81 lines
1.8 KiB
Nix
81 lines
1.8 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, pkgs, lib, ... }:
|
||
|
||
{
|
||
imports =
|
||
[ ../../../lib/lxc-container.nix
|
||
../../../lib/shared.nix
|
||
../../../lib/admins.nix
|
||
];
|
||
|
||
environment.systemPackages = with pkgs; [
|
||
vim
|
||
];
|
||
|
||
networking = {
|
||
hostName = "elastic1";
|
||
firewall = {
|
||
allowedTCPPorts = [
|
||
22
|
||
9200
|
||
9300
|
||
];
|
||
enable = true;
|
||
};
|
||
};
|
||
|
||
nixpkgs.config.allowUnfree = true;
|
||
|
||
services.openssh = {
|
||
enable = true;
|
||
permitRootLogin = "yes";
|
||
};
|
||
|
||
services.elasticsearch = {
|
||
enable = true;
|
||
cluster_name = "zentralwerk";
|
||
dataDir = "/srv/elasticsearch";
|
||
listenAddress = "0.0.0.0";
|
||
extraJavaOptions = [ "-Xms2g" "-Xmx2g" ];
|
||
};
|
||
systemd.services.elasticsearch.serviceConfig.Restart = "always";
|
||
|
||
# does not work, needs to be set on hv (done through ansible)
|
||
boot.kernel.sysctl = {
|
||
"vm.max_map_count"="262144";
|
||
};
|
||
|
||
services.elasticsearch-curator = {
|
||
enable = true;
|
||
actionYAML = ''
|
||
---
|
||
actions:
|
||
1:
|
||
action: delete_indices
|
||
description: >-
|
||
Delete indices older than 45 days (based on index name), for logstash-
|
||
prefixed indices. Ignore the error if the filter does not result in an
|
||
actionable list of indices (ignore_empty_list) and exit cleanly.
|
||
options:
|
||
ignore_empty_list: True
|
||
disable_action: False
|
||
filters:
|
||
- filtertype: pattern
|
||
kind: prefix
|
||
value: logstash-
|
||
- filtertype: age
|
||
source: name
|
||
direction: older
|
||
timestring: '%Y.%m.%d'
|
||
unit: days
|
||
unit_count: 45
|
||
'';
|
||
};
|
||
|
||
system.stateVersion = "18.09"; # Did you read the comment?
|
||
|
||
}
|