From 2444eab485ed6631fea02577b0d21c808405fd5e Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Tue, 13 Jun 2017 22:36:08 +0200 Subject: ELK: update kibana and the elastic beats to 5.4 (#26252) * Add kibana5 and logstash5 * Upgrade the elastic beats to 5.4 * Make sure all elastic products use the same version (see elk5Version) * Add a test for the ELK stack --- nixos/modules/services/search/kibana.nix | 48 ++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) (limited to 'nixos/modules/services/search') diff --git a/nixos/modules/services/search/kibana.nix b/nixos/modules/services/search/kibana.nix index d377a6feeb8e..9d7d2d799189 100644 --- a/nixos/modules/services/search/kibana.nix +++ b/nixos/modules/services/search/kibana.nix @@ -5,7 +5,11 @@ with lib; let cfg = config.services.kibana; - cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON ( + atLeast54 = versionAtLeast (builtins.parseDrvName cfg.package.name).version "5.4"; + + cfgFile = if atLeast54 then cfgFile5 else cfgFile4; + + cfgFile4 = pkgs.writeText "kibana.json" (builtins.toJSON ( (filterAttrsRecursive (n: v: v != null) ({ host = cfg.listenAddress; port = cfg.port; @@ -36,6 +40,27 @@ let ]; } // cfg.extraConf) ))); + + cfgFile5 = pkgs.writeText "kibana.json" (builtins.toJSON ( + (filterAttrsRecursive (n: v: v != null) ({ + server.host = cfg.listenAddress; + server.port = cfg.port; + server.ssl.certificate = cfg.cert; + server.ssl.key = cfg.key; + + kibana.index = cfg.index; + kibana.defaultAppId = cfg.defaultAppId; + + elasticsearch.url = cfg.elasticsearch.url; + elasticsearch.username = cfg.elasticsearch.username; + elasticsearch.password = cfg.elasticsearch.password; + + elasticsearch.ssl.certificate = cfg.elasticsearch.cert; + elasticsearch.ssl.key = cfg.elasticsearch.key; + elasticsearch.ssl.certificateAuthorities = cfg.elasticsearch.certificateAuthorities; + } // cfg.extraConf) + ))); + in { options.services.kibana = { enable = mkEnableOption "enable kibana service"; @@ -96,11 +121,29 @@ in { }; ca = mkOption { - description = "CA file to auth against elasticsearch."; + description = '' + CA file to auth against elasticsearch. + + It's recommended to use the option + when using kibana-5.4 or newer. + ''; default = null; type = types.nullOr types.path; }; + certificateAuthorities = mkOption { + description = '' + CA files to auth against elasticsearch. + + Please use the option when using kibana < 5.4 + because those old versions don't support setting multiple CA's. + + This defaults to the singleton list [ca] when the option is defined. + ''; + default = if isNull cfg.elasticsearch.ca then [] else [ca]; + type = types.listOf types.path; + }; + cert = mkOption { description = "Certificate file to auth against elasticsearch."; default = null; @@ -118,6 +161,7 @@ in { description = "Kibana package to use"; default = pkgs.kibana; defaultText = "pkgs.kibana"; + example = "pkgs.kibana5"; type = types.package; }; -- cgit 1.4.1