From b9c2dc13d376a79bceef0829e3990544f950215d Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Jul 2016 20:45:16 +0200 Subject: m 1 darth: configure with forward-journal, share --- makefu/3modules/forward-journal.nix | 50 +++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 makefu/3modules/forward-journal.nix (limited to 'makefu/3modules') diff --git a/makefu/3modules/forward-journal.nix b/makefu/3modules/forward-journal.nix new file mode 100644 index 000000000..26de3ffdd --- /dev/null +++ b/makefu/3modules/forward-journal.nix @@ -0,0 +1,50 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +let + cfg = config.makefu.forward-journal; + + out = { + options.makefu.forward-journal = api; + config = lib.mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "forward journal via syslog"; + src = mkOption { + type = types.str; + description = "syslog host identifier"; + default = config.networking.hostName; + }; + dst = mkOption { + type = types.str; + description = "syslog host identifier"; + default = ""; + }; + proto = mkOption { + type = types.str; + default = "udp"; + }; + port = mkOption { + type = types.int; + description = "destination port"; + default = 514; + }; + + }; + + imp = { + services.syslog-ng = { + enable = true; + extraConfig = '' + template t_remote { template("<$PRI>$DATE ${cfg.src} $PROGRAM[$PID]: $MSG\n"); }; + source s_all { system(); internal(); }; + destination d_loghost { udp("${cfg.dst}" port(${toString cfg.port}) template(t_remote)); }; + log { source(s_all); destination(d_loghost); }; + ''; + }; + }; + +in +out + -- cgit v1.3.1 From 50229a32997d1685b8f3359a675c43828b024362 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Jul 2016 20:46:09 +0200 Subject: m 1 shoney: configure forward-journal --- makefu/1systems/shoney.nix | 14 ++++++++++---- makefu/3modules/default.nix | 1 + 2 files changed, 11 insertions(+), 4 deletions(-) (limited to 'makefu/3modules') diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix index 1fe8871d2..3a3ac9c7c 100644 --- a/makefu/1systems/shoney.nix +++ b/makefu/1systems/shoney.nix @@ -3,8 +3,9 @@ let tinc-siem-ip = "10.8.10.1"; ip = "64.137.234.215"; - alt-ip = "64.137.234.210"; - extra-ip = "64.137.234.114"; #currently unused + alt-ip = "64.137.234.210"; # honeydrive honeyd + extra-ip1 = "64.137.234.114"; # floating tinc.siem + extra-ip2 = "64.137.234.232"; # honeydrive gw = "64.137.234.1"; in { imports = [ @@ -15,7 +16,7 @@ in { ]; - + environment.systemPackages = [ pkgs.honeyd ]; services.tinc.networks.siem.name = "sjump"; krebs = { @@ -37,10 +38,15 @@ in { }; }; }; + makefu.forward-journal = { + enable = true; + src = "10.8.10.1"; + dst = "10.8.10.6"; + }; networking = { interfaces.enp2s1.ip4 = [ { address = ip; prefixLength = 24; } - { address = alt-ip; prefixLength = 24; } + # { address = alt-ip; prefixLength = 24; } ]; defaultGateway = gw; diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 853bdca04..febebaa18 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -6,6 +6,7 @@ _: ./umts.nix ./taskserver.nix ./awesome-extra.nix + ./forward-journal.nix ]; } -- cgit v1.3.1