start graylog terranix configuration

2021-07-13 22:33:04 +02:00 · 2021-07-13 22:33:04 +02:00 · fc0d423732
parent 5b6c9ab92b
commit fc0d423732
4 changed files with 94 additions and 0 deletions
--- a/terranix/graylog/config.nix
+++ b/terranix/graylog/config.nix
@ -0,0 +1,10 @@
+with builtins; {
+
+  imports = [ ./provider.nix ./nginx.nix ];
+
+  resource.graylog_output.stdout = {
+    title = "test stdout";
+    type = "org.graylog2.outputs.LoggingOutput";
+    configuration = toJSON ({ prefix = "Writing message: "; });
+  };
+}
--- a/terranix/graylog/nginx.nix
+++ b/terranix/graylog/nginx.nix
@ -0,0 +1,55 @@
+with builtins; {
+  resource.graylog_input = {
+    nginx_access_logs = {
+      title = "test nginx access log input";
+      # https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
+      type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
+      global = true;
+      attributes = toJSON ({
+        allow_override_date = true;
+        bind_address = "0.0.0.0";
+        expand_structured_data = false;
+        force_rdns = false;
+        number_worker_threads = 2;
+        port = 12209; # todo
+        recv_buffer_size = 262144;
+        store_full_message = false;
+      });
+    };
+    nginx_error_logs = {
+      title = "test nginx error log input";
+      # https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
+      type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
+      global = true;
+      attributes = toJSON ({
+        allow_override_date = true;
+        bind_address = "0.0.0.0";
+        expand_structured_data = false;
+        force_rdns = false;
+        number_worker_threads = 2;
+        port = 12208; # todo
+        recv_buffer_size = 262144;
+        store_full_message = false;
+      });
+    };
+  };
+
+  resource.graylog_input_static_fields = {
+    nginx_access_logs = {
+      input_id = "\${graylog_input.nginx_access_logs.id}";
+      fields = {
+        from_nginx = true;
+        nginx_error = false;
+        nginx_access = true;
+      };
+    };
+    nginx_error_logs = {
+      input_id = "\${graylog_input.nginx_error_logs.id}";
+      fields = {
+        from_nginx = true;
+        nginx_error = true;
+        nginx_access = false;
+      };
+    };
+  };
+}
--- a/terranix/graylog/provider.nix
+++ b/terranix/graylog/provider.nix
@ -0,0 +1,13 @@
+{
+  terraform.required_providers.graylog = {
+    source = "terraform-provider-graylog/graylog";
+    version = "1.0.4";
+  };
+
+  provider.graylog = {
+    web_endpoint_uri = "http://graylog.workhorse.private/api";
+    api_version = "v3";
+    #auth_name = "GRAYLOG_AUTH_NAME";
+    auth_password = "token";
+  };
+}
--- a/terranix/graylog/shell.nix
+++ b/terranix/graylog/shell.nix
@ -0,0 +1,16 @@
+{ pkgs ?  import <nixpkgs> {} }:
+let
+  pass_access_token_path = "development/graylog/access_token";
+in
+
+pkgs.mkShell {
+
+  buildInputs = with pkgs; [
+    terranix
+    (writers.writeBashBin "terraform" ''
+      export GRAYLOG_AUTH_NAME=`${pkgs.pass}/bin/pass show ${pass_access_token_path}`
+      ${pkgs.terraform_0_15}/bin/terraform "$@"
+    '')
+  ];
+
+}