pyrox.dev / nixpkgs
lol
fork atom

nixos/osquery: set default database_path and logger_path

bstanderline d784db18 29b42bd7

options
unified split
Changed files
+22 -8
nixos
modules
services
monitoring
osquery.nix
+22 -8
nixos/modules/services/monitoring/osquery.nix 
···

       
63

       
 

       
          freeformType = attrsOf str;


     

       
64

       
 

       
          options = {


     

       
65

       
 

       
            database_path = lib.mkOption {


     

       
66

       
-

       
              default = "osquery/osquery.db";


     

       
67

       
 

       
              readOnly = true;


     

       
68

       
-

       
              description = "Path used for the database file, relative to /var/lib/.";


     

       
69

       
-

       
              type = nonEmptyStr;


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
70

       
 

       
            };


     

       
71

       
 

       
            logger_path = lib.mkOption {


     

       
72

       
-

       
              default = "osquery";


     

       
73

       
 

       
              readOnly = true;


     

       
74

       
-

       
              description = "Base directory used for logging, relative to /var/log/.";


     

       
75

       
-

       
              type = nonEmptyStr;


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
76

       
 

       
            };


     

       
77

       
 

       
            pidfile = lib.mkOption {


     

       
78

       
 

       
              default = "/run/osquery/osqueryd.pid";


     
···

       
96

       
 

       
      serviceConfig = {


     

       
97

       
 

       
        ExecStart = "${pkgs.osquery}/bin/osqueryd --flagfile ${flagfile}";


     

       
98

       
 

       
        PIDFile = cfg.flags.pidfile;


     

       
99

       
-

       
        LogsDirectory = cfg.flags.logger_path;


     

       
100

       
-

       
        StateDirectory = dirname cfg.flags.database_path;


     

       
101

       
 

       
        Restart = "always";


     

       
102

       
 

       
      };


     

       
103

       
 

       
      wantedBy = [ "multi-user.target" ];


     
···

       
63

       
 

       
          freeformType = attrsOf str;


     

       
64

       
 

       
          options = {


     

       
65

       
 

       
            database_path = lib.mkOption {


     

       
66

       
+

       
              default = "/var/lib/osquery/osquery.db";


     

       
67

       
 

       
              readOnly = true;


     

       
68

       
+

       
              description = ''


     

       
69

       
+

       
                Path used for the database file.


     

       
70

       
+

       



     

       
71

       
+

       
                ::: {.note}


     

       
72

       
+

       
                If left as the default value, this directory will be automatically created before the


     

       
73

       
+

       
                service starts, otherwise you are responsible for ensuring the directory exists with


     

       
74

       
+

       
                the appropriate ownership and permissions.


     

       
75

       
+

       
              '';


     

       
76

       
+

       
              type = path;


     

       
77

       
 

       
            };


     

       
78

       
 

       
            logger_path = lib.mkOption {


     

       
79

       
+

       
              default = "/var/log/osquery";


     

       
80

       
 

       
              readOnly = true;


     

       
81

       
+

       
              description = ''


     

       
82

       
+

       
                Base directory used for logging.


     

       
83

       
+

       



     

       
84

       
+

       
                ::: {.note}


     

       
85

       
+

       
                If left as the default value, this directory will be automatically created before the


     

       
86

       
+

       
                service starts, otherwise you are responsible for ensuring the directory exists with


     

       
87

       
+

       
                the appropriate ownership and permissions.


     

       
88

       
+

       
              '';


     

       
89

       
+

       
              type = path;


     

       
90

       
 

       
            };


     

       
91

       
 

       
            pidfile = lib.mkOption {


     

       
92

       
 

       
              default = "/run/osquery/osqueryd.pid";


     
···

       
110

       
 

       
      serviceConfig = {


     

       
111

       
 

       
        ExecStart = "${pkgs.osquery}/bin/osqueryd --flagfile ${flagfile}";


     

       
112

       
 

       
        PIDFile = cfg.flags.pidfile;


     

       
113

       
+

       
        LogsDirectory = lib.mkIf (cfg.flags.logger_path == "/var/log/osquery") [ "osquery" ];


     

       
114

       
+

       
        StateDirectory = lib.mkIf (cfg.flags.database_path == "/var/lib/osquery/osquery.db") [ "osquery" ];


     

       
115

       
 

       
        Restart = "always";


     

       
116

       
 

       
      };


     

       
117

       
 

       
      wantedBy = [ "multi-user.target" ];