Compare commits

...

2 Commits

Author SHA1 Message Date
Noah Masur
9fb7f68b07
split caddy logging by host and error
also add debug, admin, and other log
2024-08-18 15:42:30 +00:00
Noah Masur
845fc000b6
Revert "flake.lock: Update"
This reverts commit 0b0556f057.
2024-08-18 15:15:05 +00:00
2 changed files with 160 additions and 69 deletions

View File

@ -87,11 +87,11 @@
]
},
"locked": {
"lastModified": 1723859949,
"narHash": "sha256-kiaGz4deGYKMjJPOji/JVvSP/eTefrIA3rAjOnOpXl4=",
"lastModified": 1722924007,
"narHash": "sha256-+CQDamNwqO33REJLft8c26NbUi2Td083hq6SvAm2xkU=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "076b9a905af8a52b866c8db068d6da475839d97b",
"rev": "91010a5613ffd7ee23ee9263213157a1c422b705",
"type": "github"
},
"original": {
@ -108,11 +108,11 @@
]
},
"locked": {
"lastModified": 1723685519,
"narHash": "sha256-GkXQIoZmW2zCPp1YFtAYGg/xHNyFH/Mgm79lcs81rq0=",
"lastModified": 1723080788,
"narHash": "sha256-C5LbM5VMdcolt9zHeLQ0bYMRjUL+N+AL5pK7/tVTdes=",
"owner": "nix-community",
"repo": "disko",
"rev": "276a0d055a720691912c6a34abb724e395c8e38a",
"rev": "ffc1f95f6c28e1c6d1e587b51a2147027a3e45ed",
"type": "github"
},
"original": {
@ -145,11 +145,11 @@
]
},
"locked": {
"lastModified": 1723942423,
"narHash": "sha256-uxstga6zuQJUWKliCb8Ji9v0AZV1vZdnOoaX8Djwv5w=",
"lastModified": 1723337675,
"narHash": "sha256-JKEthOttE4K+qLicLEFBqHcy/LHPLEAJtcVNjzWG5aY=",
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"rev": "4a17fec79e6c600f3c2e57984197cb7834a616b0",
"rev": "6ffec5acd449b5f2ab4b22c271ad1670a790a1e1",
"type": "github"
},
"original": {
@ -267,11 +267,11 @@
]
},
"locked": {
"lastModified": 1723399884,
"narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=",
"lastModified": 1723015306,
"narHash": "sha256-jQnFEtH20/OsDPpx71ntZzGdRlpXhUENSQCGTjn//NA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "086f619dd991a4d355c07837448244029fc2d9ab",
"rev": "b3d5ea65d88d67d4ec578ed11d4d2d51e3de525e",
"type": "github"
},
"original": {
@ -307,11 +307,11 @@
"markview-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1723885833,
"narHash": "sha256-Z7iy0LW9WjH4U9dhX3zCyCTnsZZMlMCHJnn8xku6osU=",
"lastModified": 1723341339,
"narHash": "sha256-/82M85uv63L/rCMTU/w1LRJgg1F5CYl7881Vq9UPDKo=",
"owner": "OXY2DEV",
"repo": "markview.nvim",
"rev": "738ddc0390449c0652f34b99a6cbe0699b2fcf58",
"rev": "c9fa1065098663c3bfe7e07656937c3d2f3dabea",
"type": "github"
},
"original": {
@ -362,7 +362,7 @@
"nextcloud-snappymail": {
"flake": false,
"locked": {
"lastModified": 1723952471,
"lastModified": 1723347706,
"narHash": "sha256-HlqO7xlMSRGgBtwi0t5oz5v7iw0zTSHysc9wGVRwGZI=",
"type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.36.4-nextcloud.tar.gz"
@ -395,11 +395,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1723337705,
"narHash": "sha256-znSU0DeNDPt7+LMAfFkvKloMaeQ6yl/U5SqV/ktl1vA=",
"lastModified": 1722732880,
"narHash": "sha256-do2Mfm3T6SR7a5A804RhjQ+JTsF5hk4JTPGjCTRM/m8=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "ace7856d327b618d3777e31b1f224b3ab57ed71a",
"rev": "8bebd4c74f368aacb047f0141db09ec6b339733c",
