treewide: add journald-remote
This commit is contained in:
parent
bd42412b94
commit
112a95c050
10
base.nix
10
base.nix
|
@ -173,6 +173,16 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.journald.upload = {
|
||||||
|
enable = values.services.logcollector.ipv4;
|
||||||
|
settings.Upload = {
|
||||||
|
URL = "https://logcollector.pvv.ntnu.no:19532";
|
||||||
|
ServerKeyFile = "-";
|
||||||
|
ServerCertificateFile = "-";
|
||||||
|
TrustedCertificateFile = "-";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = lib.mkIf config.services.nginx.enable [ 80 443 ];
|
networking.firewall.allowedTCPPorts = lib.mkIf config.services.nginx.enable [ 80 443 ];
|
||||||
|
|
||||||
security.acme = {
|
security.acme = {
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.journald.remote = {
|
||||||
|
enable = true;
|
||||||
|
settings.Remote = {
|
||||||
|
# ServerKeyFile = "/run/credentials/systemd-journald-remote.service/key.pem";
|
||||||
|
# ServerCertificateFile = "/run/credentials/systemd-journald-remote.service/.pem";
|
||||||
|
ServerKeyFile = "/etc/journald-remote-certs/key.pem";
|
||||||
|
ServerCertificateFile = "/etc/journald-remote-certs/cert.pem";
|
||||||
|
TrustedCertificateFile = "-";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# systemd.services.systemd-journal-remote.serviceConfig.LoadCredential = [
|
||||||
|
# "key.pem:/etc/journald-remote-certs/key.pem"
|
||||||
|
# "cert.pem:/etc/journald-remote-certs/cert.pem"
|
||||||
|
# ];
|
||||||
|
}
|
|
@ -21,6 +21,9 @@ in rec {
|
||||||
ipv4 = pvv-ipv4 213;
|
ipv4 = pvv-ipv4 213;
|
||||||
ipv6 = pvv-ipv6 213;
|
ipv6 = pvv-ipv6 213;
|
||||||
};
|
};
|
||||||
|
log-collector = {
|
||||||
|
inherit (hosts.ildkule) ipv4 ipv6;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
hosts = {
|
hosts = {
|
||||||
|
|
Loading…
Reference in New Issue