From 85c8fd2c2ebc9e0c8872366e5ccc455687b07b4c Mon Sep 17 00:00:00 2001
From: Francis Kayiwa <kayiwa@pobox.com>
Date: Mon, 16 Dec 2024 08:59:04 -0500
Subject: [PATCH] allow loading of google cloud environment

we will need loki config to load with the gcs-bucket
---
 roles/logs/defaults/main.yml | 1 +
 roles/logs/handlers/main.yml | 7 +++++++
 roles/logs/tasks/main.yml    | 8 ++++++++
 3 files changed, 16 insertions(+)

diff --git a/roles/logs/defaults/main.yml b/roles/logs/defaults/main.yml
index 0ffc79839e..b205535def 100644
--- a/roles/logs/defaults/main.yml
+++ b/roles/logs/defaults/main.yml
@@ -5,3 +5,4 @@ logs_bind_dn: "{{ omit }}"
 logs_bind_password: "{{ omit }}"
 logs_loadbalancer_dns_name: "kennyloggin-example.edu"
 logs_bucket_name: "kennyloggin-gcs-bucket"
+logs_gcs_credentials: "service-account-key.json"
diff --git a/roles/logs/handlers/main.yml b/roles/logs/handlers/main.yml
index 79b7b91e94..f62168aac0 100644
--- a/roles/logs/handlers/main.yml
+++ b/roles/logs/handlers/main.yml
@@ -9,3 +9,10 @@
   ansible.builtin.service:
     name: loki
     state: restarted
+
+- name: Reload loki service
+  ansible.builtin.systemd:
+    name: loki
+    daemon_reload: true
+    state: "{{ loki_state | default('reloaded') }}"
+  become: true
diff --git a/roles/logs/tasks/main.yml b/roles/logs/tasks/main.yml
index 5f19b6fc64..afda31a16d 100644
--- a/roles/logs/tasks/main.yml
+++ b/roles/logs/tasks/main.yml
@@ -25,6 +25,14 @@
     - loki
     - promtail
 
+- name: Logs | add gcs credentials file
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/system/loki.service
+    search_string: 'Service'
+    insertafter: 'ExecStart=/usr/local/bin/loki --config.file=/path/to/loki-config.yaml'
+    line: 'Environment="GOOGLE_APPLICATION_CREDENTIALS=/etc/loki/{{ logs_gcs_credentials }}"'
+  notify: Reload loki service
+
 - name: Logs | add loki config
   ansible.builtin.template:
     src: config.yml.j2