pyrox.dev
nixos/osquery: set default database_path and logger_path
+22
-8
nixos/modules/services/monitoring/osquery.nix
+22
-8
nixos/modules/services/monitoring/osquery.nix
···
63
63
freeformType = attrsOf str;
64
64
options = {
65
65
database_path = lib.mkOption {
66
-
default = "osquery/osquery.db";
66
+
default = "/var/lib/osquery/osquery.db";
67
67
readOnly = true;
68
-
description = "Path used for the database file, relative to /var/lib/.";
69
-
type = nonEmptyStr;
68
+
description = ''
69
+
Path used for the database file.
70
+
71
+
::: {.note}
72
+
If left as the default value, this directory will be automatically created before the
73
+
service starts, otherwise you are responsible for ensuring the directory exists with
74
+
the appropriate ownership and permissions.
75
+
'';
76
+
type = path;
70
77
};
71
78
logger_path = lib.mkOption {
72
-
default = "osquery";
79
+
default = "/var/log/osquery";
73
80
readOnly = true;
74
-
description = "Base directory used for logging, relative to /var/log/.";
75
-
type = nonEmptyStr;
81
+
description = ''
82
+
Base directory used for logging.
83
+
84
+
::: {.note}
85
+
If left as the default value, this directory will be automatically created before the
86
+
service starts, otherwise you are responsible for ensuring the directory exists with
87
+
the appropriate ownership and permissions.
88
+
'';
89
+
type = path;
76
90
};
77
91
pidfile = lib.mkOption {
78
92
default = "/run/osquery/osqueryd.pid";
···
96
110
serviceConfig = {
97
111
ExecStart = "${pkgs.osquery}/bin/osqueryd --flagfile ${flagfile}";
98
112
PIDFile = cfg.flags.pidfile;
99
-
LogsDirectory = cfg.flags.logger_path;
100
-
StateDirectory = dirname cfg.flags.database_path;
113
+
LogsDirectory = lib.mkIf (cfg.flags.logger_path == "/var/log/osquery") [ "osquery" ];
114
+
StateDirectory = lib.mkIf (cfg.flags.database_path == "/var/lib/osquery/osquery.db") [ "osquery" ];
101
115
Restart = "always";
102
116
};
103
117
wantedBy = [ "multi-user.target" ];