commit d784db18f2df77b415912a4eb4dc003ba3dafbf2 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

nixos/osquery: set default database_path and logger_path

bstanderline 11 months ago d784db18 29b42bd7

+22 -8

1 changed file

expand all

unified split

nixos

modules

services

monitoring

osquery.nix

+22 -8

nixos/modules/services/monitoring/osquery.nix

··· 63 freeformType = attrsOf str; 64 options = { 65 database_path = lib.mkOption { 66 - default = "osquery/osquery.db"; 67 readOnly = true; 68 - description = "Path used for the database file, relative to /var/lib/."; 69 - type = nonEmptyStr; 70 }; 71 logger_path = lib.mkOption { 72 - default = "osquery"; 73 readOnly = true; 74 - description = "Base directory used for logging, relative to /var/log/."; 75 - type = nonEmptyStr; 76 }; 77 pidfile = lib.mkOption { 78 default = "/run/osquery/osqueryd.pid"; ··· 96 serviceConfig = { 97 ExecStart = "${pkgs.osquery}/bin/osqueryd --flagfile ${flagfile}"; 98 PIDFile = cfg.flags.pidfile; 99 - LogsDirectory = cfg.flags.logger_path; 100 - StateDirectory = dirname cfg.flags.database_path; 101 Restart = "always"; 102 }; 103 wantedBy = [ "multi-user.target" ];

··· 63 freeformType = attrsOf str; 64 options = { 65 database_path = lib.mkOption { 66 + default = "/var/lib/osquery/osquery.db"; 67 readOnly = true; 68 + description = '' 69 + Path used for the database file. 70 + 71 + ::: {.note} 72 + If left as the default value, this directory will be automatically created before the 73 + service starts, otherwise you are responsible for ensuring the directory exists with 74 + the appropriate ownership and permissions. 75 + ''; 76 + type = path; 77 }; 78 logger_path = lib.mkOption { 79 + default = "/var/log/osquery"; 80 readOnly = true; 81 + description = '' 82 + Base directory used for logging. 83 + 84 + ::: {.note} 85 + If left as the default value, this directory will be automatically created before the 86 + service starts, otherwise you are responsible for ensuring the directory exists with 87 + the appropriate ownership and permissions. 88 + ''; 89 + type = path; 90 }; 91 pidfile = lib.mkOption { 92 default = "/run/osquery/osqueryd.pid"; ··· 110 serviceConfig = { 111 ExecStart = "${pkgs.osquery}/bin/osqueryd --flagfile ${flagfile}"; 112 PIDFile = cfg.flags.pidfile; 113 + LogsDirectory = lib.mkIf (cfg.flags.logger_path == "/var/log/osquery") [ "osquery" ]; 114 + StateDirectory = lib.mkIf (cfg.flags.database_path == "/var/lib/osquery/osquery.db") [ "osquery" ]; 115 Restart = "always"; 116 }; 117 wantedBy = [ "multi-user.target" ];