Skip to content

Commit 717b53d

Browse files
github-actions[bot]github-actions[bot]
authored
Merge staging-next-21.11 into staging-21.11
2 parents 017fb54 + f85b260 commit 717b53d

36 files changed

Lines changed: 479 additions & 191 deletions

File tree

lib/systems/supported.nix

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,9 @@
44
{ lib }:
55
rec {
66
# List of systems that are built by Hydra.
7-
hydra = tier1 ++ tier2 ++ tier3;
7+
hydra = tier1 ++ tier2 ++ tier3 ++ [
8+
"aarch64-darwin"
9+
];
810

911
tier1 = [
1012
"x86_64-linux"
@@ -16,7 +18,6 @@ rec {
1618
];
1719

1820
tier3 = [
19-
"aarch64-darwin"
2021
"armv6l-linux"
2122
"armv7l-linux"
2223
"i686-linux"

nixos/doc/manual/from_md/release-notes/rl-2111.section.xml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -541,6 +541,14 @@
541541
<link xlink:href="options.html#opt-services.prometheus.exporters.smartctl.enable">services.prometheus.exporters.smartctl</link>.
542542
</para>
543543
</listitem>
544+
<listitem>
545+
<para>
546+
<link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html">filebeat</link>,
547+
a lightweight shipper for forwarding and centralizing log
548+
data. Available as
549+
<link linkend="opt-services.filebeat.enable">services.filebeat</link>.
550+
</para>
551+
</listitem>
544552
</itemizedlist>
545553
</section>
546554
<section xml:id="sec-release-21.11-incompatibilities">

nixos/doc/manual/release-notes/rl-2111.section.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -149,6 +149,8 @@ In addition to numerous new and upgraded packages, this release has the followin
149149

150150
- [smartctl_exporter](https://github.com/prometheus-community/smartctl_exporter), a Prometheus exporter for [S.M.A.R.T.](https://en.wikipedia.org/wiki/S.M.A.R.T.) data. Available as [services.prometheus.exporters.smartctl](options.html#opt-services.prometheus.exporters.smartctl.enable).
151151

152+
- [filebeat](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html), a lightweight shipper for forwarding and centralizing log data. Available as [services.filebeat](#opt-services.filebeat.enable).
153+
152154
## Backward Incompatibilities {#sec-release-21.11-incompatibilities}
153155

154156
- The NixOS VM test framework, `pkgs.nixosTest`/`make-test-python.nix`, now requires detaching commands such as `succeed("foo &")` and `succeed("foo | xclip -i")` to close stdout.

nixos/modules/module-list.nix

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -446,6 +446,7 @@
446446
./services/hardware/xow.nix
447447
./services/logging/SystemdJournal2Gelf.nix
448448
./services/logging/awstats.nix
449+
./services/logging/filebeat.nix
449450
./services/logging/fluentd.nix
450451
./services/logging/graylog.nix
451452
./services/logging/heartbeat.nix

nixos/modules/services/audio/snapserver.nix

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -54,12 +54,12 @@ let
5454
# tcp json rpc
5555
++ [ "--tcp.enabled ${toString cfg.tcp.enable}" ]
5656
++ optionals cfg.tcp.enable [
57-
"--tcp.address ${cfg.tcp.listenAddress}"
57+
"--tcp.bind_to_address ${cfg.tcp.listenAddress}"
5858
"--tcp.port ${toString cfg.tcp.port}" ]
5959
# http json rpc
6060
++ [ "--http.enabled ${toString cfg.http.enable}" ]
6161
++ optionals cfg.http.enable [
62-
"--http.address ${cfg.http.listenAddress}"
62+
"--http.bind_to_address ${cfg.http.listenAddress}"
6363
"--http.port ${toString cfg.http.port}"
6464
] ++ optional (cfg.http.docRoot != null) "--http.doc_root \"${toString cfg.http.docRoot}\"");
6565

