2023-06-12 23:25:40 +02:00
|
|
|
# SPDX-FileCopyrightText: 2023 Richard Brežák <richard@brezak.sk>
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: LGPL-3.0-or-later
|
2024-03-02 22:05:30 +01:00
|
|
|
{
|
|
|
|
pkgs,
|
|
|
|
inputs',
|
|
|
|
...
|
|
|
|
}: let
|
2024-10-08 23:28:43 +02:00
|
|
|
configuration = inputs'.nixng.nglib.makeSystem {
|
|
|
|
system = pkgs.system;
|
|
|
|
name = "monitor";
|
|
|
|
nixpkgs = inputs'.nixpkgs-stable;
|
|
|
|
config = {pkgs, ...}: {
|
|
|
|
dumb-init.enable = true;
|
|
|
|
dumb-init.type.services = {};
|
|
|
|
|
|
|
|
init.services.network = {
|
|
|
|
enabled = true;
|
|
|
|
script = pkgs.writeShellScript "network-start" ''
|
|
|
|
ip addr add "172.20.69.5/31" dev "eth0"
|
|
|
|
ip link set "eth0" up
|
|
|
|
ip route add "172.20.69.4/31" dev "eth0"
|
|
|
|
ip route add default via "172.20.69.4"
|
|
|
|
|
|
|
|
cat > /etc/hosts <<EOF
|
|
|
|
127.0.0.1 localhost
|
|
|
|
::1 localhost
|
|
|
|
EOF
|
|
|
|
|
|
|
|
exec sleep infinity
|
|
|
|
'';
|
2024-03-02 22:05:30 +01:00
|
|
|
};
|
2023-06-12 23:25:40 +02:00
|
|
|
|
2024-10-08 23:28:43 +02:00
|
|
|
init.services.postgresql = {
|
|
|
|
dependencies = [
|
|
|
|
"network"
|
|
|
|
];
|
2024-03-02 22:05:30 +01:00
|
|
|
};
|
2024-10-08 23:28:43 +02:00
|
|
|
services.postgresql = {
|
|
|
|
package = pkgs.postgresql_16_jit.withPackages (ps: [
|
|
|
|
ps.timescaledb
|
|
|
|
]);
|
|
|
|
enable = true;
|
|
|
|
ensureDatabases = [
|
|
|
|
"test_db"
|
|
|
|
];
|
|
|
|
ensureUsers = [
|
|
|
|
{
|
|
|
|
name = "root";
|
|
|
|
ensurePermissions = {
|
|
|
|
"DATABASE \"test_db\"" = "ALL PRIVILEGES";
|
|
|
|
};
|
|
|
|
}
|
|
|
|
];
|
|
|
|
initialScript = pkgs.writeText "monitor-init-script.psql" ''
|
|
|
|
CREATE EXTENSION timescaledb;
|
|
|
|
|
|
|
|
\c test_db;
|
|
|
|
CREATE TYPE synapse_log_level AS ENUM ('DEBUG', 'INFO', 'WARN', 'ERROR');
|
|
|
|
CREATE TYPE http_method AS ENUM ('GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'TRACE', 'PATCH');
|
|
|
|
CREATE TABLE synapse_logs (
|
|
|
|
log TEXT NOT NULL,
|
|
|
|
namespace TEXT NOT NULL,
|
|
|
|
level synapse_log_level NOT NULL,
|
|
|
|
time TIMESTAMP NOT NULL,
|
|
|
|
request TEXT NOT NULL,
|
|
|
|
server_name TEXT NOT NULL,
|
|
|
|
|
|
|
|
ip_address inet,
|
|
|
|
site_tag TEXT,
|
|
|
|
requester TEXT,
|
|
|
|
authenticated_entity TEXT,
|
|
|
|
method http_method,
|
|
|
|
url TEXT,
|
|
|
|
protocol TEXT,
|
|
|
|
user_agent TEXT,
|
|
|
|
|
|
|
|
CONSTRAINT typing CHECK
|
|
|
|
(((ip_address, site_tag, requester, authenticated_entity, method, url, protocol, user_agent) IS NOT NULL) OR ((ip_address, site_tag, requester, authenticated_entity, method, url, protocol, user_agent) IS NULL))
|
|
|
|
);
|
|
|
|
'';
|
|
|
|
config = {
|
|
|
|
shared_preload_libraries = "timescaledb";
|
|
|
|
};
|
2023-06-12 23:25:40 +02:00
|
|
|
};
|
2024-03-02 22:05:30 +01:00
|
|
|
};
|
|
|
|
};
|
2024-10-08 23:28:43 +02:00
|
|
|
in {
|
|
|
|
ucontainers."monitor" = {
|
|
|
|
network = [
|
2024-03-02 22:05:30 +01:00
|
|
|
{
|
2024-10-08 23:28:43 +02:00
|
|
|
hostAddress = "172.20.69.4/31";
|
|
|
|
guestAddress = "172.20.69.5/31";
|
|
|
|
hostInterface = "monitor0";
|
|
|
|
guestInterface = "eth0";
|
2024-03-02 22:05:30 +01:00
|
|
|
}
|
|
|
|
];
|
2023-06-12 23:25:40 +02:00
|
|
|
settings = {
|
2024-10-08 23:28:43 +02:00
|
|
|
ephemeral = true;
|
|
|
|
bind = [
|
|
|
|
"/etc/resolv.conf"
|
2023-07-28 20:06:11 +02:00
|
|
|
];
|
2023-06-12 23:25:40 +02:00
|
|
|
};
|
2023-09-03 18:01:40 +02:00
|
|
|
|
2024-10-08 23:28:43 +02:00
|
|
|
path = configuration.config.system.build.toplevel;
|
2023-06-12 23:25:40 +02:00
|
|
|
};
|
|
|
|
}
|
2024-10-08 23:28:43 +02:00
|
|
|
# insert into synapse_logs (log, namespace, level, time, request, ip_address, site_tag, requester, authenticated_entity, method, url, protocol, user_agent, server_name)
|
|
|
|
# select (data ->> 'log') as log,
|
|
|
|
# (data ->> 'namespace') as namespace,
|
|
|
|
# (data ->> 'level')::synapse_log_level as level,
|
|
|
|
# to_timestamp((data ->> 'time')::float) as time,
|
|
|
|
# (data ->> 'request') as request,
|
|
|
|
# (data ->> 'ip_address')::inet as ip_address,
|
|
|
|
# (data ->> 'site_tag') as site_tag,
|
|
|
|
# (data ->> 'requester') as requester,
|
|
|
|
# (data ->> 'authenticated_entity') as authenticated_entity,
|
|
|
|
# (data ->> 'method')::http_method as method,
|
|
|
|
# (data ->> 'url') as url,
|
|
|
|
# (data ->> 'protocol') as protocol,
|
|
|
|
# (data ->> 'user_agent') as user_agent,
|
|
|
|
# (data ->> 'server_name') as server_name
|
|
|
|
# FROM jsonb_array_elements('[
|
|
|
|
# ]'::jsonb) AS item(data);
|
|
|
|
|