2019-07-03 20:26:46 +02:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
imports =
|
|
|
|
|
[ ../../../lib/lxc-container.nix
|
|
|
|
|
../../../lib/shared.nix
|
|
|
|
|
../../../lib/admins.nix
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
vim
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
hostName = "elastic1";
|
2019-07-04 04:23:39 +02:00
|
|
|
|
firewall = {
|
|
|
|
|
allowedTCPPorts = [
|
|
|
|
|
22
|
|
|
|
|
9200
|
|
|
|
|
9300
|
|
|
|
|
];
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
2019-07-03 20:26:46 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
|
|
|
|
|
|
services.openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
permitRootLogin = "yes";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.elasticsearch = {
|
|
|
|
|
enable = true;
|
|
|
|
|
cluster_name = "zentralwerk";
|
|
|
|
|
dataDir = "/srv/elasticsearch";
|
|
|
|
|
listenAddress = "0.0.0.0";
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# does not work, needs to be set on hv (done through ansible)
|
|
|
|
|
boot.kernel.sysctl = {
|
|
|
|
|
"vm.max_map_count"="262144";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.elasticsearch-curator = {
|
|
|
|
|
enable = true;
|
|
|
|
|
actionYAML = ''
|
|
|
|
|
---
|
|
|
|
|
actions:
|
|
|
|
|
1:
|
|
|
|
|
action: delete_indices
|
|
|
|
|
description: >-
|
|
|
|
|
Delete indices older than 45 days (based on index name), for logstash-
|
|
|
|
|
prefixed indices. Ignore the error if the filter does not result in an
|
|
|
|
|
actionable list of indices (ignore_empty_list) and exit cleanly.
|
|
|
|
|
options:
|
|
|
|
|
ignore_empty_list: True
|
|
|
|
|
disable_action: False
|
|
|
|
|
filters:
|
|
|
|
|
- filtertype: pattern
|
|
|
|
|
kind: prefix
|
|
|
|
|
value: logstash-
|
|
|
|
|
- filtertype: age
|
|
|
|
|
source: name
|
|
|
|
|
direction: older
|
|
|
|
|
timestring: '%Y.%m.%d'
|
|
|
|
|
unit: days
|
|
|
|
|
unit_count: 45
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
system.stateVersion = "18.09"; # Did you read the comment?
|
|
|
|
|
|
|
|
|
|
}
|