68 lines
1.3 KiB
Nix
68 lines
1.3 KiB
Nix
{
|
|
flake,
|
|
modulesPath,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
inherit (flake) inputs;
|
|
inherit (inputs) self;
|
|
in
|
|
{
|
|
imports = [
|
|
self.nixosModules.default
|
|
"${modulesPath}/virtualisation/lxc-container.nix"
|
|
];
|
|
nixpkgs.config.allowUnfreePredicate =
|
|
pkg:
|
|
builtins.elem (lib.getName pkg) [
|
|
"graylog_6.0"
|
|
"mongodb-6_0"
|
|
"mongodb-ce"
|
|
];
|
|
|
|
sops.secrets.graylog = {
|
|
mode = "0440";
|
|
owner = "graylog";
|
|
group = "graylog";
|
|
};
|
|
|
|
systemd.services.graylog = {
|
|
after = [ "sops-nix.service" ];
|
|
serviceConfig = {
|
|
EnvironmentFile = config.sops.secrets.graylog.path;
|
|
};
|
|
};
|
|
services = {
|
|
graylog = {
|
|
enable = true;
|
|
extraConfig = ''
|
|
http_external_uri = https://graylog.skdevstudios.com/
|
|
http_bind_address = 0.0.0.0:9000
|
|
'';
|
|
elasticsearchHosts = [ "http://127.0.0.1:9200" ];
|
|
package = pkgs.graylog-6_0;
|
|
passwordSecret = "";
|
|
rootPasswordSha2 = "";
|
|
};
|
|
mongodb = {
|
|
enable = true;
|
|
package = pkgs.mongodb-ce;
|
|
};
|
|
opensearch = {
|
|
enable = true;
|
|
settings = {
|
|
"cluster.name" = "default";
|
|
};
|
|
};
|
|
};
|
|
networking = {
|
|
hostName = "graylog-tofu";
|
|
};
|
|
environment.systemPackages = [
|
|
];
|
|
system.stateVersion = "25.05";
|
|
}
|