init

2026-06-15 21:43:10 -04:00 · 2026-06-15 21:43:10 -04:00 · c33afaf8f0
commit c33afaf8f0
21 changed files with 1690 additions and 0 deletions
--- a/docker/lgtm/.env.example
+++ b/docker/lgtm/.env.example
@ -0,0 +1,65 @@
+# =============================================================================
+# otel-lgtm - OpenTelemetry Backend (Grafana, Prometheus, Tempo, Loki, Pyroscope)
+# =============================================================================
+# Image: grafana/otel-lgtm
+# Docs:  https://github.com/grafana/docker-otel-lgtm
+# =============================================================================
+
+# -- Image Tag -----------------------------------------------------------------
+OTEL_LGTM_VERSION=latest
+
+# -- Grafana Admin Credentials -------------------------------------------------
+GF_ADMIN_USER=admin
+GF_ADMIN_PASSWORD=admin
+
+# -- Exposed Ports -------------------------------------------------------------
+# Grafana dashboard
+EXPOSE_GRAFANA_PORT=3000
+# OpenTelemetry Collector - OTLP gRPC (used by instrumented apps/services)
+EXPOSE_OTLP_GRPC_PORT=4317
+# OpenTelemetry Collector - OTLP HTTP (used by instrumented apps/services)
+EXPOSE_OTLP_HTTP_PORT=4318
+# Prometheus metrics UI
+EXPOSE_PROMETHEUS_PORT=9090
+# Tempo HTTP query endpoint
+EXPOSE_TEMPO_HTTP_PORT=3200
+# Pyroscope continuous profiling UI
+EXPOSE_PYROSCOPE_PORT=4040
+
+# -- Verbose Container Logging -------------------------------------------------
+# Set any of these to "true" to enable verbose logs for that component.
+# These are component-internal logs (not the application telemetry data).
+ENABLE_LOGS_GRAFANA=false
+ENABLE_LOGS_LOKI=false
+ENABLE_LOGS_PROMETHEUS=false
+ENABLE_LOGS_TEMPO=false
+ENABLE_LOGS_PYROSCOPE=false
+ENABLE_LOGS_OTELCOL=false
+# Override: enable ALL component logging at once
+ENABLE_LOGS_ALL=false
+
+# -- eBPF Auto-Instrumentation (OBI) ------------------------------------------
+# Requires Linux kernel 5.8+ with BTF support. Also requires privileged mode
+# and host PID namespace. If enabled, uncomment the `cap_add`, `network_mode`,
+# and `pid` lines in docker-compose.yaml.
+ENABLE_OBI=false
+
+# -- External OTLP Forwarding --------------------------------------------------
+# Forward telemetry to an external OTLP-compatible backend (e.g., Grafana Cloud).
+# Leave blank to send data only to the local LGTM stack.
+OTEL_EXPORTER_OTLP_ENDPOINT=
+OTEL_EXPORTER_OTLP_HEADERS=
+
+# -- Tempo MCP Server ---------------------------------------------------------
+# Enables the Tempo MCP server for AI tool integration (e.g., Cline, Claude Code).
+# Set to "--query-frontend.mcp-server.enabled=true" to enable.
+TEMPO_EXTRA_ARGS=
+
+# -- Per-Backend Extra CLI Args -----------------------------------------------
+# Additional command-line flags for individual backends.
+# Example: PROMETHEUS_EXTRA_ARGS="--storage.tsdb.retention.time=90d"
+PROMETHEUS_EXTRA_ARGS=
+LOKI_EXTRA_ARGS=
+TEMPO_EXTRA_ARGS_V2=
+PYROSCOPE_EXTRA_ARGS=
+OTELCOL_EXTRA_ARGS=
--- a/docker/lgtm/docker-compose.yaml
+++ b/docker/lgtm/docker-compose.yaml
@ -0,0 +1,94 @@
+services:
+    lgtm:
+        image: grafana/otel-lgtm:${OTEL_LGTM_VERSION:-latest}
+        restart: unless-stopped
+        environment:
+            # Grafana admin credentials
+            GF_SECURITY_ADMIN_USER: ${GF_ADMIN_USER:-admin}
+            GF_SECURITY_ADMIN_PASSWORD: ${GF_ADMIN_PASSWORD:-admin}
+
+            # Enable verbose container logging for specific components
+            ENABLE_LOGS_GRAFANA: ${ENABLE_LOGS_GRAFANA:-false}
+            ENABLE_LOGS_LOKI: ${ENABLE_LOGS_LOKI:-false}
+            ENABLE_LOGS_PROMETHEUS: ${ENABLE_LOGS_PROMETHEUS:-false}
+            ENABLE_LOGS_TEMPO: ${ENABLE_LOGS_TEMPO:-false}
+            ENABLE_LOGS_PYROSCOPE: ${ENABLE_LOGS_PYROSCOPE:-false}
+            ENABLE_LOGS_OTELCOL: ${ENABLE_LOGS_OTELCOL:-false}
