131 lines
4.3 KiB
Nix
131 lines
4.3 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
let port = 9000;
|
||
|
in {
|
||
|
# configure nginx
|
||
|
services.nginx = {
|
||
|
enable = true;
|
||
|
virtualHosts = {
|
||
|
"graylog.workhorse.private" = {
|
||
|
locations."/" = {
|
||
|
proxyPass = "http://localhost:${toString port}";
|
||
|
extraConfig = ''
|
||
|
proxy_set_header Host $host:$server_port;
|
||
|
proxy_set_header X-Real-IP $remote_addr;
|
||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||
|
proxy_read_timeout 90;
|
||
|
proxy_redirect http://localhost:${
|
||
|
toString port
|
||
|
} https://graylog.workhorse.private/;
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
|
||
|
services.mongodb.enable = true;
|
||
|
services.elasticsearch = {
|
||
|
enable = true;
|
||
|
listenAddress = "${config.networking.hostName}.private";
|
||
|
extraJavaOptions = [ "-Des.http.cname_in_publish_address=true" ];
|
||
|
};
|
||
|
|
||
|
services.graylog.enable = true;
|
||
|
services.graylog.elasticsearchHosts =
|
||
|
[ "http://${config.services.elasticsearch.listenAddress}:9200" ];
|
||
|
|
||
|
# https://docs.graylog.org/en/3.0/pages/configuration/server.conf.html
|
||
|
services.graylog.extraConfig = ''
|
||
|
http_bind_address = 0.0.0.0:${toString port}
|
||
|
http_publish_uri = http://workhorse.private:${toString port}/
|
||
|
'';
|
||
|
|
||
|
# other wise this does not work
|
||
|
services.graylog.nodeIdFile = "/var/lib/graylog/node-id";
|
||
|
|
||
|
# pwgen -N 1 -s 96
|
||
|
services.graylog.passwordSecret =
|
||
|
lib.fileContents ../../private_assets/graylog/password-secret;
|
||
|
|
||
|
# echo -n yourpassword | shasum -a 256
|
||
|
services.graylog.rootPasswordSha2 =
|
||
|
lib.fileContents ../../private_assets/graylog/root-password-hash;
|
||
|
|
||
|
services.graylog.plugins = [ pkgs.graylogPlugins.slack ];
|
||
|
|
||
|
# not working at the moment
|
||
|
#services.geoip-updater.enable = true;
|
||
|
|
||
|
# https://wiki.splunk.com/Http_status.csv
|
||
|
environment.etc."graylog/server/httpCodes.csv" = {
|
||
|
enable = true;
|
||
|
text = ''
|
||
|
status,status_description,status_type
|
||
|
100,Continue,Informational
|
||
|
101,Switching Protocols,Informational
|
||
|
200,OK,Successful
|
||
|
201,Created,Successful
|
||
|
202,Accepted,Successful
|
||
|
203,Non-Authoritative Information,Successful
|
||
|
204,No Content,Successful
|
||
|
205,Reset Content,Successful
|
||
|
206,Partial Content,Successful
|
||
|
300,Multiple Choices,Redirection
|
||
|
301,Moved Permanently,Redirection
|
||
|
302,Found,Redirection
|
||
|
303,See Other,Redirection
|
||
|
304,Not Modified,Redirection
|
||
|
305,Use Proxy,Redirection
|
||
|
307,Temporary Redirect,Redirection
|
||
|
400,Bad Request,Client Error
|
||
|
401,Unauthorized,Client Error
|
||
|
402,Payment Required,Client Error
|
||
|
403,Forbidden,Client Error
|
||
|
404,Not Found,Client Error
|
||
|
405,Method Not Allowed,Client Error
|
||
|
406,Not Acceptable,Client Error
|
||
|
407,Proxy Authentication Required,Client Error
|
||
|
408,Request Timeout,Client Error
|
||
|
409,Conflict,Client Error
|
||
|
410,Gone,Client Error
|
||
|
411,Length Required,Client Error
|
||
|
412,Precondition Failed,Client Error
|
||
|
413,Request Entity Too Large,Client Error
|
||
|
414,Request-URI Too Long,Client Error
|
||
|
415,Unsupported Media Type,Client Error
|
||
|
416,Requested Range Not Satisfiable,Client Error
|
||
|
417,Expectation Failed,Client Error
|
||
|
500,Internal Server Error,Server Error
|
||
|
501,Not Implemented,Server Error
|
||
|
502,Bad Gateway,Server Error
|
||
|
503,Service Unavailable,Server Error
|
||
|
504,Gateway Timeout,Server Error
|
||
|
505,HTTP Version Not Supported,Server Error
|
||
|
'';
|
||
|
};
|
||
|
|
||
|
environment.etc."graylog/server/known_servers.csv" = {
|
||
|
enable = true;
|
||
|
text = ''
|
||
|
"ip","host_name"
|
||
|
"95.216.1.150","lassul.us"
|
||
|
'';
|
||
|
};
|
||
|
|
||
|
environment.etc."graylog/systemd/loglevel.csv" = {
|
||
|
enable = true;
|
||
|
text = ''
|
||
|
"value","Servity","Description"
|
||
|
"0","emergency","System is unusable"
|
||
|
"1","alert","Should be corrected immediately"
|
||
|
"2","cirtical","Critical conditions"
|
||
|
"3","error","Error Condition"
|
||
|
"4","warning","May indicate that an error will occur if action is not taken."
|
||
|
"5","notice","Events that are unusual, but not error conditions."
|
||
|
"6","info","Normal operational messages that require no action."
|
||
|
"7","debug","Information useful to developers for debugging the application."
|
||
|
'';
|
||
|
};
|
||
|
|
||
|
}
|