diff options
Diffstat (limited to 'nixos/modules/services/logging')
-rw-r--r-- | nixos/modules/services/logging/awstats.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/logging/fluentd.nix | 9 | ||||
-rw-r--r-- | nixos/modules/services/logging/graylog.nix | 28 | ||||
-rw-r--r-- | nixos/modules/services/logging/journalbeat.nix | 76 | ||||
-rw-r--r-- | nixos/modules/services/logging/logcheck.nix | 8 | ||||
-rw-r--r-- | nixos/modules/services/logging/logstash.nix | 14 |
6 files changed, 121 insertions, 16 deletions
diff --git a/nixos/modules/services/logging/awstats.nix b/nixos/modules/services/logging/awstats.nix index 8ab7e6acd98e..612ae06d0a79 100644 --- a/nixos/modules/services/logging/awstats.nix +++ b/nixos/modules/services/logging/awstats.nix @@ -38,7 +38,7 @@ in Specification of the time at which awstats will get updated. (in the format described by <citerefentry> <refentrytitle>systemd.time</refentrytitle> - <manvolnum>5</manvolnum></citerefentry>) + <manvolnum>7</manvolnum></citerefentry>) ''; }; diff --git a/nixos/modules/services/logging/fluentd.nix b/nixos/modules/services/logging/fluentd.nix index 3aa27a152669..9fbec2457371 100644 --- a/nixos/modules/services/logging/fluentd.nix +++ b/nixos/modules/services/logging/fluentd.nix @@ -21,6 +21,13 @@ in { default = ""; description = "Fluentd config."; }; + + package = mkOption { + type = types.path; + default = pkgs.fluentd; + defaultText = "pkgs.fluentd"; + description = "The fluentd package to use."; + }; }; }; @@ -32,7 +39,7 @@ in { description = "Fluentd Daemon"; wantedBy = [ "multi-user.target" ]; serviceConfig = { - ExecStart = "${pkgs.fluentd}/bin/fluentd -c ${pkgs.writeText "fluentd.conf" cfg.config}"; + ExecStart = "${cfg.package}/bin/fluentd -c ${pkgs.writeText "fluentd.conf" cfg.config}"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; }; }; diff --git a/nixos/modules/services/logging/graylog.nix b/nixos/modules/services/logging/graylog.nix index a7785decd19a..9f0fb11f0252 100644 --- a/nixos/modules/services/logging/graylog.nix +++ b/nixos/modules/services/logging/graylog.nix @@ -4,22 +4,28 @@ with lib; let cfg = config.services.graylog; - configBool = b: if b then "true" else "false"; confFile = pkgs.writeText "graylog.conf" '' - is_master = ${configBool cfg.isMaster} + is_master = ${boolToString cfg.isMaster} node_id_file = ${cfg.nodeIdFile} password_secret = ${cfg.passwordSecret} root_username = ${cfg.rootUsername} root_password_sha2 = ${cfg.rootPasswordSha2} elasticsearch_cluster_name = ${cfg.elasticsearchClusterName} - elasticsearch_discovery_zen_ping_multicast_enabled = ${configBool cfg.elasticsearchDiscoveryZenPingMulticastEnabled} + elasticsearch_discovery_zen_ping_multicast_enabled = ${boolToString cfg.elasticsearchDiscoveryZenPingMulticastEnabled} elasticsearch_discovery_zen_ping_unicast_hosts = ${cfg.elasticsearchDiscoveryZenPingUnicastHosts} message_journal_dir = ${cfg.messageJournalDir} mongodb_uri = ${cfg.mongodbUri} + plugin_dir = /var/lib/graylog/plugins ${cfg.extraConfig} ''; + + glPlugins = pkgs.buildEnv { + name = "graylog-plugins"; + paths = cfg.plugins; + }; + in { @@ -121,6 +127,12 @@ in description = "Any other configuration options you might want to add"; }; + plugins = mkOption { + description = "Extra graylog plugins"; + default = [ ]; + type = types.listOf types.package; + }; + }; }; @@ -146,6 +158,16 @@ in path = [ pkgs.openjdk8 pkgs.which pkgs.procps ]; preStart = '' mkdir -p /var/lib/graylog -m 755 + + rm -rf /var/lib/graylog/plugins || true + mkdir -p /var/lib/graylog/plugins -m 755 + + for declarativeplugin in `ls ${glPlugins}/bin/`; do + ln -sf ${glPlugins}/bin/$declarativeplugin /var/lib/graylog/plugins/$declarativeplugin + done + for includedplugin in `ls ${cfg.package}/plugin/`; do + ln -s ${cfg.package}/plugin/$includedplugin /var/lib/graylog/plugins/$includedplugin || true + done chown -R ${cfg.user} /var/lib/graylog mkdir -p ${cfg.messageJournalDir} -m 755 diff --git a/nixos/modules/services/logging/journalbeat.nix b/nixos/modules/services/logging/journalbeat.nix new file mode 100644 index 000000000000..8186a3b02c37 --- /dev/null +++ b/nixos/modules/services/logging/journalbeat.