+            ENABLE_LOGS_ALL: ${ENABLE_LOGS_ALL:-false}
+
+            # eBPF auto-instrumentation (OBI)
+            # Requires Linux kernel 5.8+ with BTF support
+            ENABLE_OBI: ${ENABLE_OBI:-false}
+
+            # Forward telemetry to an external OTLP endpoint (e.g., Grafana Cloud)
+            OTEL_EXPORTER_OTLP_ENDPOINT: ${OTEL_EXPORTER_OTLP_ENDPOINT:-}
+            OTEL_EXPORTER_OTLP_HEADERS: ${OTEL_EXPORTER_OTLP_HEADERS:-}
+
+            # Enable Tempo MCP server for AI tool integration
+            TEMPO_EXTRA_ARGS: ${TEMPO_EXTRA_ARGS:-}
+
+            # Extra CLI args for individual backends (optional)
+            PROMETHEUS_EXTRA_ARGS: ${PROMETHEUS_EXTRA_ARGS:-}
+            LOKI_EXTRA_ARGS: ${LOKI_EXTRA_ARGS:-}
+            TEMPO_EXTRA_ARGS_V2: ${TEMPO_EXTRA_ARGS_V2:-}
+            PYROSCOPE_EXTRA_ARGS: ${PYROSCOPE_EXTRA_ARGS:-}
+            OTELCOL_EXTRA_ARGS: ${OTELCOL_EXTRA_ARGS:-}
+
+        ports:
+            # Grafana dashboard
+            - ${EXPOSE_GRAFANA_PORT:-3000}:3000
+            # OpenTelemetry Collector - OTLP gRPC
+            - ${EXPOSE_OTLP_GRPC_PORT:-4317}:4317
+            # OpenTelemetry Collector - OTLP HTTP
+            - ${EXPOSE_OTLP_HTTP_PORT:-4318}:4318
+            # Prometheus
+            - ${EXPOSE_PROMETHEUS_PORT:-9090}:9090
+            # Tempo HTTP query endpoint
+            - ${EXPOSE_TEMPO_HTTP_PORT:-3200}:3200
+            # Pyroscope
+            - ${EXPOSE_PYROSCOPE_PORT:-4040}:4040
+
+        volumes:
+            # Persistent storage for all backend data
+            - ./lgtm-data:/data
+
+        # If OBI (eBPF) is enabled, these capabilities are needed
+        # Uncomment the cap_add and network_mode when ENABLE_OBI=true
+        # cap_add:
+        #     - SYS_ADMIN
+        #     - BPF
+        # network_mode: host
+        # pid: host
+
+        networks:
+            - lgtm
+            - pipeline
+            - swag
+
+        # healthcheck:
+        #     test:
+        #         [
+        #             "CMD",
+        #             "wget",
+        #             "--no-verbose",
+        #             "--tries=1",
+        #             "--spider",
+        #             "http://localhost:3000/api/health",
+        #         ]
+        #     interval: 15s
+        #     timeout: 5s
+        #     retries: 10
+        #     start_period: 30s
+
+networks:
+    lgtm:
+        name: lgtm
+        driver: bridge
+    pipeline:
+        name: pipeline
+        external: true
+    swag:
+        name: swag
+        external: true
+
+volumes: {}
--- a/docker/lgtm/swag/lgtm.subdomain.conf
+++ b/docker/lgtm/swag/lgtm.subdomain.conf
@ -0,0 +1,40 @@
+## -----------------------------------------------------------------------------
+## SWAG proxy config for otel-lgtm
+## Domain: lgtm.ld50.xyz
+## Upstream: lgtm:3000 (shared Docker network: ${NETWORKS_EXTERNAL_NAME:-swag})
+##
+## Install:
+## 1) Copy this file into SWAG: /config/nginx/proxy-confs/lgtm.subdomain.conf
+## 2) Ensure both stacks share the same external Docker network (e.g. `swag`).
+## 3) In curated_compose/lgtm/docker-compose.yaml, uncomment external_network.
+## 4) Reload SWAG.
+## -----------------------------------------------------------------------------
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name lgtm.*;
+
+    include /config/nginx/ssl.conf;
+
+    # Grafana dashboards can embed large panels / JSON
+    client_max_body_size 20M;
+
+    location / {
+        include /config/nginx/proxy.conf;
+
+        set $upstream_app lgtm;
+        set $upstream_port 3000;
+        set $upstream_proto http;
+
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+        # Required for Grafana live queries and real-time dashboard updates
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+
+        proxy_read_timeout 3600s;
+        proxy_send_timeout 3600s;
+    }
+}