pyrox.dev / nixpkgs
lol
fork atom

nixos/journaldriver: add module for journaldriver log forwarder

Adds a module for running the journaldriver log forwarding agent via
systemd.

The agent can be deployed on both GCP instances and machines hosted
elsewhere to forward all logs from journald to Stackdriver Logging.

Consult the module options and upstream documentation for more
information.

Implementation notes:

* The service unit is configured to use systemd's dynamic user feature
which will let systemd set up the state directory and appropriate
user configuration at unit launch time instead of hardcoding it.

* The module depends on `network-online.target` to prevent a situation
where journaldriver is failing and restarting multiple times before
the network is online.

Vincent Ambo 59e5aabe 1b08966d

options
unified split
Changed files
+112
nixos
modules
services
logging
journaldriver.nix
+112
nixos/modules/services/logging/journaldriver.nix 
···

       

       
1

       
+

       
# This module implements a systemd service for running journaldriver,


     

       

       
2

       
+

       
# a log forwarding agent that sends logs from journald to Stackdriver


     

       

       
3

       
+

       
# Logging.


     

       

       
4

       
+

       
#


     

       

       
5

       
+

       
# It can be enabled without extra configuration when running on GCP.


     

       

       
6

       
+

       
# On machines hosted elsewhere, the other configuration options need


     

       

       
7

       
+

       
# to be set.


     

       

       
8

       
+

       
#


     

       

       
9

       
+

       
# For further information please consult the documentation in the


     

       

       
10

       
+

       
# upstream repository at: https://github.com/aprilabank/journaldriver/


     

       

       
11

       
+

       



     

       

       
12

       
+

       
{ config, lib, pkgs, ...}:


     

       

       
13

       
+

       



     

       

       
14

       
+

       
with lib; let cfg = config.services.journaldriver;


     

       

       
15

       
+

       
in {


     

       

       
16

       
+

       
  options.services.journaldriver = {


     

       

       
17

       
+

       
    enable = mkOption {


     

       

       
18

       
+

       
      type        = types.bool;


     

       

       
19

       
+

       
      default     = false;


     

       

       
20

       
+

       
      description = ''


     

       

       
21

       
+

       
        Whether to enable journaldriver to forward journald logs to


     

       

       
22

       
+

       
        Stackdriver Logging.


     

       

       
23

       
+

       
      '';


     

       

       
24

       
+

       
    };


     

       

       
25

       
+

       



     

       

       
26

       
+

       
    logLevel = mkOption {


     

       

       
27

       
+

       
      type        = types.str;


     

       

       
28

       
+

       
      default     = "info";


     

       

       
29

       
+

       
      description = ''


     

       

       
30

       
+

       
        Log level at which journaldriver logs its own output.


     

       

       
31

       
+

       
      '';


     

       

       
32

       
+

       
    };


     

       

       
33

       
+

       



     

       

       
34

       
+

       
    logName = mkOption {


     

       

       
35

       
+

       
      type        = with types; nullOr str;


     

       

       
36

       
+

       
      default     = null;


     

       

       
37

       
+

       
      description = ''


     

       

       
38

       
+

       
        Configures the name of the target log in Stackdriver Logging.


     

       

       
39

       
+

       
        This option can be set to, for example, the hostname of a


     

       

       
40

       
+

       
        machine to improve the user experience in the logging


     

       

       
41

       
+

       
        overview.


     

       

       
42

       
+

       
      '';


     

       

       
43

       
+

       
    };


     

       

       
44

       
+

       



     

       

       
45

       
+

       
    googleCloudProject = mkOption {


     

       

       
46

       
+

       
      type        = with types; nullOr str;


     

       

       
47

       
+

       
      default     = null;


     

       

       
48

       
+

       
      description = ''


     

       

       
49

       
+

       
        Configures the name of the Google Cloud project to which to


     

       

       
50

       
+

       
        forward journald logs.


