#!/usr/bin/env bash # ============================================================================= # agent-alloy.sh — Installe Grafana Alloy et expédie les logs vers Loki # Lib-Lab — cible Loki : srv-obs (172.0.16.80:3100) # Remplaçant maintenu de Promtail (EOL). Collecte : journald + /var/log + Docker. # Usage : # sudo bash agent-alloy.sh # interactif # sudo LOKI_HOST=172.0.16.80 bash agent-alloy.sh --yes # ============================================================================= set -euo pipefail die(){ echo "ERROR: $*" >&2; exit 1; } msg(){ echo "[*] $*"; } ok(){ echo "[✓] $*"; } LOKI_HOST="${LOKI_HOST:-172.0.16.80}" LOKI_PORT="${LOKI_PORT:-3100}" LOKI_URL="${LOKI_URL:-http://${LOKI_HOST}:${LOKI_PORT}}" HOSTLABEL="${HOSTLABEL:-$(hostname -s 2>/dev/null || hostname)}" ASSUME_YES="${ASSUME_YES:-false}" while [[ $# -gt 0 ]]; do case "$1" in --loki) LOKI_URL="$2"; shift 2 ;; --host) HOSTLABEL="$2"; shift 2 ;; --yes) ASSUME_YES=true; shift ;; --help) grep '^#' "$0" | sed 's/^# \{0,1\}//'; exit 0 ;; *) die "Option inconnue : $1" ;; esac done [[ ${EUID:-$(id -u)} -eq 0 ]] || die "Exécute en root (sudo $0)." command -v apt-get >/dev/null 2>&1 || die "Ce script cible Debian/Ubuntu (apt)." if [[ "$ASSUME_YES" != "true" ]]; then read -r -p "Installer Grafana Alloy et envoyer les logs vers ${LOKI_URL} ? [O/n] " a [[ "${a,,}" == "n" ]] && { msg "Abandon."; exit 0; } fi # -------- Dépôt Grafana + installation -------- export DEBIAN_FRONTEND=noninteractive apt-get install -y ca-certificates curl gpg >/dev/null 2>&1 || true install -m 0755 -d /etc/apt/keyrings curl -fsSL https://apt.grafana.com/gpg.key | gpg --dearmor -o /etc/apt/keyrings/grafana.gpg chmod a+r /etc/apt/keyrings/grafana.gpg echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" > /etc/apt/sources.list.d/grafana.list apt-get update -y apt-get install -y alloy ok "Alloy installé" # -------- Accès logs -------- usermod -aG adm,systemd-journal alloy 2>/dev/null || true [[ -S /var/run/docker.sock ]] && usermod -aG docker alloy 2>/dev/null || true # -------- Bloc Docker (si présent) -------- DOCKER_BLOCK="" if [[ -S /var/run/docker.sock ]]; then DOCKER_BLOCK=$(cat < /etc/alloy/config.alloy < Loki (srv-obs) loki.write "default" { endpoint { url = "${LOKI_URL}/loki/api/v1/push" } } loki.source.journal "journal" { forward_to = [loki.write.default.receiver] labels = { job = "journal", host = "${HOSTLABEL}" } max_age = "12h" } local.file_match "varlogs" { path_targets = [{ "__path__" = "/var/log/*log", "job" = "varlogs", "host" = "${HOSTLABEL}" }] } loki.source.file "varlogs" { targets = local.file_match.varlogs.targets forward_to = [loki.write.default.receiver] } ${DOCKER_BLOCK} RIVER sed -i "s/__HOST__/${HOSTLABEL}/g" /etc/alloy/config.alloy ok "Config écrite : /etc/alloy/config.alloy (host=${HOSTLABEL})" # -------- LXC : alléger le sandbox systemd du paquet -------- if systemd-detect-virt --container --quiet 2>/dev/null; then msg "Conteneur (LXC) détecté — allègement du sandbox systemd d'Alloy" install -d /etc/systemd/system/alloy.service.d cat > /etc/systemd/system/alloy.service.d/override.conf <<'EOF' [Service] ProtectSystem= ProtectHome= PrivateTmp= NoNewPrivileges= ReadWritePaths= EOF fi systemctl daemon-reload systemctl enable --now alloy sleep 2 systemctl is-active --quiet alloy || { journalctl -u alloy --no-pager -n 30; die "alloy n'a pas démarré"; } ok "Service alloy actif" echo ok "Grafana Alloy installé." echo " - Loki : ${LOKI_URL}" echo " - Host : ${HOSTLABEL}" echo " - Config : /etc/alloy/config.alloy" echo " - Vérif : journalctl -u alloy -f | UI Alloy : http://$(hostname -I | awk '{print $1}'):12345"