2019-07-03 20:26:46 +02:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
|
|
{
|
2021-02-22 11:45:12 +01:00
|
|
|
|
imports = [
|
|
|
|
|
|
../../../lib/lxc-container.nix
|
2019-07-03 20:26:46 +02:00
|
|
|
|
../../../lib/shared.nix
|
|
|
|
|
|
../../../lib/admins.nix
|
|
|
|
|
|
];
|
|
|
|
|
|
|
2021-02-22 11:45:12 +01:00
|
|
|
|
environment.systemPackages = with pkgs; [ vim ];
|
2019-07-03 20:26:46 +02:00
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
|
hostName = "elastic1";
|
2021-02-22 11:45:12 +01:00
|
|
|
|
interfaces.eth0.ipv4.addresses = [{
|
|
|
|
|
|
address = "172.20.73.15";
|
|
|
|
|
|
prefixLength = 26;
|
|
|
|
|
|
}];
|
2020-05-22 17:24:56 +02:00
|
|
|
|
defaultGateway = "172.20.73.1";
|
2019-07-04 04:23:39 +02:00
|
|
|
|
firewall = {
|
2021-02-22 11:45:12 +01:00
|
|
|
|
allowedTCPPorts = [ 22 9200 9300 ];
|
2019-07-04 04:23:39 +02:00
|
|
|
|
enable = true;
|
|
|
|
|
|
};
|
2019-07-03 20:26:46 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
2021-02-22 11:45:12 +01:00
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
2019-07-03 20:26:46 +02:00
|
|
|
|
|
|
|
|
|
|
services.openssh = {
|
|
|
|
|
|
enable = true;
|
|
|
|
|
|
permitRootLogin = "yes";
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
services.elasticsearch = {
|
|
|
|
|
|
enable = true;
|
|
|
|
|
|
cluster_name = "zentralwerk";
|
|
|
|
|
|
dataDir = "/srv/elasticsearch";
|
|
|
|
|
|
listenAddress = "0.0.0.0";
|
2019-08-29 00:08:05 +02:00
|
|
|
|
extraJavaOptions = [ "-Xms2g" "-Xmx2g" ];
|
2019-07-03 20:26:46 +02:00
|
|
|
|
};
|
2019-08-29 00:08:05 +02:00
|
|
|
|
systemd.services.elasticsearch.serviceConfig.Restart = "always";
|
2019-07-03 20:26:46 +02:00
|
|
|
|
|
|
|
|
|
|
# does not work, needs to be set on hv (done through ansible)
|
2021-02-22 11:45:12 +01:00
|
|
|
|
boot.kernel.sysctl = { "vm.max_map_count" = "262144"; };
|
2019-07-03 20:26:46 +02:00
|
|
|
|
|
|
|
|
|
|
services.elasticsearch-curator = {
|
|
|
|
|
|
enable = true;
|
|
|
|
|
|
actionYAML = ''
|
2021-02-22 11:45:12 +01:00
|
|
|
|
---
|
|
|
|
|
|
actions:
|
|
|
|
|
|
1:
|
|
|
|
|
|
action: delete_indices
|
|
|
|
|
|
description: >-
|
|
|
|
|
|
Delete indices older than 45 days (based on index name), for logstash-
|
|
|
|
|
|
prefixed indices. Ignore the error if the filter does not result in an
|
|
|
|
|
|
actionable list of indices (ignore_empty_list) and exit cleanly.
|
|
|
|
|
|
options:
|
|
|
|
|
|
ignore_empty_list: True
|
|
|
|
|
|
disable_action: False
|
|
|
|
|
|
filters:
|
|
|
|
|
|
- filtertype: pattern
|
|
|
|
|
|
kind: prefix
|
|
|
|
|
|
value: logstash-
|
|
|
|
|
|
- filtertype: age
|
|
|
|
|
|
source: name
|
|
|
|
|
|
direction: older
|
|
|
|
|
|
timestring: '%Y.%m.%d'
|
|
|
|
|
|
unit: days
|
|
|
|
|
|
unit_count: 45
|
|
|
|
|
|
'';
|
2019-07-03 20:26:46 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
2020-11-11 20:13:16 +01:00
|
|
|
|
system.stateVersion = "20.09"; # Did you read the comment?
|
2019-07-03 20:26:46 +02:00
|
|
|
|
|
|
|
|
|
|
}
|
