Grafana Loki
-
@AyoubHabra Apologies for the delay - somehow I missed the alert on this. I've not changed anything to permit/reject traffic - not sure why it works for me but not you That said, I haven't tried to formally package it for the ecosystem due to lack of interest, but will take a peak and see if I can figure out why it's not working for you.
-
@doodlemania2 Hello, do you have any plans to add authentication to this app?
-
@TomsFreitas haven't had the need what's the scenario?
-
@doodlemania2 I have several servers that need to push logs to loki so it must be exposed to the internet and I wanted it to be secure. Protecting it with cloudron auth would make it so that loki could be exposed and not have to worry about someone fetching all my logs using loki's API
-
@girish Well, the most used setup with Loki is using it with promtail. Promtail resides in your agents and it pushes the logs to loki. Grafana then fetches the logs from loki. It's my understanding that both promtail and grafana support basic auth when interacting with loki
-
@TomsFreitas yeah, i think that's right - I've never done it because it's always just been me pushing to it from a tailscale endpoint but I can see the value there.
@girish - I think the best approach would be to leave it open (but behind SSL) and let Loki handle the auth.
No?
-
@doodlemania2 agree, but apparently loki doesn't have any auth of it's own - https://grafana.com/docs/loki/latest/operations/authentication/ . I guess this is why @TomsFreitas wants Cloudron to provide the auth.
-
rats - I thought it would. Putting CR auth in front of Loki may be problematic - how would a payload or client that is pushing data to loki know that it's cloudron asking and not loki. if loki has no knowledge of auth, the inverse is problematic too.
-
Not sure what the status of https://git.cloudron.io/doodlemania2/loki is . @doodlemania2 any update?
I haven't used Loki myself but is it actually a web app?
-
It's not - it's really just an endpoint. I have used it as is for many moons and is rock solid. That said, it definitely needs an update. One of the challenges I faced is there's a LOT of changes under the covers, so I've stayed with this older version and it serves me well.