nixos/modules/services/logging/filebeat.nix

Lines changed: 253 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,253 @@
1+
{ config, lib, utils, pkgs, ... }:
2+
3+
let
4+
inherit (lib)
5+
attrValues
6+
literalExpression
7+
mkEnableOption
8+
mkIf
9+
mkOption
10+
types;
11+
12+
cfg = config.services.filebeat;
13+
14+
json = pkgs.formats.json {};
15+
in
16+
{
17+
options = {
18+
19+
services.filebeat = {
20+
21+
enable = mkEnableOption "filebeat";
22+
23+
package = mkOption {
24+
type = types.package;
25+
default = pkgs.filebeat;
26+
defaultText = literalExpression "pkgs.filebeat";
27+
example = literalExpression "pkgs.filebeat7";
28+
description = ''
29+
The filebeat package to use.
30+
'';
31+
};
32+
33+
inputs = mkOption {
34+
description = ''
35+
Inputs specify how Filebeat locates and processes input data.
36+
37+
This is like <literal>services.filebeat.settings.filebeat.inputs</literal>,
38+
but structured as an attribute set. This has the benefit
39+
that multiple NixOS modules can contribute settings to a
40+
single filebeat input.
41+
42+
An input type can be specified multiple times by choosing a
43+
different <literal>&lt;name></literal> for each, but setting
44+
<xref linkend="opt-services.filebeat.inputs._name_.type"/>
45+
to the same value.
46+
47+
See <link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/configuration-filebeat-options.html"/>.
48+
'';
49+
default = {};
50+
type = types.attrsOf (types.submodule ({ name, ... }: {
51+
freeformType = json.type;
52+
options = {
53+
type = mkOption {
54+
type = types.str;
55+
default = name;
56+
description = ''
57+
The input type.
58+
59+
Look for the value after <literal>type:</literal> on
60+
the individual input pages linked from
61+
<link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/configuration-filebeat-options.html"/>.
62+
'';
63+
};
64+
};
65+
}));
66+
example = literalExpression ''
67+
{
68+
journald.id = "everything"; # Only for filebeat7
69+
log = {
70+
enabled = true;
71+
paths = [
72+
"/var/log/*.log"
73+
];
74+
};
75+
};
76+
'';
77+
};
78+
79+
modules = mkOption {
80+
description = ''
81+
Filebeat modules provide a quick way to get started
82+
processing common log formats. They contain default
83+
configurations, Elasticsearch ingest pipeline definitions,
84+
and Kibana dashboards to help you implement and deploy a log
85+
monitoring solution.
86+
87+
This is like <literal>services.filebeat.settings.filebeat.modules</literal>,
88+
but structured as an attribute set. This has the benefit
89+
that multiple NixOS modules can contribute settings to a
90+
single filebeat module.
91+
92+
A module can be specified multiple times by choosing a
93+
different <literal>&lt;name></literal> for each, but setting
94+
<xref linkend="opt-services.filebeat.modules._name_.module"/>
95+
to the same value.
96+
97+
See <link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules.html"/>.
98+
'';
99+
default = {};
100+
type = types.attrsOf (types.submodule ({ name, ... }: {
101+
freeformType = json.type;
102+
options = {
103+
module = mkOption {
104+
type = types.str;
105+
default = name;
106+
description = ''
107+
The name of the module.
108+
109+
Look for the value after <literal>module:</literal> on
110+
the individual input pages linked from
111+
<link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules.html"/>.
112+
'';
113+
};
114+
};
115+
}));
116+
example = literalExpression ''
117+
{
118+
nginx = {
119+
access = {
120+
enabled = true;
121+
var.paths = [ "/path/to/log/nginx/access.log*" ];
122+
};
123+
error = {
124+
enabled = true;
125+
var.paths = [ "/path/to/log/nginx/error.log*" ];
126+
};
127+
};
128+
};
129+
'';
130+
};
131+
132+
settings = mkOption {
133+
type = types.submodule {
134+
freeformType = json.type;
135+
136+
options = {
137+
138+
output.elasticsearch.hosts = mkOption {
139+
type = with types; listOf str;
140+
default = [ "127.0.0.1:9200" ];
