 | 65 | Got questions? 66 | 67 | You have several ways to get them answered: 68 | 69 | - The Home Assistant [Community Forum][forum]. I am 70 | [CentralCommand][forum-centralcommand] there. 71 | - The Home Assistant [Discord Chat Server][discord-ha]. Use the #add-ons channel, 72 | I am CentralCommand#0913 there. 73 | 74 | You could also [open an issue here][issue] on GitHub. 75 | 76 | ## Authors & contributors 77 | 78 | The original setup of this repository is by [Mike Degatano][mdegat01]. 79 | 80 | For a full list of all authors and contributors, 81 | check [the contributor's page][contributors]. 82 | 83 | ## License 84 | 85 | MIT License 86 | 87 | Copyright (c) 2021-2022 Mike Degatano 88 | 89 | Permission is hereby granted, free of charge, to any person obtaining a copy 90 | of this software and associated documentation files (the "Software"), to deal 91 | in the Software without restriction, including without limitation the rights 92 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 93 | copies of the Software, and to permit persons to whom the Software is 94 | furnished to do so, subject to the following conditions: 95 | 96 | The above copyright notice and this permission notice shall be included in all 97 | copies or substantial portions of the Software. 98 | 99 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 100 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 101 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 102 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 103 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 104 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 105 | SOFTWARE. 106 | 107 | {% if channel == "edge" %} 108 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-experimental-yellow.svg 109 | {% elif channel == "beta" %} 110 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-beta-orange.svg 111 | {% else %} 112 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg 113 | {% endif %} 114 | [contributors]: https://github.com/mdegat01/addon-loki/graphs/contributors 115 | [discord-ha]: https://discord.gg/c5DvZ4e 116 | [forum-centralcommand]: https://community.home-assistant.io/u/CentralCommand/?u=CentralCommand 117 | [forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg 118 | [forum]: https://community.home-assistant.io/t/home-assistant-add-on-loki/293731?u=CentralCommand 119 | [loki]: https://grafana.com/oss/loki/ 120 | [mdegat01]: https://github.com/mdegat01 121 | [issue]: https://github.com/mdegat01/addon-loki/issues 122 | [license]: https://github.com/mdegat01/addon-loki/blob/main/LICENSE 123 | [license-shield]: https://img.shields.io/github/license/mdegat01/addon-loki.svg 124 | [maintenance-shield]: https://img.shields.io/maintenance/yes/2022.svg 125 | [releases-shield]: https://img.shields.io/github/release/mdegat01/addon-loki.svg 126 | [releases]: https://github.com/mdegat01/addon-loki/releases 127 | -------------------------------------------------------------------------------- /loki/rootfs/etc/nginx/includes/mime.types: -------------------------------------------------------------------------------- 1 | types { 2 | text/html html htm shtml; 3 | text/css css; 4 | text/xml xml; 5 | image/gif gif; 6 | image/jpeg jpeg jpg; 7 | application/javascript js; 8 | application/atom+xml atom; 9 | application/rss+xml rss; 10 | 11 | text/mathml mml; 12 | text/plain txt; 13 | text/vnd.sun.j2me.app-descriptor jad; 14 | text/vnd.wap.wml wml; 15 | text/x-component htc; 16 | 17 | image/png png; 18 | image/svg+xml svg svgz; 19 | image/tiff tif tiff; 20 | image/vnd.wap.wbmp wbmp; 21 | image/webp webp; 22 | image/x-icon ico; 23 | image/x-jng jng; 24 | image/x-ms-bmp bmp; 25 | 26 | font/woff woff; 27 | font/woff2 woff2; 28 | 29 | application/java-archive jar war ear; 30 | application/json json; 31 | application/mac-binhex40 hqx; 32 | application/msword doc; 33 | application/pdf pdf; 34 | application/postscript ps eps ai; 35 | application/rtf rtf; 36 | application/vnd.apple.mpegurl m3u8; 37 | application/vnd.google-earth.kml+xml kml; 38 | application/vnd.google-earth.kmz kmz; 39 | application/vnd.ms-excel xls; 40 | application/vnd.ms-fontobject eot; 41 | application/vnd.ms-powerpoint ppt; 42 | application/vnd.oasis.opendocument.graphics odg; 43 | application/vnd.oasis.opendocument.presentation odp; 44 | application/vnd.oasis.opendocument.spreadsheet ods; 45 | application/vnd.oasis.opendocument.text odt; 46 | application/vnd.openxmlformats-officedocument.presentationml.presentation 47 | pptx; 48 | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet 49 | xlsx; 50 | application/vnd.openxmlformats-officedocument.wordprocessingml.document 51 | docx; 52 | application/vnd.wap.wmlc wmlc; 53 | application/x-7z-compressed 7z; 54 | application/x-cocoa cco; 55 | application/x-java-archive-diff jardiff; 56 | application/x-java-jnlp-file jnlp; 57 | application/x-makeself run; 58 | application/x-perl pl pm; 59 | application/x-pilot prc pdb; 60 | application/x-rar-compressed rar; 61 | application/x-redhat-package-manager rpm; 62 | application/x-sea sea; 63 | application/x-shockwave-flash swf; 64 | application/x-stuffit sit; 65 | application/x-tcl tcl tk; 66 | application/x-x509-ca-cert der pem crt; 67 | application/x-xpinstall xpi; 68 | application/xhtml+xml xhtml; 69 | application/xspf+xml xspf; 70 | application/zip zip; 71 | 72 | application/octet-stream bin exe dll; 73 | application/octet-stream deb; 74 | application/octet-stream dmg; 75 | application/octet-stream iso img; 76 | application/octet-stream msi msp msm; 77 | 78 | audio/midi mid midi kar; 79 | audio/mpeg mp3; 80 | audio/ogg ogg; 81 | audio/x-m4a m4a; 82 | audio/x-realaudio ra; 83 | 84 | video/3gpp 3gpp 3gp; 85 | video/mp2t ts; 86 | video/mp4 mp4; 87 | video/mpeg mpeg mpg; 88 | video/quicktime mov; 89 | video/webm webm; 90 | video/x-flv flv; 91 | video/x-m4v m4v; 92 | video/x-mng mng; 93 | video/x-ms-asf asx asf; 94 | video/x-ms-wmv wmv; 95 | video/x-msvideo avi; 96 | } 97 | -------------------------------------------------------------------------------- /loki/DOCS.md: -------------------------------------------------------------------------------- 1 | # Home Assistant Add-on: Loki 2 | 3 | ## Install 4 | 5 | First add the repository to the add-on store (`https://github.com/mdegat01/hassio-addons`): 6 | 7 | [![Open your Home Assistant instance and show the add add-on repository dialog 8 | with a specific repository URL pre-filled.][add-repo-shield]][add-repo] 9 | 10 | Then find Loki in the store and click install: 11 | 12 | [![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon] 13 | 14 | ## Default Setup 15 | 16 | If you are also using the Promtail add-on in this repository then by default 17 | Promtail wil ship Loki the systemd journal of the host. That will include all 18 | logs from all addons, supervisor, home assistant, docker, and the host system 19 | itself. No additional configuration is required if that's the setup you want. 20 | 21 | The configuration options can be used to encrypt traffic to Loki via SSL or 22 | limit access via mTLS. If you change those though, make sure to update your 23 | Promtail (or whatever client your using) config accordingly. 24 | 25 | Additionally, if you are an expert and want to take full control over Loki's 26 | configuration there's an option to provide a custom config file. 27 | 28 | ## Configuration 29 | 30 | **Note**: _Remember to restart the add-on when the configuration is changed._ 31 | 32 | Example add-on configuration: 33 | 34 | ```yaml 35 | ssl: true 36 | certfile: fullchain.pem 37 | keyfile: privkey.pem 38 | days_to_keep: 30 39 | log_level: info 40 | ``` 41 | 42 | **Note**: _This is just an example, don't copy and paste it! Create your own!_ 43 | 44 | ### Option: `ssl` 45 | 46 | Enables/Disables SSL (HTTPS). Set it `true` to enable it, `false` otherwise. 47 | 48 | ### Option: `certfile` 49 | 50 | The certificate file to use for SSL. 51 | 52 | **Note**: _The file MUST be stored in `/ssl/`, which is the default_ 53 | 54 | ### Option: `keyfile` 55 | 56 | The private key file to use for SSL. 57 | 58 | **Note**: _The file MUST be stored in `/ssl/`, which is the default_ 59 | 60 | ### Option: `cafile` 61 | 62 | The CA certificate file used to sign client certificates. If set,cclients will 63 | be required to present a valid client-authentication certificate to connect to 64 | Loki (mTLS). 65 | 66 | **Note**: _The file MUST be stored in `/ssl/`, which is the default_ 67 | 68 | ### Option: `days_to_keep` 69 | 70 | Number of days of logs to keep, older logs will be purged from the index. If set, 71 | minimum is `1`, defaults to `30` if omitted. 72 | 73 | The minimum exists because `0` tells Loki to keep tables indefinitely (and the 74 | addon to grow without bound). See [retention][loki-doc-retention] for more information 75 | on how Loki's Compactor handles retention. 76 | 77 | **Note**: This sets an environmental variable referenced in the [default config][addon-default-config]. 78 | If you use `config_path` below it is ignored unless you reference the same variable. 79 | 80 | ### Option: `config_path` 81 | 82 | Absolute path to a custom config file for Loki. By default this addon will run 83 | Loki using the config file [here][addon-default-config]. If you would prefer different 84 | options then you can create your own config file to use instead and provide the 85 | path to it. 86 | 87 | Review the [documentation][loki-doc] to learn about creating a config file for 88 | Loki. You can also see examples [here][loki-doc-examples]. I would also strongly 89 | recommend reading the [Loki best practices][loki-doc-best-practices] guide before 90 | proceeding with a custom config. 