nixos/modules/services/logging/journaldriver.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / logging / journaldriver.nix
at 25.11-pre 3.4 kB view raw
  1# This module implements a systemd service for running journaldriver,
  2# a log forwarding agent that sends logs from journald to Stackdriver
  3# Logging.
  4#
  5# It can be enabled without extra configuration when running on GCP.
  6# On machines hosted elsewhere, the other configuration options need
  7# to be set.
  8#
  9# For further information please consult the documentation in the
 10# upstream repository at: https://github.com/tazjin/journaldriver/
 11
 12{
 13  config,
 14  lib,
 15  pkgs,
 16  ...
 17}:
 18
 19with lib;
 20let
 21  cfg = config.services.journaldriver;
 22in
 23{
 24  options.services.journaldriver = {
 25    enable = mkOption {
 26      type = types.bool;
 27      default = false;
 28      description = ''
 29        Whether to enable journaldriver to forward journald logs to
 30        Stackdriver Logging.
 31      '';
 32    };
 33
 34    logLevel = mkOption {
 35      type = types.str;
 36      default = "info";
 37      description = ''
 38        Log level at which journaldriver logs its own output.
 39      '';
 40    };
 41
 42    logName = mkOption {
 43      type = with types; nullOr str;
 44      default = null;
 45      description = ''
 46        Configures the name of the target log in Stackdriver Logging.
 47        This option can be set to, for example, the hostname of a
 48        machine to improve the user experience in the logging
 49        overview.
 50      '';
 51    };
 52
 53    googleCloudProject = mkOption {
 54      type = with types; nullOr str;
 55      default = null;
 56      description = ''
 57        Configures the name of the Google Cloud project to which to
 58        forward journald logs.
 59
 60        This option is required on non-GCP machines, but should not be
 61        set on GCP instances.
 62      '';
 63    };
 64
 65    logStream = mkOption {
 66      type = with types; nullOr str;
 67      default = null;
 68      description = ''
 69        Configures the name of the Stackdriver Logging log stream into
 70        which to write journald entries.
 71
 72        This option is required on non-GCP machines, but should not be
 73        set on GCP instances.
 74      '';
 75    };
 76
 77    applicationCredentials = mkOption {
 78      type = with types; nullOr path;
 79      default = null;
 80      description = ''
 81        Path to the service account private key (in JSON-format) used
 82        to forward log entries to Stackdriver Logging on non-GCP
 83        instances.
 84
 85        This option is required on non-GCP machines, but should not be
 86        set on GCP instances.
 87      '';
 88    };
 89  };
 90
 91  config = mkIf cfg.enable {
 92    systemd.services.journaldriver = {
 93      description = "Stackdriver Logging journal forwarder";
 94      script = "${pkgs.journaldriver}/bin/journaldriver";
 95      wants = [ "network-online.target" ];
 96      after = [ "network-online.target" ];
 97      wantedBy = [ "multi-user.target" ];
 98
 99      serviceConfig = {
100        Restart = "always";
101        DynamicUser = true;
102
103        # This directive lets systemd automatically configure
104        # permissions on /var/lib/journaldriver, the directory in
105        # which journaldriver persists its cursor state.
106        StateDirectory = "journaldriver";
107
108        # This group is required for accessing journald.
109        SupplementaryGroups = "systemd-journal";
110      };
111
112      environment = {
113        RUST_LOG = cfg.logLevel;
114        LOG_NAME = cfg.logName;
115        LOG_STREAM = cfg.logStream;
116        GOOGLE_CLOUD_PROJECT = cfg.googleCloudProject;
117        GOOGLE_APPLICATION_CREDENTIALS = cfg.applicationCredentials;
118      };
119    };
120  };
121}