add elastic/logging

This commit is contained in:
Daniel Poelzleithner 2019-07-03 20:26:46 +02:00
parent c4d78e168b
commit d4a933f473
2 changed files with 108 additions and 0 deletions

View File

@ -0,0 +1,71 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
{
imports =
[ ../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../lib/admins.nix
];
environment.systemPackages = with pkgs; [
vim
];
networking = {
hostName = "elastic1";
};
nixpkgs.config.allowUnfree = true;
services.openssh = {
enable = true;
permitRootLogin = "yes";
};
services.elasticsearch = {
enable = true;
cluster_name = "zentralwerk";
dataDir = "/srv/elasticsearch";
listenAddress = "0.0.0.0";
};
# does not work, needs to be set on hv (done through ansible)
boot.kernel.sysctl = {
"vm.max_map_count"="262144";
};
services.elasticsearch-curator = {
enable = true;
actionYAML = ''
---
actions:
1:
action: delete_indices
description: >-
Delete indices older than 45 days (based on index name), for logstash-
prefixed indices. Ignore the error if the filter does not result in an
actionable list of indices (ignore_empty_list) and exit cleanly.
options:
ignore_empty_list: True
disable_action: False
filters:
- filtertype: pattern
kind: prefix
value: logstash-
- filtertype: age
source: name
direction: older
timestring: '%Y.%m.%d'
unit: days
unit_count: 45
'';
};
system.stateVersion = "18.09"; # Did you read the comment?
}

View File

@ -0,0 +1,37 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
{
imports =
[ ../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../lib/admins.nix
];
environment.systemPackages = with pkgs; [
vim
];
networking = {
hostName = "logging";
};
nixpkgs.config.allowUnfree = true;
services.openssh = {
enable = true;
permitRootLogin = "yes";
};
services.graylog = {
enable = true;
passwordSecret = "SDwK3ug9U4gYSVtj3h22i0l57QO6p5RE58sNehAgU3vXgqGa2HuNyhL19vhoUKFqy28rqGfDQkRD5834NqPi5wLsy8H1hz5V";
elasticsearchHosts = [ "elastic1.serv.zentralwerk.org" ];
};
system.stateVersion = "19.03"; # Did you read the comment?
}