qbit/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/services.graylog: remove with lib;

Browse Source
This commit is contained in:
Felix Buehler 2024-08-27 20:43:29 +02:00
parent 4e0ba37569
commit 83ed6b4d3b
1 changed files with 35 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
nixos/modules/services/logging/graylog.nix
View File

@ -1,17 +1,14 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
cfg = config.services.graylog; cfg = config.services.graylog;
confFile = pkgs.writeText "graylog.conf" '' confFile = pkgs.writeText "graylog.conf" ''
is_master = ${boolToString cfg.isMaster} is_master = ${lib.boolToString cfg.isMaster}
node_id_file = ${cfg.nodeIdFile} node_id_file = ${cfg.nodeIdFile}
password_secret = ${cfg.passwordSecret} password_secret = ${cfg.passwordSecret}
root_username = ${cfg.rootUsername} root_username = ${cfg.rootUsername}
root_password_sha2 = ${cfg.rootPasswordSha2} root_password_sha2 = ${cfg.rootPasswordSha2}
elasticsearch_hosts = ${concatStringsSep "," cfg.elasticsearchHosts} elasticsearch_hosts = ${lib.concatStringsSep "," cfg.elasticsearchHosts}
message_journal_dir = ${cfg.messageJournalDir} message_journal_dir = ${cfg.messageJournalDir}
mongodb_uri = ${cfg.mongodbUri} mongodb_uri = ${cfg.mongodbUri}
plugin_dir = /var/lib/graylog/plugins plugin_dir = /var/lib/graylog/plugins
@ -34,49 +31,49 @@ in
services.graylog = { services.graylog = {
enable = mkEnableOption "Graylog, a log management solution"; enable = lib.mkEnableOption "Graylog, a log management solution";
package = mkOption { package = lib.mkOption {
type = types.package; type = lib.types.package;
default = if versionOlder config.system.stateVersion "23.05" then pkgs.graylog-3_3 else pkgs.graylog-5_1; default = if lib.versionOlder config.system.stateVersion "23.05" then pkgs.graylog-3_3 else pkgs.graylog-5_1;
defaultText = literalExpression (if versionOlder config.system.stateVersion "23.05" then "pkgs.graylog-3_3" else "pkgs.graylog-5_1"); defaultText = lib.literalExpression (if lib.versionOlder config.system.stateVersion "23.05" then "pkgs.graylog-3_3" else "pkgs.graylog-5_1");
description = "Graylog package to use."; description = "Graylog package to use.";
}; };
user = mkOption { user = lib.mkOption {
type = types.str; type = lib.types.str;
default = "graylog"; default = "graylog";
description = "User account under which graylog runs"; description = "User account under which graylog runs";
}; };
isMaster = mkOption { isMaster = lib.mkOption {
type = types.bool; type = lib.types.bool;
default = true; default = true;
description = "Whether this is the master instance of your Graylog cluster"; description = "Whether this is the master instance of your Graylog cluster";
}; };
nodeIdFile = mkOption { nodeIdFile = lib.mkOption {
type = types.str; type = lib.types.str;
default = "/var/lib/graylog/server/node-id"; default = "/var/lib/graylog/server/node-id";
description = "Path of the file containing the graylog node-id"; description = "Path of the file containing the graylog node-id";
}; };
passwordSecret = mkOption { passwordSecret = lib.mkOption {
type = types.str; type = lib.types.str;
description = '' description = ''
You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters. You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
Generate one by using for example: pwgen -N 1 -s 96 Generate one by using for example: pwgen -N 1 -s 96
''; '';
}; };
rootUsername = mkOption { rootUsername = lib.mkOption {
type = types.str; type = lib.types.str;
default = "admin"; default = "admin";
description = "Name of the default administrator user"; description = "Name of the default administrator user";
}; };
rootPasswordSha2 = mkOption { rootPasswordSha2 = lib.mkOption {
type = types.str; type = lib.types.str;
example = "e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e952"; example = "e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e952";
description = '' description = ''
You MUST specify a hash password for the root user (which you only need to initially set up the You MUST specify a hash password for the root user (which you only need to initially set up the
@ -88,40 +85,40 @@ in
''; '';
}; };
elasticsearchHosts = mkOption { elasticsearchHosts = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
example = literalExpression ''[ "http://node1:9200" "http://user:password@node2:19200" ]''; example = lib.literalExpression ''[ "http://node1:9200" "http://user:password@node2:19200" ]'';
description = "List of valid URIs of the http ports of your elastic nodes. If one or more of your elasticsearch hosts require authentication, include the credentials in each node URI that requires authentication"; description = "List of valid URIs of the http ports of your elastic nodes. If one or more of your elasticsearch hosts require authentication, include the credentials in each node URI that requires authentication";
}; };
dataDir = mkOption { dataDir = lib.mkOption {
type = types.str; type = lib.types.str;
default = "/var/lib/graylog/data"; default = "/var/lib/graylog/data";
description = "Directory used to store Graylog server state."; description = "Directory used to store Graylog server state.";
}; };
messageJournalDir = mkOption { messageJournalDir = lib.mkOption {
type = types.str; type = lib.types.str;
default = "/var/lib/graylog/data/journal"; default = "/var/lib/graylog/data/journal";
description = "The directory which will be used to store the message journal. The directory must be exclusively used by Graylog and must not contain any other files than the ones created by Graylog itself"; description = "The directory which will be used to store the message journal. The directory must be exclusively used by Graylog and must not contain any other files than the ones created by Graylog itself";
}; };
mongodbUri = mkOption { mongodbUri = lib.mkOption {
type = types.str; type = lib.types.str;
default = "mongodb://localhost/graylog"; default = "mongodb://localhost/graylog";
description = "MongoDB connection string. See http://docs.mongodb.org/manual/reference/connection-string/ for details"; description = "MongoDB connection string. See http://docs.mongodb.org/manual/reference/connection-string/ for details";
}; };
extraConfig = mkOption { extraConfig = lib.mkOption {
type = types.lines; type = lib.types.lines;
default = ""; default = "";
description = "Any other configuration options you might want to add"; description = "Any other configuration options you might want to add";
}; };
plugins = mkOption { plugins = lib.mkOption {
description = "Extra graylog plugins"; description = "Extra graylog plugins";
default = [ ]; default = [ ];
type = types.listOf types.package; type = lib.types.listOf lib.types.package;
}; };
}; };
@ -130,16 +127,16 @@ in
###### implementation ###### implementation
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users = mkIf (cfg.user == "graylog") { users.users = lib.mkIf (cfg.user == "graylog") {
graylog = { graylog = {
isSystemUser = true; isSystemUser = true;
group = "graylog"; group = "graylog";
description = "Graylog server daemon user"; description = "Graylog server daemon user";
}; };
}; };
users.groups = mkIf (cfg.user == "graylog") { graylog = {}; }; users.groups = lib.mkIf (cfg.user == "graylog") { graylog = {}; };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.messageJournalDir}' - ${cfg.user} - - -" "d '${cfg.messageJournalDir}' - ${cfg.user} - - -"