"type": "github"
},
"original": {
@ -416,11 +416,11 @@
]
},
"locked": {
"lastModified": 1723870831,
"narHash": "sha256-rXQKvogLHY3BxRVVt5unpbi0zpRf965f57gplWSzQ5k=",
"lastModified": 1723078345,
"narHash": "sha256-HSxOQEKNZXiJe9aWnckTTCThOhcRCabwHa32IduDKLk=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "32e9d82bada67fc5155e8d4d99b6fc3a1765bfdc",
"rev": "d6c5d29f58acc10ea82afff1de2b28f038f572bd",
"type": "github"
},
"original": {
@ -431,11 +431,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1723637854,
"narHash": "sha256-med8+5DSWa2UnOqtdICndjDAEjxr5D7zaIiK4pn0Q7c=",
"lastModified": 1723175592,
"narHash": "sha256-M0xJ3FbDUc4fRZ84dPGx5VvgFsOzds77KiBMW/mMTnI=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c3aa7b8938b17aebd2deecf7be0636000d62a2b9",
"rev": "5e0ca22929f3342b19569b21b2f3462f053e497b",
"type": "github"
},
"original": {
@ -463,11 +463,11 @@
},
"nur": {
"locked": {
"lastModified": 1723949656,
"narHash": "sha256-4C7TBGD97Vj6gDbw3n+uw7sxGUD1PkJgMsn/UYyaNRs=",
"lastModified": 1723345421,
"narHash": "sha256-KJ/+Q43cumayNUUvz6VCImL6PcRYnLuupDnXg9mA+xo=",
"owner": "nix-community",
"repo": "nur",
"rev": "eefd7f643ffeb25543019d48952e66ddae3da583",
"rev": "638e850bd503b43214c8e39a838c625f011d9b10",
"type": "github"
},
"original": {
@ -479,11 +479,11 @@
"nvim-lint-src": {
"flake": false,
"locked": {
"lastModified": 1723839733,
"narHash": "sha256-V35ivsZnL9M5ge7E+7fqcLjjM3xsDGCLmxTmQ8iZNiA=",
"lastModified": 1723296187,
"narHash": "sha256-PoCx65jQGEoKFyedNs1IoQFcsw7jd3kEbRyZE8mkSzA=",
"owner": "mfussenegger",
"repo": "nvim-lint",
"rev": "debabca63c0905b59ce596a55a8e33eafdf66342",
"rev": "ad0fe35e80f5cd31a0f19176d7b30e5c3011119d",
"type": "github"
},
"original": {
@ -528,11 +528,11 @@
"nvim-treesitter-src": {
"flake": false,
"locked": {
"lastModified": 1723928672,
"narHash": "sha256-VqAaWEkLmIXZnFyY1PsfFRrVH2gen9ONkUEKIlJCpik=",
"lastModified": 1723278970,
"narHash": "sha256-KF/5Ng0mzrZv/ghyAeEJWuyP0SwA5JKNJCg8Ozoob8g=",
"owner": "nvim-treesitter",
"repo": "nvim-treesitter",
"rev": "6d74da7f0a29c35ee7636e157e72dd221e8d6197",
"rev": "8a966f32c973511f9697264b3533e9846d29fd09",
"type": "github"
},
"original": {
@ -734,11 +734,11 @@
"tiny-inline-diagnostic-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1723808284,
"narHash": "sha256-RFX4iPDDG7s+jN8uLqv4oHhddsqVBYP+oyFycaBKIsg=",
"lastModified": 1723294442,
"narHash": "sha256-Y2Suu8ISSKRvgVTEYo9Fl8+Z4d6ZjhtFGXjt0x2iw30=",
"owner": "rachartier",
"repo": "tiny-inline-diagnostic.nvim",
"rev": "957e1a4710f2cbad66b747c579ab8b450bda9dd6",
"rev": "7b212b214aed37d8ae1a26ac6ca9593223a23ddb",
"type": "github"
},
"original": {
@ -833,11 +833,11 @@
"tree-sitter-python": {
"flake": false,
"locked": {
"lastModified": 1723942537,
"narHash": "sha256-x9PTCiwa5hVLLqc3wFfI68KCyOlx6XtcTCJynZ0fDSk=",
"lastModified": 1721001135,
"narHash": "sha256-H6t98tuXJW2VD5Ay+rOfnp9p5ZljyPxvtIy60PycMUQ=",
"owner": "tree-sitter",
"repo": "tree-sitter-python",
"rev": "55a9b8a4fbfbaf0d10cdd47dd4a9d02606c4c218",
"rev": "0dee05ef958ba2eae88d1e65f24b33cad70d4367",
"type": "github"
},
"original": {