     

       

       
51

       
+

       



     

       

       
52

       
+

       
        This option is required on non-GCP machines, but should not be


     

       

       
53

       
+

       
        set on GCP instances.


     

       

       
54

       
+

       
      '';


     

       

       
55

       
+

       
    };


     

       

       
56

       
+

       



     

       

       
57

       
+

       
    logStream = mkOption {


     

       

       
58

       
+

       
      type        = with types; nullOr str;


     

       

       
59

       
+

       
      default     = null;


     

       

       
60

       
+

       
      description = ''


     

       

       
61

       
+

       
        Configures the name of the Stackdriver Logging log stream into


     

       

       
62

       
+

       
        which to write journald entries.


     

       

       
63

       
+

       



     

       

       
64

       
+

       
        This option is required on non-GCP machines, but should not be


     

       

       
65

       
+

       
        set on GCP instances.


     

       

       
66

       
+

       
      '';


     

       

       
67

       
+

       
    };


     

       

       
68

       
+

       



     

       

       
69

       
+

       
    applicationCredentials = mkOption {


     

       

       
70

       
+

       
      type        = with types; nullOr path;


     

       

       
71

       
+

       
      default     = null;


     

       

       
72

       
+

       
      description = ''


     

       

       
73

       
+

       
        Path to the service account private key (in JSON-format) used


     

       

       
74

       
+

       
        to forward log entries to Stackdriver Logging on non-GCP


     

       

       
75

       
+

       
        instances.


     

       

       
76

       
+

       



     

       

       
77

       
+

       
        This option is required on non-GCP machines, but should not be


     

       

       
78

       
+

       
        set on GCP instances.


     

       

       
79

       
+

       
      '';


     

       

       
80

       
+

       
    };


     

       

       
81

       
+

       
  };


     

       

       
82

       
+

       



     

       

       
83

       
+

       
  config = mkIf cfg.enable {


     

       

       
84

       
+

       
    systemd.services.journaldriver = {


     

       

       
85

       
+

       
      description = "Stackdriver Logging journal forwarder";


     

       

       
86

       
+

       
      script      = "${pkgs.journaldriver}/bin/journaldriver";


     

       

       
87

       
+

       
      after       = [ "network-online.target" ];


     

       

       
88

       
+

       
      wantedBy    = [ "multi-user.target" ];


     

       

       
89

       
+

       



     

       

       
90

       
+

       
      serviceConfig = {


     

       

       
91

       
+

       
        Restart        = "always";


     

       

       
92

       
+

       
        DynamicUser    = true;


     

       

       
93

       
+

       



     

       

       
94

       
+

       
        # This directive lets systemd automatically configure


     

       

       
95

       
+

       
        # permissions on /var/lib/journaldriver, the directory in


     

       

       
96

       
+

       
        # which journaldriver persists its cursor state.


     

       

       
97

       
+

       
        StateDirectory = "journaldriver";


     

       

       
98

       
+

       



     

       

       
99

       
+

       
        # This group is required for accessing journald.


     

       

       
100

       
+

       
        SupplementaryGroups = "systemd-journal";


     

       

       
101

       
+

       
      };


     

       

       
102

       
+

       



     

       

       
103

       
+

       
      environment = {


     

       

       
104

       
+

       
        RUST_LOG                       = cfg.logLevel;


     

       

       
105

       
+

       
        LOG_NAME                       = cfg.logName;


     

       

       
106

       
+

       
        LOG_STREAM                     = cfg.logStream;


     

       

       
107

       
+

       
        GOOGLE_CLOUD_PROJECT           = cfg.googleCloudProject;


     

       

       
108

       
+

       
        GOOGLE_APPLICATION_CREDENTIALS = cfg.applicationCredentials;


     

       

       
109

       
+

       
      };


     

       

       
110

       
+

       
    };


     

       

       
111

       
+

       
  };


     

       

       
112

       
+

       
}