summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/elchos/log.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-12-24 23:45:19 +0100
committermakefu <github@syntax-fehler.de>2016-12-24 23:45:19 +0100
commit4ae1d6e6d0efbe4eb625d7a7d5c056d024dd99ea (patch)
treec5e0155561e586dbc94cd86807cd58ce9afde277 /makefu/2configs/elchos/log.nix
parentf2731979702efb186ec6b7384f11df5cc3518734 (diff)
m 2 elchos/log: init
Diffstat (limited to 'makefu/2configs/elchos/log.nix')
-rw-r--r--makefu/2configs/elchos/log.nix56
1 files changed, 56 insertions, 0 deletions
diff --git a/makefu/2configs/elchos/log.nix b/makefu/2configs/elchos/log.nix
new file mode 100644
index 000000000..3facd1ceb
--- /dev/null
+++ b/makefu/2configs/elchos/log.nix
@@ -0,0 +1,56 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+in {
+ networking.firewall.allowedTCPPorts = [ 80 443 514 ];
+ networking.firewall.allowedUDPPorts = [ 80 443 514 ];
+ services.logstash = {
+ enable = true;
+ enableWeb = true;
+ inputConfig = ''
+ syslog {
+ timezone => "Etc/UTC"
+ }
+ '';
+ filterConfig = ''
+ if ( [program] == "proftpd") {
+ kv {
+ field_split => " "
+ }
+ }
+ '';
+ outputConfig = ''
+ stdout {
+ codec => rubydebug
+ }
+ elasticsearch { }
+ '';
+ };
+ services.elasticsearch = {
+ enable = true;
+ };
+ services.kibana = {
+ enable = true;
+ port = 9332;
+ };
+ services.nginx = {
+ virtualHosts = {
+ "log.nsupdate.info" = {
+ enableACME = true;
+ forceSSL = true;
+ basicAuth = import <secrets/kibana-auth.nix>;
+ locations = {
+ "/" = {
+ proxyPass = "http://localhost:9332";
+ extraConfig = ''
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ '';
+ };
+ };
+ };
+ };
+ };
+}