Update 2 files

- /roles/promtail/tasks/main.yml
- /roles/promtail/templates/promtail-config.yml.j2

roles/promtail/tasks/main.yml

@@ -9,6 +9,23 @@
     - "{{ promtail_data_dir }}"
   become: yes
 
+- name: Set proper permissions for Promtail data directory
+  file:
+    path: "{{ promtail_data_dir }}"
+    state: directory
+    owner: promtail
+    group: promtail
+    mode: '0755'
+    recurse: yes
+  become: yes
+
+- name: Add promtail user to adm group for system log access
+  user:
+    name: promtail
+    groups: adm
+    append: yes
+  become: yes
+
 - name: Download Promtail binary
   get_url:
     url: "https://github.com/grafana/loki/releases/download/v{{ loki_version }}/promtail-linux-amd64.zip"
@@ -17,7 +34,7 @@
     timeout: 60
   become: yes
 
-- name: Unzip Promtail binary
+- name: Install Promtail binary
   unarchive:
     src: /tmp/promtail-linux-amd64.zip
     dest: /usr/local/bin/
@@ -43,9 +60,28 @@
   notify: restart promtail
   become: yes
 
-- name: Deploy Promtail systemd service
+- name: Deploy Promtail systemd service (as root)
-  template:
+  copy:
-    src: promtail-service.yml.j2
+    content: |
+      [Unit]
+      Description=Promtail log collector
+      Documentation=https://grafana.com/docs/loki/latest/clients/promtail/
+      Wants=network-online.target
+      After=network-online.target
+
+      [Service]
+      Type=simple
+      User=root
+      Group=root
+      ExecStart=/usr/local/bin/promtail-linux-amd64 \
+        -config.file={{ promtail_config_dir }}/promtail-config.yml
+      ExecReload=/bin/kill -HUP $MAINPID
+      KillMode=process
+      Restart=on-failure
+      RestartSec=5s
+
+      [Install]
+      WantedBy=multi-user.target
     dest: /etc/systemd/system/promtail.service
     mode: '0644'
   notify: restart promtail

roles/promtail/templates/promtail-config.yml.j2

@@ -1,9 +1,9 @@
 server:
-  http_listen_port: 9080
+  http_listen_port: {{ monitoring_ports.promtail }}
   grpc_listen_port: 0
 
 positions:
-  filename: /var/lib/promtail/positions.yaml
+  filename: {{ promtail_data_dir }}/positions.yaml
 
 clients:
   - url: http://{{ loki_server_host }}:{{ loki_server_port }}/loki/api/v1/push
@@ -16,34 +16,7 @@ scrape_configs:
         labels:
           job: system-logs
           host: "{{ inventory_hostname }}"
-          __path__: /var/log/*log
+          __path__: /var/log/*.log
-
-  - job_name: auth
-    static_configs:
-      - targets:
-          - localhost
-        labels:
-          job: auth
-          host: "{{ inventory_hostname }}"
-          __path__: /var/log/auth.log
-
-  - job_name: syslog
-    static_configs:
-      - targets:
-          - localhost
-        labels:
-          job: syslog
-          host: "{{ inventory_hostname }}"
-          __path__: /var/log/syslog
-
-  - job_name: kernel
-    static_configs:
-      - targets:
-          - localhost
-        labels:
-          job: kernel
-          host: "{{ inventory_hostname }}"
-          __path__: /var/log/kern.log
 
   - job_name: docker
     static_configs:
@@ -52,18 +25,18 @@ scrape_configs:
         labels:
           job: container-logs
           host: "{{ inventory_hostname }}"
-          __path__: /var/lib/docker/containers/*/*log
+          __path__: /var/lib/docker/containers/*/*.log
     relabel_configs:
       - source_labels: ['__path__']
         target_label: container_name
         regex: '/var/lib/docker/containers/([^/]*)/.*log'
         replacement: '$1'
 
-  - job_name: applications
+  - job_name: syslog
     static_configs:
       - targets:
           - localhost
         labels:
-          job: applications
+          job: syslog
           host: "{{ inventory_hostname }}"
-          __path__: /var/log/*.log
+          __path__: /var/log/syslog