From d4a933f4738d99dfd6665c2e04e174ce5a8ca854 Mon Sep 17 00:00:00 2001 From: Daniel Poelzleithner Date: Wed, 3 Jul 2019 20:26:46 +0200 Subject: [PATCH] add elastic/logging --- hosts/containers/elastic/configuration.nix | 71 ++++++++++++++++++++++ hosts/containers/logging/configuration.nix | 37 +++++++++++ 2 files changed, 108 insertions(+) create mode 100644 hosts/containers/elastic/configuration.nix create mode 100644 hosts/containers/logging/configuration.nix diff --git a/hosts/containers/elastic/configuration.nix b/hosts/containers/elastic/configuration.nix new file mode 100644 index 00000000..25b7c44d --- /dev/null +++ b/hosts/containers/elastic/configuration.nix @@ -0,0 +1,71 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = + [ ../../../lib/lxc-container.nix + ../../../lib/shared.nix + ../../../lib/admins.nix + ]; + + environment.systemPackages = with pkgs; [ + vim + ]; + + networking = { + hostName = "elastic1"; + }; + + nixpkgs.config.allowUnfree = true; + + services.openssh = { + enable = true; + permitRootLogin = "yes"; + }; + + services.elasticsearch = { + enable = true; + cluster_name = "zentralwerk"; + dataDir = "/srv/elasticsearch"; + listenAddress = "0.0.0.0"; + + }; + + # does not work, needs to be set on hv (done through ansible) + boot.kernel.sysctl = { + "vm.max_map_count"="262144"; + }; + + services.elasticsearch-curator = { + enable = true; + actionYAML = '' + --- + actions: + 1: + action: delete_indices + description: >- + Delete indices older than 45 days (based on index name), for logstash- + prefixed indices. Ignore the error if the filter does not result in an + actionable list of indices (ignore_empty_list) and exit cleanly. + options: + ignore_empty_list: True + disable_action: False + filters: + - filtertype: pattern + kind: prefix + value: logstash- + - filtertype: age + source: name + direction: older + timestring: '%Y.%m.%d' + unit: days + unit_count: 45 + ''; + }; + + system.stateVersion = "18.09"; # Did you read the comment? + +} diff --git a/hosts/containers/logging/configuration.nix b/hosts/containers/logging/configuration.nix new file mode 100644 index 00000000..95dde08a --- /dev/null +++ b/hosts/containers/logging/configuration.nix @@ -0,0 +1,37 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = + [ ../../../lib/lxc-container.nix + ../../../lib/shared.nix + ../../../lib/admins.nix + ]; + + environment.systemPackages = with pkgs; [ + vim + ]; + + networking = { + hostName = "logging"; + }; + + nixpkgs.config.allowUnfree = true; + + services.openssh = { + enable = true; + permitRootLogin = "yes"; + }; + + services.graylog = { + enable = true; + passwordSecret = "SDwK3ug9U4gYSVtj3h22i0l57QO6p5RE58sNehAgU3vXgqGa2HuNyhL19vhoUKFqy28rqGfDQkRD5834NqPi5wLsy8H1hz5V"; + elasticsearchHosts = [ "elastic1.serv.zentralwerk.org" ]; + }; + + system.stateVersion = "19.03"; # Did you read the comment? + +}