diff options
| author | Bas van Dijk <v.dijk.bas@gmail.com> | 2017-06-13 22:36:08 +0200 |
|---|---|---|
| committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-06-13 22:36:08 +0200 |
| commit | 2444eab485ed6631fea02577b0d21c808405fd5e (patch) | |
| tree | 4a2018d89b02032f5bd335cb698997bd675e764a /nixos/modules/services/search | |
| parent | 424dc0138d45c63ae7c71a0a09778dcb67aea7e3 (diff) | |
| download | nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.tar nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.tar.gz nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.tar.bz2 nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.tar.lz nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.tar.xz nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.tar.zst nixlib-2444eab485ed6631fea02577b0d21c808405fd5e.zip | |
ELK: update kibana and the elastic beats to 5.4 (#26252)
* Add kibana5 and logstash5 * Upgrade the elastic beats to 5.4 * Make sure all elastic products use the same version (see elk5Version) * Add a test for the ELK stack
Diffstat (limited to 'nixos/modules/services/search')
| -rw-r--r-- | nixos/modules/services/search/kibana.nix | 48 |
1 files changed, 46 insertions, 2 deletions
diff --git a/nixos/modules/services/search/kibana.nix b/nixos/modules/services/search/kibana.nix index d377a6feeb8e..9d7d2d799189 100644 --- a/nixos/modules/services/search/kibana.nix +++ b/nixos/modules/services/search/kibana.nix @@ -5,7 +5,11 @@ with lib; let cfg = config.services.kibana; - cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON ( + atLeast54 = versionAtLeast (builtins.parseDrvName cfg.package.name).version "5.4"; + + cfgFile = if atLeast54 then cfgFile5 else cfgFile4; + + cfgFile4 = pkgs.writeText "kibana.json" (builtins.toJSON ( (filterAttrsRecursive (n: v: v != null) ({ host = cfg.listenAddress; port = cfg.port; @@ -36,6 +40,27 @@ let ]; } // cfg.extraConf) ))); + + cfgFile5 = pkgs.writeText "kibana.json" (builtins.toJSON ( + (filterAttrsRecursive (n: v: v != null) ({ + server.host = cfg.listenAddress; + server.port = cfg.port; + server.ssl.certificate = cfg.cert; + server.ssl.key = cfg.key; + + kibana.index = cfg.index; + kibana.defaultAppId = cfg.defaultAppId; + + elasticsearch.url = cfg.elasticsearch.url; + elasticsearch.username = cfg.elasticsearch.username; + elasticsearch.password = cfg.elasticsearch.password; + + elasticsearch.ssl.certificate = cfg.elasticsearch.cert; + elasticsearch.ssl.key = cfg.elasticsearch.key; + elasticsearch.ssl.certificateAuthorities = cfg.elasticsearch.certificateAuthorities; + } // cfg.extraConf) + ))); + in { options.services.kibana = { enable = mkEnableOption "enable kibana service"; @@ -96,11 +121,29 @@ in { }; ca = mkOption { - description = "CA file to auth against elasticsearch."; + description = '' + CA file to auth against elasticsearch. + + It's recommended to use the <option>certificateAuthorities</option> option + when using kibana-5.4 or newer. + ''; default = null; type = types.nullOr types.path; }; + certificateAuthorities = mkOption { + description = '' + CA files to auth against elasticsearch. + + Please use the <option>ca</option> option when using kibana < 5.4 + because those old versions don't support setting multiple CA's. + + This defaults to the singleton list [ca] when the <option>ca</option> option is defined. + ''; + default = if isNull cfg.elasticsearch.ca then [] else [ca]; + type = types.listOf types.path; + }; + cert = mkOption { description = "Certificate file to auth against elasticsearch."; default = null; @@ -118,6 +161,7 @@ in { description = "Kibana package to use"; default = pkgs.kibana; defaultText = "pkgs.kibana"; + example = "pkgs.kibana5"; type = types.package; }; |