dotfiles/nixos/systems/blowhole/monitoring.nix

126 lines
4.2 KiB
Nix
Raw Normal View History

# SPDX-FileCopyrightText: 2023 Richard Brežák <richard@brezak.sk>
#
# SPDX-License-Identifier: LGPL-3.0-or-later
{
pkgs,
inputs',
...
}: let
configuration = inputs'.nixng.nglib.makeSystem {
system = pkgs.system;
name = "monitor";
nixpkgs = inputs'.nixpkgs-stable;
config = {pkgs, ...}: {
dumb-init.enable = true;
dumb-init.type.services = {};
init.services.network = {
enabled = true;
script = pkgs.writeShellScript "network-start" ''
ip addr add "172.20.69.5/31" dev "eth0"
ip link set "eth0" up
ip route add "172.20.69.4/31" dev "eth0"
ip route add default via "172.20.69.4"
cat > /etc/hosts <<EOF
127.0.0.1 localhost
::1 localhost
EOF
exec sleep infinity
'';
};
init.services.postgresql = {
dependencies = [
"network"
];
};
services.postgresql = {
package = pkgs.postgresql_16_jit.withPackages (ps: [
ps.timescaledb
]);
enable = true;
ensureDatabases = [
"test_db"
];
ensureUsers = [
{
name = "root";
ensurePermissions = {
"DATABASE \"test_db\"" = "ALL PRIVILEGES";
};
}
];
initialScript = pkgs.writeText "monitor-init-script.psql" ''
CREATE EXTENSION timescaledb;
\c test_db;
CREATE TYPE synapse_log_level AS ENUM ('DEBUG', 'INFO', 'WARN', 'ERROR');
CREATE TYPE http_method AS ENUM ('GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'TRACE', 'PATCH');
CREATE TABLE synapse_logs (
log TEXT NOT NULL,
namespace TEXT NOT NULL,
level synapse_log_level NOT NULL,
time TIMESTAMP NOT NULL,
request TEXT NOT NULL,
server_name TEXT NOT NULL,
ip_address inet,
site_tag TEXT,
requester TEXT,
authenticated_entity TEXT,
method http_method,
url TEXT,
protocol TEXT,
user_agent TEXT,
CONSTRAINT typing CHECK
(((ip_address, site_tag, requester, authenticated_entity, method, url, protocol, user_agent) IS NOT NULL) OR ((ip_address, site_tag, requester, authenticated_entity, method, url, protocol, user_agent) IS NULL))
);
'';
config = {
shared_preload_libraries = "timescaledb";
};
};
};
};
in {
ucontainers."monitor" = {
network = [
{
hostAddress = "172.20.69.4/31";
guestAddress = "172.20.69.5/31";
hostInterface = "monitor0";
guestInterface = "eth0";
}
];
settings = {
ephemeral = true;
bind = [
"/etc/resolv.conf"
];
};
path = configuration.config.system.build.toplevel;
};
}
# insert into synapse_logs (log, namespace, level, time, request, ip_address, site_tag, requester, authenticated_entity, method, url, protocol, user_agent, server_name)
# select (data ->> 'log') as log,
# (data ->> 'namespace') as namespace,
# (data ->> 'level')::synapse_log_level as level,
# to_timestamp((data ->> 'time')::float) as time,
# (data ->> 'request') as request,
# (data ->> 'ip_address')::inet as ip_address,
# (data ->> 'site_tag') as site_tag,
# (data ->> 'requester') as requester,
# (data ->> 'authenticated_entity') as authenticated_entity,
# (data ->> 'method')::http_method as method,
# (data ->> 'url') as url,
# (data ->> 'protocol') as protocol,
# (data ->> 'user_agent') as user_agent,
# (data ->> 'server_name') as server_name
# FROM jsonb_array_elements('[
# ]'::jsonb) AS item(data);