View File

@ -58,38 +58,129 @@
}
];
services.caddy = {
adapter = "''"; # Required to enable JSON
configFile = pkgs.writeText "Caddyfile" (
builtins.toJSON {
apps.http.servers.main = {
listen = [ ":443" ];
services.caddy =
let
default_logger_name = "other";
roll_size_mb = 10;
# Extract list of hostnames (fqdns) from current caddy routes
getHostnameFromMatch = match: if (lib.hasAttr "host" match) then match.host else [ ];
getHostnameFromRoute =
route:
if (lib.hasAttr "match" route) then (lib.concatMap getHostnameFromMatch route.match) else [ ];
hostnames_non_unique = lib.concatMap getHostnameFromRoute config.caddy.routes;
hostnames = lib.unique hostnames_non_unique;
# Create attrset of subdomains to their fqdns
hostname_map = builtins.listToAttrs (
map (hostname: {
name = builtins.head (lib.splitString "." hostname);
value = hostname;
}) hostnames
);
in
{
adapter = "''"; # Required to enable JSON
configFile = pkgs.writeText "Caddyfile" (
builtins.toJSON {
apps.http.servers.main = {
listen = [ ":443" ];
# These routes are pulled from the rest of this repo
routes = config.caddy.routes;
errors.routes = config.caddy.blocks;
# These routes are pulled from the rest of this repo
routes = config.caddy.routes;
errors.routes = config.caddy.blocks;
logs = { }; # Uncommenting collects access logs
};
apps.http.servers.metrics = { }; # Enables Prometheus metrics
apps.tls.automation.policies = config.caddy.tlsPolicies;
# Setup logging to file
logging.logs.main = {
encoder = {
format = "console";
# Uncommenting collects access logs
logs = {
inherit default_logger_name;
# Invert hostnames keys and values
logger_names = lib.mapAttrs' (name: value: {
name = value;
value = name;
}) hostname_map;
};
};
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/caddy.log";
roll = true;
roll_size_mb = 1;
};
level = "INFO";
};
}
);
};
apps.http.servers.metrics = { }; # Enables Prometheus metrics
apps.tls.automation.policies = config.caddy.tlsPolicies;
# Setup logging to journal and files
logging.logs =
{
# System logs and catch-all
# Must be called `default` to override Caddy's built-in default logger
default = {
level = "INFO";
encoder.format = "console";
writer = {
output = "stderr";
};
exclude = map (hostname: "http.log.access.${hostname}") (builtins.attrNames hostname_map);
};
# This is for the default access logs (anything not captured by hostname)
other = {
level = "INFO";
encoder.format = "json";
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/other.log";
roll = true;
inherit roll_size_mb;
};
include = [ "http.log.access.${default_logger_name}" ];
};
# This is for using the Caddy API, which will probably never happen
admin = {
level = "INFO";
encoder.format = "json";
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/admin.log";
roll = true;
inherit roll_size_mb;
};
include = [ "admin.api" ];
};
# This is for debugging
debug = {
level = "DEBUG";
encoder.format = "console";
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/debug.log";
roll = true;
roll_keep = 1;
inherit roll_size_mb;
};
};
}
# These are the access logs for individual hostnames
// (lib.mapAttrs (name: value: {
level = "INFO";
encoder.format = "json";
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/${name}-access.log";
roll = true;
inherit roll_size_mb;
};
include = [ "http.log.access.${name}" ];
}) hostname_map)
# We also capture just the errors separately for easy debugging
// (lib.mapAttrs' (name: value: {
name = "${name}-error";
value = {
level = "ERROR";
encoder.format = "json";
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/${name}-error.log";
roll = true;
inherit roll_size_mb;
};
include = [ "http.log.access.${name}" ];
};
}) hostname_map);
}
);
};
systemd.services.caddy.serviceConfig = {