zivildienst/infrastructure/modules/compute/nix/elasticsearch.nix

30 lines
1.0 KiB
Nix

{ pkgs, ... }:
{
nixpkgs.config.allowUnfree = true;
services.elasticsearch.enable = true;
services.elasticsearch.package = pkgs.elasticsearch7;
services.elasticsearch.dataDir = "/mnt/data/elasticsearch";
services.elasticsearch.listenAddress = "10.0.1.51";
services.elasticsearch.extraConf = ''
discovery.type: single-node
xpack.security.enabled: true
'';
services.kibana.enable = true;
services.kibana.package = pkgs.kibana7;
services.kibana.dataDir = "/mnt/data/kibana";
services.kibana.listenAddress = "10.0.1.51";
services.kibana.elasticsearch.hosts = [ "http://10.0.1.51:9200" ];
services.kibana.elasticsearch.username = "kibana";
services.kibana.elasticsearch.password = (builtins.readFile /opt/cloud-init-misc-data/environment);
system.activationScripts = {
mnt = {
text = "mkdir -p /mnt/data/{elasticsearch,kibana} && chown -R elasticsearch:elasticsearch /mnt/data/elasticsearch && chown -R kibana:root /mnt/data/kibana";
deps = [];
};
};
networking.firewall.allowedTCPPorts = [ 9200 9300 5601 ];
}