1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 |
- # Edit this configuration file to define what should be installed on
- # your system. Help is available in the configuration.nix(5) man page
- # and in the NixOS manual (accessible by running ‘nixos-help’).
-
- { config, pkgs, lib, ... }:
-
- {
- imports =
- [ ../../../lib/lxc-container.nix
- ../../../lib/shared.nix
- ../../../lib/admins.nix
- ];
-
- environment.systemPackages = with pkgs; [
- vim
- ];
-
- networking = {
- hostName = "logging";
- firewall = {
- allowedTCPPorts = [
- 22
- 9000
- 80
- 443
- 5044
- 12201
- 514
- ];
- allowedUDPPorts = [
- 514
- ];
- enable = false;
- };
- };
-
- services.openssh = {
- enable = true;
- permitRootLogin = "yes";
- };
-
- services.nginx = {
- enable = true;
- virtualHosts = {
- default = {
- locations = {
- "/".proxyPass = "http://127.0.0.1:9000/";
- };
- };
- };
- };
-
- services.graylog = {
- enable = true;
- passwordSecret = "SDwK3ug9U4gYSVtj3h22i0l57QO6p5RE58sNehAgU3vXgqGa2HuNyhL19vhoUKFqy28rqGfDQkRD5834NqPi5wLsy8H1hz5V";
- # mongo.serv.zentralwerk. ?
- elasticsearchHosts = [ "http://172.20.73.15:9200" ];
- rootPasswordSha2 = "3e784172684dcd89d66175b8719cd7894cc96b454ef1d5aa74bd92b3c57da7cd";
- # mongo.serv.zentralwerk. ?
- mongodbUri = "mongodb://172.20.73.14/graylog";
- extraConfig = ''
- http_bind_address = 0.0.0.0:9000
- elasticsearch_shards = 1
- allow_highlighting = true
- allow_leading_wildcard_searches = true
- '';
- user = "root";
- };
-
- systemd.services.graylog.serviceConfig.Restart = "always";
-
- system.stateVersion = "19.03"; # Did you read the comment?
-
- }
|