From 7e0c6a57b24d42f2badf9c296b175ded8d6ed96f Mon Sep 17 00:00:00 2001
From: oxmox <oxmox@noreply.localhost>
Date: Fri, 8 Sep 2023 01:38:37 +0200
Subject: [PATCH] node-exporter, loki+promtail, loki logging, up php cloud mem

---
 docker-compose.yml | 84 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 82 insertions(+), 2 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index a55b9e9..c6fafe8 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,13 +10,21 @@ secrets:
   forgejo_db_root_password:
     file: ./secrets/forgejo_db_root_password
 
+# logger driver - change this driver to ship all container logs to a different location
+x-logging: &logging
+  logging:
+    driver: loki
+    options:
+      loki-url: "http://localhost:3100/loki/api/v1/push"
+
 services:
   traefik:
     image: "traefik:v2.10"
     container_name: "traefik"
     restart: unless-stopped
+    <<: *logging
     command:
-      - "--log.level=DEBUG"
+      - "--log.level=INFO"
       - "--accesslog=true"
       - "--accesslog.filePath=/logs/access.log"
       - "--api.insecure=false"
@@ -67,6 +75,7 @@ services:
     image: mariadb:latest
     container_name: "nextcloud-db"
     restart: unless-stopped
+    <<: *logging
     command:
       - --transaction-isolation=READ-COMMITTED
       - --log-bin=binlog
@@ -105,6 +114,7 @@ services:
     image: nextcloud:stable
     container_name: "nextcloud-app"
     restart: unless-stopped
+    <<: *logging
     links:
       - nextcloud-db
     volumes:
@@ -122,7 +132,7 @@ services:
       - TRUSTED_PROXIES=192.168.128.0/24
       - NEXTCLOUD_TRUSTED_DOMAINS=*
       # PHP tuning
-      - PHP_MEMORY_LIMIT=128M # default=512M
+      - PHP_MEMORY_LIMIT=256M # default=512M
       - PHP_UPLOAD_LIMIT=512M # default=512M
       # Sadly this did not work for me.
       #- NEXTCLOUD_ADMIN_USER=admin
@@ -150,6 +160,7 @@ services:
     image: mariadb:latest
     container_name: "forgejo-db"
     restart: unless-stopped
+    <<: *logging
     command:
       - --transaction-isolation=READ-COMMITTED
       - --log-bin=binlog
@@ -187,6 +198,7 @@ services:
     image: codeberg.org/forgejo/forgejo:1.20.3-0
     container_name: "forgejo-app"
     restart: unless-stopped
+    <<: *logging
     links:
       - forgejo-db
     volumes:
@@ -214,6 +226,7 @@ services:
     image: prom/prometheus
     container_name: "prometheus"
     restart: unless-stopped
+    <<: *logging
     command:
       - '--web.external-url=/prometheus/'
       - '--web.route-prefix=/prometheus/'
@@ -237,11 +250,14 @@ services:
     image: grafana/grafana
     container_name: "grafana"
     restart: unless-stopped
+    <<: *logging
     depends_on:
       - prometheus
     volumes:
       - ./grafana/data:/var/lib/grafana
       - ./grafana/etc:/etc/grafana
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
     environment:
       - PUID=1000
       - PGID=1000
@@ -256,6 +272,70 @@ services:
       - "traefik.http.middlewares.grafana_app_strip.stripprefix.prefixes=/grafana"
       - "traefik.http.services.grafana_app.loadbalancer.server.port=3000"
 
+  node-exporter:
+    #image: quay.io/prometheus/node-exporter:latest
+    image: prom/node-exporter:latest
+    container_name: node-exporter
+    restart: unless-stopped
+    <<: *logging
+    #network_mode: host
+    pid: host
+    volumes:
+      #- /proc:/host/proc:ro
+      #- /sys:/host/sys:ro
+      - /:/rootfs:ro,rslave
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    command:
+      #- '--path.procfs=/host/proc'
+      - '--path.rootfs=/rootfs'
+      #- '--path.sysfs=/host/sys'
+      #- '--dollector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
+    expose:
+      - 9100
+
+  loki-app:
+    image: grafana/loki:2.8.4
+    container_name: "loki-app"
+    restart: unless-stopped
+    <<: *logging
+    volumes:
+      - ./loki/etc:/etc/loki
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      - PUID=1000
+      - PGID=1000
+    command: -config.file=/etc/loki/loki-config.yml
+    ports:
+      - "127.0.0.1:3100:3100"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.loki_app.rule=Host(`oxmox.root.sx`) && PathPrefix(`/loki`)"
+      - "traefik.http.routers.loki_app.entrypoints=websecure"
+      - "traefik.http.routers.loki_app.tls.certresolver=myresolver"
+      - "traefik.http.routers.loki_app.middlewares=traefik_api_auth,loki_app_strip"
+      - "traefik.http.middlewares.loki_app_strip.stripprefix.prefixes=/loki"
+      - "traefik.http.services.loki_app.loadbalancer.server.port=3100"
+
+  loki-promtail:
+    image: grafana/promtail:2.8.4
+    container_name: "loki-promtail"
+    restart: unless-stopped
+    <<: *logging
+    volumes:
+      - ./loki/etc:/etc/promtail
+      - /var/log:/var/log
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      - PUID=1000
+      - PGID=1000
+    command: -config.file=/etc/promtail/promtail-config.yml
+    labels:
+      - "traefik.enable=false"
+
+
   #wireguard:
   #  image: lscr.io/linuxserver/wireguard:latest
   #  container_name: wireguard