91 | 92 | **Note**: `http_listen_address`, `http_listen_port` and `log_level` are set by 93 | the add-on via CLI params so they cannot be changed. Everything else can be configured 94 | in your file. 95 | 96 | ### Option: `log_level` 97 | 98 | The `log_level` option controls the level of log output by the addon and can 99 | be changed to be more or less verbose, which might be useful when you are 100 | dealing with an unknown issue. Possible values are: 101 | 102 | - `debug`: Shows detailed debug information. 103 | - `info`: Normal (usually) interesting events. 104 | - `warning`: Exceptional occurrences that are not errors. 105 | - `error`: Runtime errors that do not require immediate action. 106 | 107 | Please note that each level automatically includes log messages from a 108 | more severe level, e.g., `debug` also shows `info` messages. By default, 109 | the `log_level` is set to `info`, which is the recommended setting unless 110 | you are troubleshooting. 111 | 112 | ### Port: `3100/tcp` 113 | 114 | This is the port that Loki is listening on and that clients such as Promtail 115 | should point at. 116 | 117 | **Note**: If you just want to send logs from the Promtail add-on to this one 118 | you can leave this disabled. Setting it exposes the port on the host so you 119 | only need to do that if you want other systems to ship logs to Loki. 120 | 121 | ## PLG Stack (Promtail, Loki and Grafana) 122 | 123 | Loki isn't a standalone application, it doesn't do anything until you set up another 124 | utility to send logs to it. It's job is to receive logs, index them, and make them 125 | available to analysis tools such as Grafana. Loki typically expects to be deployed 126 | in the full PLG stack: 127 | 128 | - Promtail to process and ship logs 129 | - Loki to aggregate and index them 130 | - Grafana to visualize and monitor them 131 | 132 | ### Promtail 133 | 134 | Promtail is also made by Grafana, its only job is to scrape logs and send them 135 | to Loki. The easiest way to get it set up is to install the 136 | Promtail add-on in this same repository. 137 | 138 | [![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon-promtail] 139 | 140 | This isn't the only way to get logs into Loki though. You may want to deploy 141 | Promtail yourself to ship logs from other systems, you can find installation 142 | instructions for that [here][promtail-doc-installation]. 143 | 144 | Other clients besides Promtail can also be configured to ship their logs to 145 | Loki. The list of supported clients and how to set them up can be found [here][loki-doc-clients] 146 | 147 | ### Grafana 148 | 149 | Grafana's flagship product is their [analysis and visualization tool][grafana] 150 | and it is very easy to connect that to Loki (as you'd likely expect). They have 151 | a guide on how to connect the two [here][loki-in-grafana]. 152 | 153 | The easiest way to install Grafana is to use the 154 | Grafana community add-on. From there you can follow the guide above to add Loki 155 | as a data source. When prompted for Loki's URL in the Grafana add-on, use `http://39bd2704-loki:3100` 156 | (or `https://39bd2704-loki:3100` if you enabled SSL). 157 | 158 | [![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon-grafana] 159 | 160 | ### LogCLI 161 | 162 | Not required, but if you want to be able to interface with Loki via the 163 | commandline for testing or scripting purposes you can set up [LogCLI][logcli]. 164 | This will then let you query Loki using [LogQL][logql]. 165 | 166 | To make LogCLI accessible in the SSH add-ons you can set this install script 167 | to run on startup of the add-on: 168 | 169 | ```bash 170 | #!/bin/bash 171 | 172 | # Set up LogCLI (not available in alpine linux) 173 | # On 2.1.0 (see https://github.com/grafana/loki/releases ) 174 | VERSION=2.1.0 175 | 176 | APKARCH="$(apk --print-arch)" 177 | case "$APKARCH" in 178 | x86_64) BINARCH='amd64' ;; 179 | armhf) BINARCH='arm' ;; 180 | armv7) BINARCH='arm' ;; 181 | aarch64) BINARCH='arm64' ;; 182 | *) echo >&2 "error: unsupported architecture ($APKARCH)"; exit 1 ;; 183 | esac 184 | 185 | curl -J -L -o /tmp/logcli.zip "https://github.com/grafana/loki/releases/download/v${VERSION}/logcli-linux-${BINARCH}.zip" 186 | unzip /tmp/logcli.zip -d /usr/bin 187 | mv "/usr/bin/logcli-linux-${BINARCH}" /usr/bin/logcli 188 | chmod a+x /usr/bin/logcli 189 | rm -f /tmp/logcli.zip 190 | ``` 191 | 192 | You also need to add the following to your `.bash_profile` or `.zshrc` file: 193 | 194 | ```bash 195 | export LOKI_ADDR=http://39bd2704-loki:3100 196 | ``` 197 | 198 | Switch to `https` if you enabled SSL. The LogCLI doc has the full list of 199 | possible exports you may need depending on how you deployed Loki. 200 | 201 | ## Changelog & Releases 202 | 203 | This repository keeps a change log using [GitHub's releases][releases] 204 | functionality. 