141+
example = [ "myEShost:9200" ];
142+
description = ''
143+
The list of Elasticsearch nodes to connect to.
144+
145+
The events are distributed to these nodes in round
146+
robin order. If one node becomes unreachable, the
147+
event is automatically sent to another node. Each
148+
Elasticsearch node can be defined as a URL or
149+
IP:PORT. For example:
150+
<literal>http://192.15.3.2</literal>,
151+
<literal>https://es.found.io:9230</literal> or
152+
<literal>192.24.3.2:9300</literal>. If no port is
153+
specified, <literal>9200</literal> is used.
154+
'';
155+
};
156+
157+
filebeat = {
158+
inputs = mkOption {
159+
type = types.listOf json.type;
160+
default = [];
161+
internal = true;
162+
description = ''
163+
Inputs specify how Filebeat locates and processes
164+
input data. Use <xref
165+
linkend="opt-services.filebeat.inputs"/> instead.
166+
167+
See <link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/configuration-filebeat-options.html"/>.
168+
'';
169+
};
170+
modules = mkOption {
171+
type = types.listOf json.type;
172+
default = [];
173+
internal = true;
174+
description = ''
175+
Filebeat modules provide a quick way to get started
176+
processing common log formats. They contain default
177+
configurations, Elasticsearch ingest pipeline
178+
definitions, and Kibana dashboards to help you
179+
implement and deploy a log monitoring solution.
180+
181+
Use <xref linkend="opt-services.filebeat.modules"/> instead.
182+
183+
See <link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules.html"/>.
184+
'';
185+
};
186+
};
187+
};
188+
};
189+
default = {};
190+
example = literalExpression ''
191+
{
192+
settings = {
193+
output.elasticsearch = {
194+
hosts = [ "myEShost:9200" ];
195+
username = "filebeat_internal";
196+
password = { _secret = "/var/keys/elasticsearch_password"; };
197+
};
198+
logging.level = "info";
199+
};
200+
};
201+
'';
202+
203+
description = ''
204+
Configuration for filebeat. See
205+
<link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-reference-yml.html"/>
206+
for supported values.
207+
208+
Options containing secret data should be set to an attribute
209+
set containing the attribute <literal>_secret</literal> - a
210+
string pointing to a file containing the value the option
211+
should be set to. See the example to get a better picture of
212+
this: in the resulting
213+
<filename>filebeat.yml</filename> file, the
214+
<literal>output.elasticsearch.password</literal>
215+
key will be set to the contents of the
216+
<filename>/var/keys/elasticsearch_password</filename> file.
217+
'';
218+
};
219+
};
220+
};
221+
222+
config = mkIf cfg.enable {
223+
224+
services.filebeat.settings.filebeat.inputs = attrValues cfg.inputs;
225+
services.filebeat.settings.filebeat.modules = attrValues cfg.modules;
226+
227+
systemd.services.filebeat = {
228+
description = "Filebeat log shipper";
229+
wantedBy = [ "multi-user.target" ];
230+
wants = [ "elasticsearch.service" ];
231+
after = [ "elasticsearch.service" ];
232+
serviceConfig = {
233+
ExecStartPre = pkgs.writeShellScript "filebeat-exec-pre" ''
234+
set -euo pipefail
235+
236+
umask u=rwx,g=,o=
237+
238+
${utils.genJqSecretsReplacementSnippet
239+
cfg.settings
240+
"/var/lib/filebeat/filebeat.yml"
241+
}
242+
'';
243+
ExecStart = ''
244+
${cfg.package}/bin/filebeat -e \
245+
-c "/var/lib/filebeat/filebeat.yml" \
246+
--path.data "/var/lib/filebeat"
247+
'';
248+
Restart = "always";
249+
StateDirectory = "filebeat";
250+
};
251+
};
252+
};
253+
}

nixos/modules/services/logging/journalbeat.nix

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,6 @@ in
2828
type = types.package;
2929
default = pkgs.journalbeat;
3030
defaultText = literalExpression "pkgs.journalbeat";
31-
example = literalExpression "pkgs.journalbeat7";
3231
description = ''
3332
The journalbeat package to use
3433
'';

0 commit comments

Comments
 (0)