nixos-config/configs/workhorse/graylog.nix

{ config, lib, pkgs, ... }:
let
  port = 9000;
in
{
  # configure nginx
  services.nginx = {
    enable = true;
    virtualHosts = {
      "graylog.workhorse.private" = {
        locations."/" = {
          proxyPass = "http://localhost:${toString port}";
          extraConfig = ''
            proxy_set_header    Host $host:$server_port;
            proxy_set_header    X-Real-IP $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto $scheme;
            proxy_read_timeout  90;
            proxy_redirect      http://localhost:${toString port} https://graylog.workhorse.private/;
          '';
        };
      };
    };
  };

  services.elasticsearch.enable = true;
  services.mongodb.enable = true;

  services.graylog.enable = true;
  services.graylog.elasticsearchHosts = [ "http://${config.services.elasticsearch.listenAddress}:9200" ];

  # https://docs.graylog.org/en/3.0/pages/configuration/server.conf.html
  services.graylog.extraConfig = ''
    http_bind_address = 0.0.0.0:${toString port}
    http_publish_uri = http://workhorse.private:${toString port}/
  '';

  # other wise this does not work
  services.graylog.nodeIdFile = "/var/lib/graylog/node-id";

  # pwgen -N 1 -s 96
  services.graylog.passwordSecret = lib.fileContents <secrets/graylog/password-secret>;

  # echo -n yourpassword | shasum -a 256
  services.graylog.rootPasswordSha2 = lib.fileContents <secrets/graylog/root-password-hash>;

  environment.etc."graylog/server/GeoLite2-City.mmdb" = {
    enable = true;
    source = "${pkgs.geodatabase}/GeoLite2-City.mmdb";
  };

  # https://wiki.splunk.com/Http_status.csv
  environment.etc."graylog/server/httpCodes.csv" = {
    enable = true;
    text = ''
      status,status_description,status_type
      100,Continue,Informational
      101,Switching Protocols,Informational
      200,OK,Successful
      201,Created,Successful
      202,Accepted,Successful
      203,Non-Authoritative Information,Successful
      204,No Content,Successful
      205,Reset Content,Successful
      206,Partial Content,Successful
      300,Multiple Choices,Redirection
      301,Moved Permanently,Redirection
      302,Found,Redirection
      303,See Other,Redirection
      304,Not Modified,Redirection
      305,Use Proxy,Redirection
      307,Temporary Redirect,Redirection
      400,Bad Request,Client Error
      401,Unauthorized,Client Error
      402,Payment Required,Client Error
      403,Forbidden,Client Error
      404,Not Found,Client Error
      405,Method Not Allowed,Client Error
      406,Not Acceptable,Client Error
      407,Proxy Authentication Required,Client Error
      408,Request Timeout,Client Error
      409,Conflict,Client Error
      410,Gone,Client Error
      411,Length Required,Client Error
      412,Precondition Failed,Client Error
      413,Request Entity Too Large,Client Error
      414,Request-URI Too Long,Client Error
      415,Unsupported Media Type,Client Error
      416,Requested Range Not Satisfiable,Client Error
      417,Expectation Failed,Client Error
      500,Internal Server Error,Server Error
      501,Not Implemented,Server Error
      502,Bad Gateway,Server Error
      503,Service Unavailable,Server Error
      504,Gateway Timeout,Server Error
      505,HTTP Version Not Supported,Server Error
    '';
  };

}
init 2019-10-24 02:20:38 +02:00			`{ config, lib, pkgs, ... }:`
			`let`
			`port = 9000;`
			`in`
			`{`
			`# configure nginx`
			`services.nginx = {`
			`enable = true;`
			`virtualHosts = {`
			`"graylog.workhorse.private" = {`
			`locations."/" = {`
			`proxyPass = "http://localhost:${toString port}";`
			`extraConfig = ''`
			`proxy_set_header Host $host:$server_port;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
			`proxy_read_timeout 90;`
			`proxy_redirect http://localhost:${toString port} https://graylog.workhorse.private/;`
			`'';`
			`};`
			`};`
			`};`
			`};`

			`services.elasticsearch.enable = true;`
			`services.mongodb.enable = true;`

			`services.graylog.enable = true;`
			`services.graylog.elasticsearchHosts = [ "http://${config.services.elasticsearch.listenAddress}:9200" ];`

			`# https://docs.graylog.org/en/3.0/pages/configuration/server.conf.html`
			`services.graylog.extraConfig = ''`
			`http_bind_address = 0.0.0.0:${toString port}`
			`http_publish_uri = http://workhorse.private:${toString port}/`
			`'';`

			`# other wise this does not work`
			`services.graylog.nodeIdFile = "/var/lib/graylog/node-id";`

			`# pwgen -N 1 -s 96`
			`services.graylog.passwordSecret = lib.fileContents <secrets/graylog/password-secret>;`

			`# echo -n yourpassword \| shasum -a 256`
			`services.graylog.rootPasswordSha2 = lib.fileContents <secrets/graylog/root-password-hash>;`

			`environment.etc."graylog/server/GeoLite2-City.mmdb" = {`
			`enable = true;`
			`source = "${pkgs.geodatabase}/GeoLite2-City.mmdb";`
			`};`

			`# https://wiki.splunk.com/Http_status.csv`
			`environment.etc."graylog/server/httpCodes.csv" = {`
			`enable = true;`
			`text = ''`
			`status,status_description,status_type`
			`100,Continue,Informational`
			`101,Switching Protocols,Informational`
			`200,OK,Successful`
			`201,Created,Successful`
			`202,Accepted,Successful`
			`203,Non-Authoritative Information,Successful`
			`204,No Content,Successful`
			`205,Reset Content,Successful`
			`206,Partial Content,Successful`
			`300,Multiple Choices,Redirection`
			`301,Moved Permanently,Redirection`
			`302,Found,Redirection`
			`303,See Other,Redirection`
			`304,Not Modified,Redirection`
			`305,Use Proxy,Redirection`
			`307,Temporary Redirect,Redirection`
			`400,Bad Request,Client Error`
			`401,Unauthorized,Client Error`
			`402,Payment Required,Client Error`
			`403,Forbidden,Client Error`
			`404,Not Found,Client Error`
			`405,Method Not Allowed,Client Error`
			`406,Not Acceptable,Client Error`
			`407,Proxy Authentication Required,Client Error`
			`408,Request Timeout,Client Error`
			`409,Conflict,Client Error`
			`410,Gone,Client Error`
			`411,Length Required,Client Error`
			`412,Precondition Failed,Client Error`
			`413,Request Entity Too Large,Client Error`
			`414,Request-URI Too Long,Client Error`
			`415,Unsupported Media Type,Client Error`
			`416,Requested Range Not Satisfiable,Client Error`
			`417,Expectation Failed,Client Error`
			`500,Internal Server Error,Server Error`
			`501,Not Implemented,Server Error`
			`502,Bad Gateway,Server Error`
			`503,Service Unavailable,Server Error`
			`504,Gateway Timeout,Server Error`
			`505,HTTP Version Not Supported,Server Error`
			`'';`
			`};`

			`}`