treewide: add journald-remote
This commit is contained in:
parent
bd42412b94
commit
112a95c050
10
base.nix
10
base.nix
|
@ -173,6 +173,16 @@
|
|||
};
|
||||
};
|
||||
|
||||
services.journald.upload = {
|
||||
enable = values.services.logcollector.ipv4;
|
||||
settings.Upload = {
|
||||
URL = "https://logcollector.pvv.ntnu.no:19532";
|
||||
ServerKeyFile = "-";
|
||||
ServerCertificateFile = "-";
|
||||
TrustedCertificateFile = "-";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = lib.mkIf config.services.nginx.enable [ 80 443 ];
|
||||
|
||||
security.acme = {
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
{ ... }:
|
||||
{
|
||||
services.journald.remote = {
|
||||
enable = true;
|
||||
settings.Remote = {
|
||||
# ServerKeyFile = "/run/credentials/systemd-journald-remote.service/key.pem";
|
||||
# ServerCertificateFile = "/run/credentials/systemd-journald-remote.service/.pem";
|
||||
ServerKeyFile = "/etc/journald-remote-certs/key.pem";
|
||||
ServerCertificateFile = "/etc/journald-remote-certs/cert.pem";
|
||||
TrustedCertificateFile = "-";
|
||||
};
|
||||
};
|
||||
|
||||
# systemd.services.systemd-journal-remote.serviceConfig.LoadCredential = [
|
||||
# "key.pem:/etc/journald-remote-certs/key.pem"
|
||||
# "cert.pem:/etc/journald-remote-certs/cert.pem"
|
||||
# ];
|
||||
}
|
|
@ -21,6 +21,9 @@ in rec {
|
|||
ipv4 = pvv-ipv4 213;
|
||||
ipv6 = pvv-ipv6 213;
|
||||
};
|
||||
log-collector = {
|
||||
inherit (hosts.ildkule) ipv4 ipv6;
|
||||
};
|
||||
};
|
||||
|
||||
hosts = {
|
||||
|
|
Loading…
Reference in New Issue