From dcb65d822501b8bec3a1854f068e333316255474 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Fri, 8 Apr 2022 19:34:52 -0400
Subject: [PATCH] Configure journald to discard logs before they're older than
 30 days

---
 .../modules/monitoring/exporters/promtail.nix | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/nixos/modules/monitoring/exporters/promtail.nix b/nixos/modules/monitoring/exporters/promtail.nix
index 83de3250..d0a49971 100644
--- a/nixos/modules/monitoring/exporters/promtail.nix
+++ b/nixos/modules/monitoring/exporters/promtail.nix
@@ -32,6 +32,29 @@ in {
   config = lib.mkIf cfg.enable {
     services.promtail.enable = true;
     networking.firewall.interfaces.monitoringvpn.allowedTCPPorts = [ 9080 ];
+
+    # Since we'll send our journald logs elsewhere, we don't need to keep them
+    # here for very long.  Keep them for a *little* while just to provide some
+    # context in case someone ends up looking at the logs on the system itself
+    # but generally suppose that people will look at Loki instead.
+    services.journald.extraConfig = ''
+      # This tells journald it can discard log files that contain only log
+      # entries that are older than 29 days.
+      MaxRetentionSec=29day
+
+      # This tells journald to start a new log file once a day.  Together with
+      # the MaxRetentionSec setting, this means that entries are kept for
+      # between 29 and 30 days (plus whatever scheduling slop journald has in
+      # enforcing these limits).
+      #
+      # https://www.freedesktop.org/software/systemd/man/journald.conf.html
+      # for further details about these options.
+      #
+      # A maximum retention of 30 days conforms to the published log retention
+      # policy.
+      MaxFileSec=1day
+    '';
+
     services.promtail.configuration = {
       server = {
         http_listen_port = 9080; # Using /metrics for health check
-- 
GitLab