# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, ... }: { imports = [ ../../../lib/lxc-container.nix ../../../lib/shared.nix ../../../lib/admins.nix ]; environment.systemPackages = with pkgs; [ vim ]; networking = { hostName = "logging"; interfaces.eth0.ipv4.addresses = [ { address = "172.20.73.13"; prefixLength = 26; } ]; defaultGateway = "172.20.73.1"; firewall = { allowedTCPPorts = [ 22 9000 80 443 5044 12201 514 ]; allowedUDPPorts = [ 514 ]; enable = false; }; dhcpcd.denyInterfaces = [ "eth1" ]; # interface for mgmt network interfaces.eth1 = { ipv4.addresses = [{ address = "10.0.0.251"; prefixLength = 24; }]; useDHCP = false; }; }; services.openssh = { enable = true; permitRootLogin = "yes"; }; services.nginx = { enable = true; virtualHosts = { default = { locations = { "/".proxyPass = "http://127.0.0.1:9000/"; }; }; }; }; services.graylog = { enable = true; passwordSecret = "SDwK3ug9U4gYSVtj3h22i0l57QO6p5RE58sNehAgU3vXgqGa2HuNyhL19vhoUKFqy28rqGfDQkRD5834NqPi5wLsy8H1hz5V"; # mongo.serv.zentralwerk. ? elasticsearchHosts = [ "http://elastic1.serv.zentralwerk.org:9200" ]; rootPasswordSha2 = "3e784172684dcd89d66175b8719cd7894cc96b454ef1d5aa74bd92b3c57da7cd"; # mongo.serv.zentralwerk. ? mongodbUri = "mongodb://mongo.serv.zentralwerk.org/graylog"; extraConfig = '' http_bind_address = 0.0.0.0:9000 http_publish_uri = http://logging.serv.zentralwerk.org/ elasticsearch_shards = 1 allow_highlighting = true allow_leading_wildcard_searches = true ''; user = "root"; }; systemd.services.graylog.serviceConfig.Restart = "always"; system.stateVersion = "19.03"; # Did you read the comment? }