From nobody Sun Oct 01 08:16:31 2023 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RyxkS6Y75z4wTLw for ; Sun, 1 Oct 2023 08:16:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RyxkS0f4hz3SCg for ; Sun, 1 Oct 2023 08:16:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1696148192; a=rsa-sha256; cv=none; b=M545/jzBT0ZMsD9Uxnh3XMu9SmK07ymxqwdIlJtaO4Lm+erS5Mi2NGzIMYL5aBDM4TzleN uRJy+BIYkQwxgr+yOJvFBJmp2uOKocY3oJm1M8V1y1rblhiXqkWdj+fwzSOXKdqGDy7Xtk VppbVYeGXOcbdjMnfClRvS4tM4e5ZZ0mZLY2q0cqOvStK4WBN41fZMv1hZGg7tkdMokYMR p8UJKsJlaZRsG434Rv5G5++WO5Jm1IPpYOj/bgwnwPpwLa9wFmJcbzKnRjocDQIdbnhy3X Uelb/l6ZADypY/yFcyCOa1/p2ab5miPyhbE4m/pqjs6b3OZdp3ZAqJK+pOjwig== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696148192; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UM3uMK7vgEHOgJSWRphv5TnYBF01VzJR8MYnsfgovdY=; b=NFQ6Pf6j3C3LKqZh1vW60TRr/FKYeXIICTFCJw4hMy/RVGFiSA0gWBu5VWAYUxqo/TaZIe 7cGjM2VYSprOwT322dX78w9/rkKECgq9VKkpQRy/QahNb8C/xh4YmzVXdHhY21L13fPkP4 +VwNEp2mTC2ovxjKh+w2AQewDxYX/sXMqYn4AVNZ7J1nm2yoS5CS+77ALXfjvXvfNu73of bXrV13P74ZTxReegxQ/WHPq6ryQG6hJs2mR7kP0VQ8sGvvpYUilJcb8A8kf8GphaqRWlk0 CIrzdADm3HoPNjKoK6mFJ7v4MRjIAlp2F3rmt2BFKnAHE/vpBg2XyD+xNytjQg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RyxkR6jJmz7RF for ; Sun, 1 Oct 2023 08:16:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3918GVYb082130 for ; Sun, 1 Oct 2023 08:16:31 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3918GVUc082129 for ports-bugs@FreeBSD.org; Sun, 1 Oct 2023 08:16:31 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 274194] sysutils/loki: New rc.d file for promtail Date: Sun, 01 Oct 2023 08:16:31 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: turkay.eren@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter cc flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274194 Bug ID: 274194 Summary: sysutils/loki: New rc.d file for promtail Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: turkay.eren@gmail.com CC: freebsd@funzi.org Flags: maintainer-feedback?(freebsd@funzi.org) CC: freebsd@funzi.org Hello, Thank you for packaging loki in bug #256030. I realized that loki and promt= ail binaries are installed with the package but only loki has an rc.d script. F= or most cases, when you install loki as a centralized log server, you only configure and run promtail to read/send logs from other nodes. I would love to take initiative on this issue and this will be my first contribution to FreeBSD community. I can simply copy .in file for promtail = and send a patch but I wanted to make sure we discuss other considerations such= as default configuration file and user to run. Default Files Provided by Grafana =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D On official release page, Grafana team provides pre-built binaries and configuration files. For Debian/Ubuntu systems [0], the default configurati= on file looks like this: ``` server: http_listen_port: 9080 grpc_listen_port: 0 positions: filename: /tmp/positions.yaml clients: - url: http://localhost:3100/loki/api/v1/push scrape_configs: - job_name: system static_configs: - targets: - localhost labels: job: varlogs __path__: /var/log/*log ``` Which I believe it's OK configuration file. When you run promtail, it will start reading logs out of the box and you will be able to extend it. Howeve= r, the problem is that their systemd file runs with user `promtail`. As you can guess, this user will not be able to read /var/log/. Whenever I installed promtail, I always changed systemd service to run as root because I need lo= gs in /var/log/ along with application specific logs. The application does not crash. You simply see a number of error messages in promtail logs. But generating error messages after the installation is not a good default behavior. Also, `positions.yml` is too important to put into /tmp/. After a system reboot, promtail will not be able to know which line it read last. So, putt= ing it into /usr/local/etc/promtail/ makes more sense. [0] https://github.com/grafana/loki/releases/download/v2.9.1/promtail_2.9.1_amd= 64.deb Which User To Run On =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D I do not see a problem with providing default configuration like above (with fixes) and running log aggregator as root because you mostly want to run as root. Usually, there are different users for different applications, each writing to different directory, and you need to read all application logs, label them, and send it. However, if that causes a security concern within FreeBSD, we can simply comment the example configuration file and put a note in there. Alternative= ly, we can write a message after package install, reminding that `promtail_user= `, `promtail_group` is present. The configuration file above is only an example, provided by official grafa= na team. We are not bound to use it as-is, we can also think of adding additio= nal defaults based on user needs. Thank you for your time reading the report. Best, Eren --=20 You are receiving this mail because: You are the assignee for the bug.=