From fc0d423732cbb1059f76f066ea43b7d00369d5e2 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Tue, 13 Jul 2021 22:33:04 +0200 Subject: [PATCH] start graylog terranix configuration --- terranix/graylog/config.nix | 10 +++++++ terranix/graylog/nginx.nix | 55 +++++++++++++++++++++++++++++++++++ terranix/graylog/provider.nix | 13 +++++++++ terranix/graylog/shell.nix | 16 ++++++++++ 4 files changed, 94 insertions(+) create mode 100644 terranix/graylog/config.nix create mode 100644 terranix/graylog/nginx.nix create mode 100644 terranix/graylog/provider.nix create mode 100644 terranix/graylog/shell.nix diff --git a/terranix/graylog/config.nix b/terranix/graylog/config.nix new file mode 100644 index 0000000..5100a8d --- /dev/null +++ b/terranix/graylog/config.nix @@ -0,0 +1,10 @@ +with builtins; { + + imports = [ ./provider.nix ./nginx.nix ]; + + resource.graylog_output.stdout = { + title = "test stdout"; + type = "org.graylog2.outputs.LoggingOutput"; + configuration = toJSON ({ prefix = "Writing message: "; }); + }; +} diff --git a/terranix/graylog/nginx.nix b/terranix/graylog/nginx.nix new file mode 100644 index 0000000..c956672 --- /dev/null +++ b/terranix/graylog/nginx.nix @@ -0,0 +1,55 @@ +with builtins; { + resource.graylog_input = { + nginx_access_logs = { + title = "test nginx access log input"; + # https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html + type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput"; + global = true; + attributes = toJSON ({ + allow_override_date = true; + bind_address = "0.0.0.0"; + expand_structured_data = false; + force_rdns = false; + number_worker_threads = 2; + port = 12209; # todo + recv_buffer_size = 262144; + store_full_message = false; + }); + }; + nginx_error_logs = { + title = "test nginx error log input"; + # https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html + type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput"; + global = true; + attributes = toJSON ({ + allow_override_date = true; + bind_address = "0.0.0.0"; + expand_structured_data = false; + force_rdns = false; + number_worker_threads = 2; + port = 12208; # todo + recv_buffer_size = 262144; + store_full_message = false; + }); + }; + }; + + resource.graylog_input_static_fields = { + nginx_access_logs = { + input_id = "\${graylog_input.nginx_access_logs.id}"; + fields = { + from_nginx = true; + nginx_error = false; + nginx_access = true; + }; + }; + nginx_error_logs = { + input_id = "\${graylog_input.nginx_error_logs.id}"; + fields = { + from_nginx = true; + nginx_error = true; + nginx_access = false; + }; + }; + }; +} diff --git a/terranix/graylog/provider.nix b/terranix/graylog/provider.nix new file mode 100644 index 0000000..f5ccb44 --- /dev/null +++ b/terranix/graylog/provider.nix @@ -0,0 +1,13 @@ +{ + terraform.required_providers.graylog = { + source = "terraform-provider-graylog/graylog"; + version = "1.0.4"; + }; + + provider.graylog = { + web_endpoint_uri = "http://graylog.workhorse.private/api"; + api_version = "v3"; + #auth_name = "GRAYLOG_AUTH_NAME"; + auth_password = "token"; + }; +} diff --git a/terranix/graylog/shell.nix b/terranix/graylog/shell.nix new file mode 100644 index 0000000..ffa6446 --- /dev/null +++ b/terranix/graylog/shell.nix @@ -0,0 +1,16 @@ +{ pkgs ? import {} }: +let + pass_access_token_path = "development/graylog/access_token"; +in + +pkgs.mkShell { + + buildInputs = with pkgs; [ + terranix + (writers.writeBashBin "terraform" '' + export GRAYLOG_AUTH_NAME=`${pkgs.pass}/bin/pass show ${pass_access_token_path}` + ${pkgs.terraform_0_15}/bin/terraform "$@" + '') + ]; + +}