diff options
author | Charles Strahan <charles@cstrahan.com> | 2017-07-24 21:51:10 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-07-24 21:51:10 -0400 |
commit | c1fdf3341b546d0617e1072036284b7f677cfeb0 (patch) | |
tree | c65b3b9e91508c65ce9034115f3a83322c96467f /nixos/modules/services/monitoring | |
parent | 907fa51d680c3c0b1646f1e01955c8cba6a48f11 (diff) | |
parent | 232c34b8f42a44ada8ded9d1022008e6537c4c27 (diff) | |
download | nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.tar nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.tar.gz nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.tar.bz2 nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.tar.lz nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.tar.xz nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.tar.zst nixlib-c1fdf3341b546d0617e1072036284b7f677cfeb0.zip |
Merge pull request #27347 from cstrahan/osquery-new
osquery: init at 2.5.2
Diffstat (limited to 'nixos/modules/services/monitoring')
-rw-r--r-- | nixos/modules/services/monitoring/osquery.nix | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/nixos/modules/services/monitoring/osquery.nix b/nixos/modules/services/monitoring/osquery.nix new file mode 100644 index 000000000000..ba0dc4c21768 --- /dev/null +++ b/nixos/modules/services/monitoring/osquery.nix @@ -0,0 +1,91 @@ +{ config, lib, pkgs, ... }: + +with builtins; +with lib; + +let + cfg = config.services.osquery; + +in + +{ + + options = { + + services.osquery = { + + enable = mkEnableOption "osquery"; + + loggerPath = mkOption { + type = types.path; + description = "Base directory used for logging."; + default = "/var/log/osquery"; + }; + + pidfile = mkOption { + type = types.path; + description = "Path used for pid file."; + default = "/var/osquery/osqueryd.pidfile"; + }; + + utc = mkOption { + type = types.bool; + description = "Attempt to convert all UNIX calendar times to UTC."; + default = true; + }; + + databasePath = mkOption { + type = types.path; + description = "Path used for database file."; + default = "/var/osquery/osquery.db"; + }; + + extraConfig = mkOption { + type = types.attrs // { + merge = loc: foldl' (res: def: recursiveUpdate res def.value) {}; + }; + description = "Extra config to be recursively merged into the JSON config file."; + default = { }; + }; + }; + + }; + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.osquery ]; + + environment.etc."osquery/osquery.conf".text = toJSON ( + recursiveUpdate { + options = { + config_plugin = "filesystem"; + logger_plugin = "filesystem"; + logger_path = cfg.loggerPath; + database_path = cfg.databasePath; + utc = cfg.utc; + }; + } cfg.extraConfig + ); + + systemd.services.osqueryd = { + description = "The osquery Daemon"; + after = [ "network.target" "syslog.service" ]; + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.osquery ]; + preStart = '' + mkdir -p ${escapeShellArg cfg.loggerPath} + mkdir -p "$(dirname ${escapeShellArg cfg.pidfile})" + mkdir -p "$(dirname ${escapeShellArg cfg.databasePath})" + ''; + serviceConfig = { + TimeoutStartSec = 0; + ExecStart = "${pkgs.osquery}/bin/osqueryd --logger_path ${escapeShellArg cfg.loggerPath} --pidfile ${escapeShellArg cfg.pidfile} --database_path ${escapeShellArg cfg.databasePath}"; + KillMode = "process"; + KillSignal = "SIGTERM"; + Restart = "on-failure"; + }; + }; + + }; + +} |