From afc939f37d82e0ceb74aa1d3cda719328e3ac827 Mon Sep 17 00:00:00 2001 From: Nico Felbinger Date: Tue, 25 Jun 2024 16:02:22 +0200 Subject: [PATCH] nixos/filebeat: Improve options --- .../manual/release-notes/rl-2411.section.md | 2 + nixos/modules/services/logging/filebeat.nix | 108 +++++++++++++++--- 2 files changed, 91 insertions(+), 19 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index 339c4bb38c36e..3dd952a149db4 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -775,6 +775,8 @@ - torq has been removed because upstreamed went closed source. +- Removed `filebeat` default output for elasticsearch to `127.0.0.1:9200` and improved nixos options for outputs. + ## Other Notable Changes {#sec-release-24.11-notable-changes} diff --git a/nixos/modules/services/logging/filebeat.nix b/nixos/modules/services/logging/filebeat.nix index 53a00be860d7e..13c3a53cb65d4 100644 --- a/nixos/modules/services/logging/filebeat.nix +++ b/nixos/modules/services/logging/filebeat.nix @@ -22,15 +22,14 @@ let json = pkgs.formats.json { }; in { + meta.maintainers = with lib.maintainers; [ felbinger ]; options = { services.filebeat = { enable = mkEnableOption "filebeat"; - package = mkPackageOption pkgs "filebeat" { - example = "filebeat7"; - }; + package = mkPackageOption pkgs "filebeat" { example = "filebeat7"; }; inputs = mkOption { description = '' @@ -146,23 +145,49 @@ in freeformType = json.type; options = { - - output.elasticsearch.hosts = mkOption { - type = with types; listOf str; - default = [ "127.0.0.1:9200" ]; - example = [ "myEShost:9200" ]; + output = mkOption { + type = types.nullOr ( + types.attrsOf ( + types.submodule { + freeformType = json.type; + options = { + enabled = mkEnableOption ""; + hosts = mkOption { + type = with types; listOf str; + default = [ ]; + description = '' + The list of Elasticsearch/Logstash/Kafka/Redis nodes to connect to. + The events are distributed to these nodes in round robin order. If + one node becomes unreachable, the event is automatically sent to + another node. Each node can be defined as a URL or IP:PORT. + ''; + }; + }; + } + ) + ); + default = { + elasticsearch = { + enable = true; + hosts = [ "127.0.0.1:9200" ]; + }; + }; + example = { + elasticsearch.enable = false; + logstash = { + enable = true; + hosts = [ "myEShost:9200" ]; + }; + }; description = '' - The list of Elasticsearch nodes to connect to. - - The events are distributed to these nodes in round - robin order. If one node becomes unreachable, the - event is automatically sent to another node. Each - Elasticsearch node can be defined as a URL or - IP:PORT. For example: - `http://192.15.3.2`, - `https://es.found.io:9230` or - `192.24.3.2:9300`. If no port is - specified, `9200` is used. + You configure Filebeat to write to a specific output by setting options in the + Outputs section of the `filebeat.yml` config file. Only a single output may be defined. + + The following topics describe how to configure each supported output. If you've secured + the Elastic Stack, also read Secure for more about security-related configuration options. + + For more information about the available outputs see + [elastic.co/guide/en/beats/filebeat/current/configuring-output.html](https://www.elastic.co/guide/en/beats/filebeat/current/configuring-output.html). ''; }; @@ -232,6 +257,51 @@ in config = mkIf cfg.enable { + assertions = + let + validOutputs = [ + "elasticsearch" + "logstash" + "kafka" + "redis" + "file" + "console" + "discard" + ]; + validOutputsHosts = [ + "elasticsearch" + "logstash" + "kafka" + "redis" + ]; + + filterEnabled = attrset: + let + enabledNames = builtins.filter (name: attrset.${name}.enabled) (builtins.attrNames attrset); + in + builtins.listToAttrs (map (name: { name = name; value = attrset.${name}; }) enabledNames); + + enabledOutputs = filterEnabled cfg.settings.output; + in + [ + { + assertion = builtins.length (builtins.attrNames enabledOutputs) == 1; + message = "only one services.filebeat.settings.output can be configured"; + } + { + assertion = + (builtins.length (builtins.attrNames enabledOutputs) != 1) + || (builtins.elem (builtins.head (builtins.attrNames enabledOutputs)) validOutputs); + message = "services.filebeat.settings.output is invalid, choose one of: ${lib.concatStringsSep ", " validOutputs}"; + } + { + assertion = + (builtins.length (builtins.attrNames enabledOutputs) != 1) + || (builtins.elem (builtins.head (builtins.attrNames enabledOutputs)) validOutputsHosts); + message = "services.filebeat.settings.output..hosts can only be configured for: ${lib.concatStringsSep ", " validOutputsHosts}"; + } + ]; + services.filebeat.settings.filebeat.inputs = attrValues cfg.inputs; services.filebeat.settings.filebeat.modules = attrValues cfg.modules;