nixpkgs/nixos/modules/services/search/kibana.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

214 lines
6.1 KiB
Nix
Raw Normal View History

{ config, lib, options, pkgs, ... }:
2015-09-18 22:18:43 +00:00
with lib;
let
cfg = config.services.kibana;
opt = options.services.kibana;
2015-09-18 22:18:43 +00:00
ge7 = builtins.compareVersions cfg.package.version "7" >= 0;
lt6_6 = builtins.compareVersions cfg.package.version "6.6" < 0;
2018-08-03 10:24:38 +00:00
cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON (
(filterAttrsRecursive (n: v: v != null && v != []) ({
server.host = cfg.listenAddress;
server.port = cfg.port;
server.ssl.certificate = cfg.cert;
server.ssl.key = cfg.key;
kibana.index = cfg.index;
kibana.defaultAppId = cfg.defaultAppId;
elasticsearch.url = cfg.elasticsearch.url;
elasticsearch.hosts = cfg.elasticsearch.hosts;
elasticsearch.username = cfg.elasticsearch.username;
elasticsearch.password = cfg.elasticsearch.password;
elasticsearch.ssl.certificate = cfg.elasticsearch.cert;
elasticsearch.ssl.key = cfg.elasticsearch.key;
elasticsearch.ssl.certificateAuthorities = cfg.elasticsearch.certificateAuthorities;
} // cfg.extraConf)
)));
2015-09-18 22:18:43 +00:00
in {
options.services.kibana = {
enable = mkEnableOption (lib.mdDoc "kibana service");
2015-09-18 22:18:43 +00:00
listenAddress = mkOption {
description = lib.mdDoc "Kibana listening host";
2015-09-18 22:18:43 +00:00
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
description = lib.mdDoc "Kibana listening port";
2015-09-18 22:18:43 +00:00
default = 5601;
type = types.int;
};
cert = mkOption {
description = lib.mdDoc "Kibana ssl certificate.";
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.path;
};
key = mkOption {
description = lib.mdDoc "Kibana ssl key.";
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.path;
};
index = mkOption {
description = lib.mdDoc "Elasticsearch index to use for saving kibana config.";
2015-09-18 22:18:43 +00:00
default = ".kibana";
type = types.str;
};
defaultAppId = mkOption {
description = lib.mdDoc "Elasticsearch default application id.";
2015-09-18 22:18:43 +00:00
default = "discover";
type = types.str;
};
elasticsearch = {
url = mkOption {
description = lib.mdDoc ''
Elasticsearch url.
Defaults to `"http://localhost:9200"`.
Don't set this when using Kibana >= 7.0.0 because it will result in a
configuration error. Use {option}`services.kibana.elasticsearch.hosts`
instead.
'';
default = null;
type = types.nullOr types.str;
};
hosts = mkOption {
description = lib.mdDoc ''
The URLs of the Elasticsearch instances to use for all your queries.
All nodes listed here must be on the same cluster.
Defaults to `[ "http://localhost:9200" ]`.
This option is only valid when using kibana >= 6.6.
'';
default = null;
type = types.nullOr (types.listOf types.str);
2015-09-18 22:18:43 +00:00
};
username = mkOption {
description = lib.mdDoc "Username for elasticsearch basic auth.";
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.str;
};
password = mkOption {
description = lib.mdDoc "Password for elasticsearch basic auth.";
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.str;
};
ca = mkOption {
description = lib.mdDoc ''
CA file to auth against elasticsearch.
It's recommended to use the {option}`certificateAuthorities` option
when using kibana-5.4 or newer.
'';
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.path;
};
certificateAuthorities = mkOption {
description = lib.mdDoc ''
CA files to auth against elasticsearch.
Please use the {option}`ca` option when using kibana \< 5.4
because those old versions don't support setting multiple CA's.
This defaults to the singleton list [ca] when the {option}`ca` option is defined.
'';
default = if cfg.elasticsearch.ca == null then [] else [ca];
defaultText = literalExpression ''
if config.${opt.elasticsearch.ca} == null then [ ] else [ ca ]
'';
type = types.listOf types.path;
};
2015-09-18 22:18:43 +00:00
cert = mkOption {
description = lib.mdDoc "Certificate file to auth against elasticsearch.";
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.path;
};
key = mkOption {
description = lib.mdDoc "Key file to auth against elasticsearch.";
2015-09-18 22:18:43 +00:00
default = null;
type = types.nullOr types.path;
};
};
package = mkOption {
description = lib.mdDoc "Kibana package to use";
2015-09-18 22:18:43 +00:00
default = pkgs.kibana;
defaultText = literalExpression "pkgs.kibana";
2015-09-18 22:18:43 +00:00
type = types.package;
};
dataDir = mkOption {
description = lib.mdDoc "Kibana data directory";
2015-09-18 22:18:43 +00:00
default = "/var/lib/kibana";
type = types.path;
};
extraConf = mkOption {
description = lib.mdDoc "Kibana extra configuration";
2015-09-18 22:18:43 +00:00
default = {};
type = types.attrs;
};
};
config = mkIf (cfg.enable) {
assertions = [
{
assertion = ge7 -> cfg.elasticsearch.url == null;
message =
"The option services.kibana.elasticsearch.url has been removed when using kibana >= 7.0.0. " +
"Please use option services.kibana.elasticsearch.hosts instead.";
}
{
assertion = lt6_6 -> cfg.elasticsearch.hosts == null;
message =
"The option services.kibana.elasticsearch.hosts is only valid for kibana >= 6.6.";
}
];
2015-09-18 22:18:43 +00:00
systemd.services.kibana = {
description = "Kibana Service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "elasticsearch.service" ];
2016-02-13 14:01:45 +00:00
environment = { BABEL_CACHE_PATH = "${cfg.dataDir}/.babelcache.json"; };
2015-09-18 22:18:43 +00:00
serviceConfig = {
2018-11-29 16:10:15 +00:00
ExecStart =
"${cfg.package}/bin/kibana" +
" --config ${cfgFile}" +
" --path.data ${cfg.dataDir}";
2015-09-18 22:18:43 +00:00
User = "kibana";
WorkingDirectory = cfg.dataDir;
};
};
environment.systemPackages = [ cfg.package ];
users.users.kibana = {
isSystemUser = true;
2015-09-18 22:18:43 +00:00
description = "Kibana service user";
home = cfg.dataDir;
createHome = true;
group = "kibana";
2015-09-18 22:18:43 +00:00
};
users.groups.kibana = {};
2015-09-18 22:18:43 +00:00
};
}