From 174167665873eb3676c2364823b57565b96ae2ca Mon Sep 17 00:00:00 2001
From: Ryan Cavicchioni <ryan@cavi.cc>
Date: Fri, 11 Jul 2025 22:02:39 -0500
Subject: [PATCH] add loki

---
 apps/loki.yaml               |  43 ++++++++++++
 loki/Chart.yaml              |   9 +++
 loki/values-development.yaml | 125 +++++++++++++++++++++++++++++++++++
 3 files changed, 177 insertions(+)
 create mode 100644 apps/loki.yaml
 create mode 100644 loki/Chart.yaml
 create mode 100644 loki/values-development.yaml

diff --git a/apps/loki.yaml b/apps/loki.yaml
new file mode 100644
index 0000000..aa7d36a
--- /dev/null
+++ b/apps/loki.yaml
@@ -0,0 +1,43 @@
+apiVersion: argoproj.io/v1alpha1
+kind: ApplicationSet
+metadata:
+  name: loki
+spec:
+  goTemplate: true
+  goTemplateOptions: ["missingkey=error"]
+  generators:
+    - list:
+        elements:
+        - cluster: production
+          url: https://kubernetes.default.svc
+          chart: 4.11.7
+        - cluster: staging
+          url: https://k3s-ctrl-lb.lab.kill0.net:6443
+          chart: 4.11.7
+        - cluster: development
+          url: https://k0s-ctrl-vip.lab.kill0.net:6443
+          chart: 4.11.7
+  template:
+    metadata:
+      name: 'loki-{{.cluster}}'
+    spec:
+      project: default
+      source:
+        path: loki
+        repoURL: https://git.kill0.net/ryanc/argocd.git
+        targetRevision: HEAD
+        helm:
+          releaseName: loki
+          valueFiles:
+            - values.yaml
+            - values-{{.cluster}}.yaml
+          ignoreMissingValueFiles: true
+      destination:
+        server: '{{.url}}'
+        namespace: loki
+      syncPolicy:
+        automated:
+          prune: true
+          selfHeal: true
+        syncOptions:
+          - CreateNamespace=true
diff --git a/loki/Chart.yaml b/loki/Chart.yaml
new file mode 100644
index 0000000..2ee796d
--- /dev/null
+++ b/loki/Chart.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: v2
+name: loki
+version: "1.0.0"
+
+dependencies:
+  - name: loki
+    version: 6.31.0
+    repository: https://grafana.github.io/helm-charts
diff --git a/loki/values-development.yaml b/loki/values-development.yaml
new file mode 100644
index 0000000..ed0cde2
--- /dev/null
+++ b/loki/values-development.yaml
@@ -0,0 +1,125 @@
+loki:
+   schemaConfig:
+     configs:
+       - from: "2024-04-01"
+         store: tsdb
+         object_store: s3
+         schema: v13
+         index:
+           prefix: loki_index_
+           period: 24h
+   storage_config:
+     aws:
+       region: us-east-2
+       bucketnames: kill0-loki-dev-chunks
+       s3forcepathstyle: false
+   ingester:
+       chunk_encoding: snappy
+   pattern_ingester:
+       enabled: true
+   limits_config:
+     allow_structured_metadata: true
+     volume_enabled: true
+     retention_period: 672h # 28 days retention
+   compactor:
+     retention_enabled: true
+     delete_request_store: s3
+   ruler:
+    enable_api: true
+    storage:
+      type: s3
+      s3:
+        region: us-east-2
+        bucketnames: kill0-loki-dev-ruler
+        s3forcepathstyle: false
+      alertmanager_url: http://prom:9093 # The URL of the Alertmanager to send alerts (Prometheus, Mimir, etc.)
+
+   querier:
+      max_concurrent: 4
+
+   storage:
+      type: s3
+      bucketNames:
+        chunks: kill0-loki-dev-chunks
+        ruler: kill0-loki-dev-ruler
+      s3:
+        region: us-east-2
+        #insecure: false
+      # s3forcepathstyle: false
+
+serviceAccount:
+ create: true
+ # annotations:
+ #   "eks.amazonaws.com/role-arn": "arn:aws:iam::<Account ID>:role/LokiServiceAccountRole" # The service role you created
+
+deploymentMode: Distributed
+
+ingester:
+ replicas: 3
+ zoneAwareReplication:
+  enabled: false
+
+querier:
+ replicas: 3
+ maxUnavailable: 2
+
+queryFrontend:
+ replicas: 2
+ maxUnavailable: 1
+
+queryScheduler:
+ replicas: 2
+
+distributor:
+ replicas: 3
+ maxUnavailable: 2
+compactor:
+ replicas: 1
+
+indexGateway:
+ replicas: 2
+ maxUnavailable: 1
+
+ruler:
+ replicas: 1
+ maxUnavailable: 1
+
+
+# This exposes the Loki gateway so it can be written to and queried externaly
+gateway:
+ service:
+   type: LoadBalancer
+ basicAuth:
+     enabled: true
+     existingSecret: loki-basic-auth
+
+# Since we are using basic auth, we need to pass the username and password to the canary
+lokiCanary:
+  extraArgs:
+    - -pass=$(LOKI_PASS)
+    - -user=$(LOKI_USER)
+  extraEnv:
+    - name: LOKI_PASS
+      valueFrom:
+        secretKeyRef:
+          name: canary-basic-auth
+          key: password
+    - name: LOKI_USER
+      valueFrom:
+        secretKeyRef:
+          name: canary-basic-auth
+          key: username
+
+# Enable minio for storage
+minio:
+ enabled: false
+
+backend:
+ replicas: 0
+read:
+ replicas: 0
+write:
+ replicas: 0
+
+singleBinary:
+ replicas: 0