blob: 9bd581e9ec0e5cc38de5bf910096063ce924d54b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
# This module implements a systemd service for running journaldriver,
# a log forwarding agent that sends logs from journald to Stackdriver
# Logging.
#
# It can be enabled without extra configuration when running on GCP.
# On machines hosted elsewhere, the other configuration options need
# to be set.
#
# For further information please consult the documentation in the
# upstream repository at: https://github.com/tazjin/journaldriver/
{ config, lib, pkgs, ...}:
with lib; let cfg = config.services.journaldriver;
in {
options.services.journaldriver = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable journaldriver to forward journald logs to
Stackdriver Logging.
'';
};
logLevel = mkOption {
type = types.str;
default = "info";
description = ''
Log level at which journaldriver logs its own output.
'';
};
logName = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Configures the name of the target log in Stackdriver Logging.
This option can be set to, for example, the hostname of a
machine to improve the user experience in the logging
overview.
'';
};
googleCloudProject = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Configures the name of the Google Cloud project to which to
forward journald logs.
This option is required on non-GCP machines, but should not be
set on GCP instances.
'';
};
logStream = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Configures the name of the Stackdriver Logging log stream into
which to write journald entries.
This option is required on non-GCP machines, but should not be
set on GCP instances.
'';
};
applicationCredentials = mkOption {
type = with types; nullOr path;
default = null;
description = ''
Path to the service account private key (in JSON-format) used
to forward log entries to Stackdriver Logging on non-GCP
instances.
This option is required on non-GCP machines, but should not be
set on GCP instances.
'';
};
};
config = mkIf cfg.enable {
systemd.services.journaldriver = {
description = "Stackdriver Logging journal forwarder";
script = "${pkgs.journaldriver}/bin/journaldriver";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Restart = "always";
DynamicUser = true;
# This directive lets systemd automatically configure
# permissions on /var/lib/journaldriver, the directory in
# which journaldriver persists its cursor state.
StateDirectory = "journaldriver";
# This group is required for accessing journald.
SupplementaryGroups = "systemd-journal";
};
environment = {
RUST_LOG = cfg.logLevel;
LOG_NAME = cfg.logName;
LOG_STREAM = cfg.logStream;
GOOGLE_CLOUD_PROJECT = cfg.googleCloudProject;
GOOGLE_APPLICATION_CREDENTIALS = cfg.applicationCredentials;
};
};
};
}
|