diff options
author | Charles Strahan <charles@cstrahan.com> | 2017-07-24 21:47:32 -0400 |
---|---|---|
committer | Charles Strahan <charles@cstrahan.com> | 2017-07-24 21:47:32 -0400 |
commit | 53426f6cb93f3fbaa2ad974659da271d08ea0594 (patch) | |
tree | e9b29eca229178c0e1f03c85bc8c6acb76ac11a5 /nixos/modules | |
parent | 29d2fe4a1f2f192f5f28306fda34a537e017bc60 (diff) | |
download | nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.tar nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.tar.gz nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.tar.bz2 nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.tar.lz nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.tar.xz nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.tar.zst nixlib-53426f6cb93f3fbaa2ad974659da271d08ea0594.zip |
osquery: init at 2.5.2
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/osquery.nix | 91 |
2 files changed, 92 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 59419a5e8c56..de3de20e7716 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -350,6 +350,7 @@ ./services/monitoring/munin.nix ./services/monitoring/nagios.nix ./services/monitoring/netdata.nix + ./services/monitoring/osquery.nix ./services/monitoring/prometheus/default.nix ./services/monitoring/prometheus/alertmanager.nix ./services/monitoring/prometheus/blackbox-exporter.nix diff --git a/nixos/modules/services/monitoring/osquery.nix b/nixos/modules/services/monitoring/osquery.nix new file mode 100644 index 000000000000..ba0dc4c21768 --- /dev/null +++ b/nixos/modules/services/monitoring/osquery.nix @@ -0,0 +1,91 @@ +{ config, lib, pkgs, ... }: + +with builtins; +with lib; + +let + cfg = config.services.osquery; + +in + +{ + + options = { + + services.osquery = { + + enable = mkEnableOption "osquery"; + + loggerPath = mkOption { + type = types.path; + description = "Base directory used for logging."; + default = "/var/log/osquery"; + }; + + pidfile = mkOption { + type = types.path; + description = "Path used for pid file."; + default = "/var/osquery/osqueryd.pidfile"; + }; + + utc = mkOption { + type = types.bool; + description = "Attempt to convert all UNIX calendar times to UTC."; + default = true; + }; + + databasePath = mkOption { + type = types.path; + description = "Path used for database file."; + default = "/var/osquery/osquery.db"; + }; + + extraConfig = mkOption { + type = types.attrs // { + merge = loc: foldl' (res: def: recursiveUpdate res def.value) {}; + }; + description = "Extra config to be recursively merged into the JSON config file."; + default = { }; + }; + }; + + }; + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.osquery ]; + + environment.etc."osquery/osquery.conf".text = toJSON ( + recursiveUpdate { + options = { + config_plugin = "filesystem"; + logger_plugin = "filesystem"; + logger_path = cfg.loggerPath; + database_path = cfg.databasePath; + utc = cfg.utc; + }; + } cfg.extraConfig + ); + + systemd.services.osqueryd = { + description = "The osquery Daemon"; + after = [ "network.target" "syslog.service" ]; + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.osquery ]; + preStart = '' + mkdir -p ${escapeShellArg cfg.loggerPath} + mkdir -p "$(dirname ${escapeShellArg cfg.pidfile})" + mkdir -p "$(dirname ${escapeShellArg cfg.databasePath})" + ''; + serviceConfig = { + TimeoutStartSec = 0; + ExecStart = "${pkgs.osquery}/bin/osqueryd --logger_path ${escapeShellArg cfg.loggerPath} --pidfile ${escapeShellArg cfg.pidfile} --database_path ${escapeShellArg cfg.databasePath}"; + KillMode = "process"; + KillSignal = "SIGTERM"; + Restart = "on-failure"; + }; + }; + + }; + +} |