From 80aea0dcfd14b6c51bdb1c564b0ed160ea55b493 Mon Sep 17 00:00:00 2001
From: Jaka Hudoklin <jakahudoklin@gmail.com>
Date: Sat, 19 Sep 2015 00:18:43 +0200
Subject: kibana service: init

---
 nixos/modules/misc/ids.nix               |   2 +
 nixos/modules/module-list.nix            |   1 +
 nixos/modules/services/search/kibana.nix | 168 +++++++++++++++++++++++++++++++
 3 files changed, 171 insertions(+)
 create mode 100644 nixos/modules/services/search/kibana.nix

(limited to 'nixos')

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 195d22f455c5..b0e9ceea10b3 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -232,6 +232,7 @@
       namecoin = 208;
       dnschain = 209;
       #lxd = 210; # unused
+      kibana = 211;
 
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
 
@@ -442,6 +443,7 @@
       namecoin = 208;
       #dnschain = 209; #unused
       lxd = 210; # unused
+      #kibana = 211;
 
       # When adding a gid, make sure it doesn't match an existing
       # uid. Users and groups with the same name should have equal
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 82e0cdc69266..76547a614543 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -365,6 +365,7 @@
   ./services/scheduling/fcron.nix
   ./services/scheduling/marathon.nix
   ./services/search/elasticsearch.nix
+  ./services/search/kibana.nix
   ./services/search/solr.nix
   ./services/security/clamav.nix
   ./services/security/fail2ban.nix
diff --git a/nixos/modules/services/search/kibana.nix b/nixos/modules/services/search/kibana.nix
new file mode 100644
index 000000000000..f47ab8f55861
--- /dev/null
+++ b/nixos/modules/services/search/kibana.nix
@@ -0,0 +1,168 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.kibana;
+
+  cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON (
+    (filterAttrsRecursive (n: v: v != null) ({
+      server = {
+        host = cfg.host;
+        port = cfg.port;
+        ssl = {
+          cert = cfg.cert;
+          key = cfg.key;
+        };
+      };
+
+      kibana = {
+        index = cfg.index;
+        defaultAppId = cfg.defaultAppId;
+      };
+
+      elasticsearch = {
+        url = cfg.elasticsearch.url;
+        username = cfg.elasticsearch.username;
+        password = cfg.elasticsearch.password;
+        ssl = {
+          cert = cfg.elasticsearch.cert;
+          key = cfg.elasticsearch.key;
+          ca = cfg.elasticsearch.ca;
+        };
+      };
+
+      logging = {
+        verbose = cfg.logLevel == "verbose";
+        quiet = cfg.logLevel == "quiet";
+        silent = cfg.logLevel == "silent";
+        dest = "stdout";
+      };
+    } // cfg.extraConf)
+  )));
+in {
+  options.services.kibana = {
+    enable = mkEnableOption "enable kibana service";
+
+    host = mkOption {
+      description = "Kibana listening host";
+      default = "127.0.0.1";
+      type = types.str;
+    };
+
+    port = mkOption {
+      description = "Kibana listening port";
+      default = 5601;
+      type = types.int;
+    };
+
+    cert = mkOption {
+      description = "Kibana ssl certificate.";
+      default = null;
+      type = types.nullOr types.path;
+    };
+
+    key = mkOption {
+      description = "Kibana ssl key.";
+      default = null;
+      type = types.nullOr types.path;
+    };
+
+    index = mkOption {
+      description = "Elasticsearch index to use for saving kibana config.";
+      default = ".kibana";
+      type = types.str;
+    };
+
+    defaultAppId = mkOption {
+      description = "Elasticsearch default application id.";
+      default = "discover";
+      type = types.str;
+    };
+
+    elasticsearch = {
+      url = mkOption {
+        description = "Elasticsearch url";
+        default = "http://localhost:9200";
+        type = types.str;
+      };
+
+      username = mkOption {
+        description = "Username for elasticsearch basic auth.";
+        default = null;
+        type = types.nullOr types.str;
+      };
+
+      password = mkOption {
+        description = "Password for elasticsearch basic auth.";
+        default = null;
+        type = types.nullOr types.str;
+      };
+
+      ca = mkOption {
+        description = "CA file to auth against elasticsearch.";
+        default = null;
+        type = types.nullOr types.path;
+      };
+
+      cert = mkOption {
+        description = "Certificate file to auth against elasticsearch.";
+        default = null;
+        type = types.nullOr types.path;
+      };
+
+      key = mkOption {
+        description = "Key file to auth against elasticsearch.";
+        default = null;
+        type = types.nullOr types.path;
+      };
+    };
+
+    logLevel = mkOption {
+      description = "Kibana log level";
+      default = "normal";
+      type = types.enum ["verbose" "normal" "silent" "quiet"];
+    };
+
+    package = mkOption {
+      description = "Kibana package to use";
+      default = pkgs.kibana;
+      type = types.package;
+    };
+
+    dataDir = mkOption {
+      description = "Kibana data directory";
+      default = "/var/lib/kibana";
+      type = types.path;
+    };
+
+    extraConf = mkOption {
+      description = "Kibana extra configuration";
+      default = {};
+      type = types.attrs;
+    };
+  };
+
+  config = mkIf (cfg.enable) {
+    systemd.services.kibana = {
+      description = "Kibana Service";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network-interfaces.target" "elasticsearch.service" ];
+      serviceConfig = {
+        ExecStart = "${cfg.package}/bin/kibana --config ${cfgFile}";
+        User = "kibana";
+        WorkingDirectory = cfg.dataDir;
+      };
+    };
+
+    environment.systemPackages = [ cfg.package ];
+
+    users.extraUsers = singleton {
+      name = "kibana";
+      uid = config.ids.uids.kibana;
+      description = "Kibana service user";
+      home = cfg.dataDir;
+      createHome = true;
+    };
+  };
+}
-- 
cgit 1.4.1