Moved prometheus and suricata config to separate files

2025-09-02 19:24:01 -07:00
parent 2973862f44
commit 6e3ff222ad
3 changed files with 195 additions and 186 deletions
--- a/config/logging/suricata.nix
+++ b/config/logging/suricata.nix
@@ -0,0 +1,34 @@
+{ lib, config, pkgs, inputs, ... }: {
+
+  environment.systemPackages = with pkgs; [
+    suricata
+  ];
+
+  systemd.services.suricata = {
+    description = "Suricata IDS/IPS";
+    wantedBy = ["multi-user.target"];
+    serviceConfig = {
+      type = "simple";
+      User = "logging";
+      ExecStartPre = "/run/current-system/sw/bin/ip link set enp6s19 up";
+      ExecStart = "${pkgs.suricata}/bin/suricata -c /etc/suricata.yaml -i enp6s19";
+      Restart = "on-failure";
+      CapabilityBoundingSet = "CAP_NET_RAW CAP_NET_ADMIN";
+      AmbientCapabilities = "CAP_NET_RAW CAP_NET_ADMIN";
+    };
+  };
+
+  environment.etc."suricata.yaml".source = ../assets/suricata.yaml;
+
+  environment.etc."suricata/classification.config".text = ''
+  '';
+
+  environment.etc."suricata/reference.config".text = ''
+  '';
+
+  environment.etc."suricata/threshold.config".text = ''
+  '';
+
+  environment.etc."suricata/rules/suricata.rules".text = ''
+  '';
+}