205 | 206 | Releases are based on [Semantic Versioning][semver], and use the format 207 | of `MAJOR.MINOR.PATCH`. In a nutshell, the version will be incremented 208 | based on the following: 209 | 210 | - `MAJOR`: Incompatible or major changes. 211 | - `MINOR`: Backwards-compatible new features and enhancements. 212 | - `PATCH`: Backwards-compatible bugfixes and package updates. 213 | 214 | ## Support 215 | 216 | Got questions? 217 | 218 | You have several ways to get them answered: 219 | 220 | - The Home Assistant [Community Forum][forum]. I am 221 | [CentralCommand][forum-centralcommand] there. 222 | - The Home Assistant [Discord Chat Server][discord-ha]. Use the #add-ons channel, 223 | I am CentralCommand#0913 there. 224 | 225 | You could also [open an issue here][issue] on GitHub. 226 | 227 | ## Authors & contributors 228 | 229 | The original setup of this repository is by [Mike Degatano][mdegat01]. 230 | 231 | For a full list of all authors and contributors, 232 | check [the contributor's page][contributors]. 233 | 234 | ## License 235 | 236 | MIT License 237 | 238 | Copyright (c) 2021-2022 Mike Degatano 239 | 240 | Permission is hereby granted, free of charge, to any person obtaining a copy 241 | of this software and associated documentation files (the "Software"), to deal 242 | in the Software without restriction, including without limitation the rights 243 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 244 | copies of the Software, and to permit persons to whom the Software is 245 | furnished to do so, subject to the following conditions: 246 | 247 | The above copyright notice and this permission notice shall be included in all 248 | copies or substantial portions of the Software. 249 | 250 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 251 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 252 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 253 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 254 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 255 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 256 | SOFTWARE. 257 | 258 | [add-addon-shield]: https://my.home-assistant.io/badges/supervisor_addon.svg 259 | [add-addon]: https://my.home-assistant.io/redirect/supervisor_addon/?addon=39bd2704_loki 260 | [add-addon-grafana]: https://my.home-assistant.io/redirect/supervisor_addon/?addon=a0d7b954_grafana 261 | [add-addon-promtail]: https://my.home-assistant.io/redirect/supervisor_addon/?addon=39bd2704_promtail 262 | [add-repo-shield]: https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg 263 | [add-repo]: https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fmdegat01%2Fhassio-addons 264 | [addon-default-config]: https://github.com/mdegat01/addon-loki/blob/main/loki/rootfs/etc/loki/default-config.yaml 265 | [contributors]: https://github.com/mdegat01/addon-loki/graphs/contributors 266 | [discord-ha]: https://discord.gg/c5DvZ4e 267 | [forum-centralcommand]: https://community.home-assistant.io/u/CentralCommand/?u=CentralCommand 268 | [forum]: https://community.home-assistant.io/t/home-assistant-add-on-loki/293731?u=CentralCommand 269 | [grafana]: https://grafana.com/oss/grafana/ 270 | [issue]: https://github.com/mdegat01/addon-loki/issues 271 | [logcli]: https://grafana.com/docs/loki/latest/getting-started/logcli/ 272 | [logql]: https://grafana.com/docs/loki/latest/logql/ 273 | [loki-doc]: https://grafana.com/docs/loki/latest/configuration/ 274 | [loki-doc-best-practices]: https://grafana.com/docs/loki/latest/best-practices/ 275 | [loki-doc-clients]: https://grafana.com/docs/loki/latest/clients/ 276 | [loki-doc-examples]: https://grafana.com/docs/loki/latest/configuration/examples/ 277 | [loki-doc-table-manager]: https://grafana.com/docs/loki/latest/operations/storage/table-manager/ 278 | [loki-doc-table-manager-config]: https://grafana.com/docs/loki/latest/configuration/#table_manager_config 279 | [loki-in-grafana]: https://grafana.com/docs/loki/latest/getting-started/grafana 280 | [mdegat01]: https://github.com/mdegat01 281 | [promtail-doc-installation]: https://grafana.com/docs/loki/latest/clients/promtail/installation/ 282 | [releases]: https://github.com/mdegat01/addon-loki/releases 283 | [semver]: http://semver.org/spec/v2.0.0 284 | --------------------------------------------------------------------------------