Skynet/nixos
7
1
Fork 0
Code Issues 45 Pull requests 2 Projects Releases Packages Wiki Activity Actions

fmt: formatted

Browse source
This commit is contained in:
silver 2025-09-05 22:45:32 +01:00
parent 1fa89834d0
commit a3b9d89b1a
Signed by: silver
GPG key ID: 36F93D61BAD3FD7D
1 changed files with 28 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

57
applications/itd/splunk/module.nix
View file

@ -49,24 +49,24 @@ in {
# need to set access controls # need to set access controls
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"a /var/log - - - - u:splunk:rx" "a /var/log - - - - u:splunk:rx"
"a /var/log/auth.log - - - - splunk:r" "a /var/log/auth.log - - - - u:splunk:r "
"a /var/log/messages - - - - u:splunk:r" "a /var/log/messages - - - - u:splunk:r "
"a /var/log/secure - - - - u:splunk:r" "a /var/log/secure - - - - u:splunk:r "
"a /var/log/audit - - - - u:splunk:rx" "a /var/log/audit - - - - u:splunk:rx"
"a /var/log/audit.log - - - - u:splunk:r" "a /var/log/audit.log - - - - u:splunk:r "
"a /var/log/audit/audit.log - - - - u:splunk:r" "a /var/log/audit/audit.log - - - - u:splunk:r "
"a /root - - - - u:splunk:rx" "a /root - - - - u:splunk:rx"
"a /root/.bash_history - - - - u:splunk:r" "a /root/.bash_history - - - - u:splunk:r "
"a /home/* - - - - u:splunk:rx" "a /home/* - - - - u:splunk:rx"
"a /home/*/.bash_history - - - - u:splunk:r" "a /home/*/.bash_history - - - - u:splunk:r "
]; ];
security.auditd = { security.auditd = {
enable = true; enable = true;
settings = { settings = {
log_group = cfg.user.group; log_group = cfg.user.group;
}; };
}; };
# set up the core files # set up the core files
@ -160,30 +160,29 @@ in {
path = with pkgs; [util-linux toybox]; path = with pkgs; [util-linux toybox];
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
Restart="always"; Restart = "always";
Environment = "SPLUNK_HOME=${cfg.user.home}"; Environment = "SPLUNK_HOME=${cfg.user.home}";
ExecStart = "${package}/bin/splunk _internal_launch_under_systemd"; ExecStart = "${package}/bin/splunk _internal_launch_under_systemd";
KillMode="mixed"; KillMode = "mixed";
KillSignal="SIGINT"; KillSignal = "SIGINT";
TimeoutStopSec=360; TimeoutStopSec = 360;
LimitNOFILE=65536; LimitNOFILE = 65536;
LimitRTPRIO=99; LimitRTPRIO = 99;
SuccessExitStatus="51 52"; SuccessExitStatus = "51 52";
RestartPreventExitStatus=51; RestartPreventExitStatus = 51;
RestartForceExitStatus=52; RestartForceExitStatus = 52;
User = cfg.user.user; User = cfg.user.user;
Group = cfg.user.group; Group = cfg.user.group;
NoNewPrivileges = "yes"; NoNewPrivileges = "yes";
AmbientCapabilities = "CAP_DAC_READ_SEARCH"; AmbientCapabilities = "CAP_DAC_READ_SEARCH";
# ExecStartPre=-/bin/bash -c "chown -R splunk:splunk /opt/splunkforwarder" # ExecStartPre=-/bin/bash -c "chown -R splunk:splunk /opt/splunkforwarder"
Delegate="true"; Delegate = "true";
# CPUShares=1024; # CPUShares=1024;
# MemoryLimit=3973632000; # MemoryLimit=3973632000;
PermissionsStartOnly="true"; PermissionsStartOnly = "true";
# ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/cpu/system.slice/%n" # ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/cpu/system.slice/%n"
# ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/memory/system.slice/%n" # ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/memory/system.slice/%n"
}; };
}; };
}; };