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.journalbeat; + + journalbeatYml = pkgs.writeText "journalbeat.yml" '' + name: ${cfg.name} + tags: ${builtins.toJSON cfg.tags} + + journalbeat.cursor_state_file: ${cfg.stateDir}/cursor-state + + ${cfg.extraConfig} + ''; + +in +{ + options = { + + services.journalbeat = { + + enable = mkEnableOption "journalbeat"; + + name = mkOption { + type = types.str; + default = "journalbeat"; + description = "Name of the beat"; + }; + + tags = mkOption { + type = types.listOf types.str; + default = []; + description = "Tags to place on the shipped log messages"; + }; + + stateDir = mkOption { + type = types.str; + default = "/var/lib/journalbeat"; + description = "The state directory. Journalbeat's own logs and other data are stored here."; + }; + + extraConfig = mkOption { + type = types.lines; + default = '' + journalbeat: + seek_position: cursor + cursor_seek_fallback: tail + write_cursor_state: true + cursor_flush_period: 5s + clean_field_names: true + convert_to_numbers: false + move_metadata_to_field: journal + default_type: journal + ''; + description = "Any other configuration options you want to add"; + }; + + }; + }; + + config = mkIf cfg.enable { + + systemd.services.journalbeat = with pkgs; { + description = "Journalbeat log shipper"; + wantedBy = [ "multi-user.target" ]; + preStart = '' + mkdir -p ${cfg.stateDir}/data + mkdir -p ${cfg.stateDir}/logs + ''; + serviceConfig = { + ExecStart = "${pkgs.journalbeat}/bin/journalbeat -c ${journalbeatYml} -path.data ${cfg.stateDir}/data -path.logs ${cfg.stateDir}/logs"; + }; + }; + }; +} diff --git a/nixos/modules/services/logging/logcheck.nix b/nixos/modules/services/logging/logcheck.nix index 27ed5374f561..2a8ac414720b 100644 --- a/nixos/modules/services/logging/logcheck.nix +++ b/nixos/modules/services/logging/logcheck.nix @@ -29,8 +29,8 @@ let }; cronJob = '' - @reboot logcheck env PATH=/var/setuid-wrappers:$PATH nice -n10 ${pkgs.logcheck}/sbin/logcheck -R ${flags} - 2 ${cfg.timeOfDay} * * * logcheck env PATH=/var/setuid-wrappers:$PATH nice -n10 ${pkgs.logcheck}/sbin/logcheck ${flags} + @reboot logcheck env PATH=/run/wrappers/bin:$PATH nice -n10 ${pkgs.logcheck}/sbin/logcheck -R ${flags} + 2 ${cfg.timeOfDay} * * * logcheck env PATH=/run/wrappers/bin:$PATH nice -n10 ${pkgs.logcheck}/sbin/logcheck ${flags} ''; writeIgnoreRule = name: {level, regex, ...}: @@ -184,7 +184,7 @@ in description = '' This option defines extra ignore rules. ''; - type = with types; loaOf (submodule ignoreOptions); + type = with types; attrsOf (submodule ignoreOptions); }; ignoreCron = mkOption { @@ -192,7 +192,7 @@ in description = '' This option defines extra ignore rules for cronjobs. ''; - type = with types; loaOf (submodule ignoreCronOptions); + type = with types; attrsOf (submodule ignoreCronOptions); }; extraGroups = mkOption { diff --git a/nixos/modules/services/logging/logstash.nix b/nixos/modules/services/logging/logstash.nix index 62f6e187ea07..c9477b9e3ab0 100644 --- a/nixos/modules/services/logging/logstash.nix +++ b/nixos/modules/services/logging/logstash.nix @@ -63,7 +63,7 @@ in description = "Enable the logstash web interface."; }; - address = mkOption { + listenAddress = mkOption { type = types.str; default = "0.0.0.0"; description = "Address on which to start webserver."; @@ -77,7 +77,7 @@ in inputConfig = mkOption { type = types.lines; - default = ''stdin { type => "example" }''; + default = ''generator { }''; description = "Logstash input configuration."; example = '' # Read from journal @@ -90,7 +90,7 @@ in filterConfig = mkOption { type = types.lines; - default = ''noop {}''; + default = ""; description = "logstash filter configuration."; example = '' if [type] == "syslog" { @@ -108,11 +108,11 @@ in outputConfig = mkOption { type = types.lines; - default = ''stdout { debug => true debug_format => "json"}''; + default = ''stdout { codec => rubydebug }''; description = "Logstash output configuration."; example = '' - redis { host => "localhost" data_type => "list" key => "logstash" codec => json } - elasticsearch { embedded => true } + redis { host => ["localhost"] data_type => "list" key => "logstash" codec => json } + elasticsearch { } ''; }; @@ -147,7 +147,7 @@ in ${cfg.outputConfig} } ''} " + - ops cfg.enableWeb "-- web -a ${cfg.address} -p ${cfg.port}"; + ops cfg.enableWeb "-- web -a ${cfg.listenAddress} -p ${cfg.port}"; }; }; }; |