nix-git/modules/journalwatch.nix

543 lines
27 KiB
Nix
Raw Normal View History

{ config, pkgs, ... }:
{
2023-09-18 16:22:12 +02:00
# Systemd Journal Monitoring.
# Alternative:
# journal-biref
# https://github.com/twaugh/journal-brief
# https://opensource.com/article/20/7/systemd-journals-email
# Write to Systemd Journal:
# echo 'hello' | systemd-cat -p emerg
# echo 'hello' | systemd-cat -t someapp -p emerg
# View Systemd Journal.
2023-09-27 17:05:01 +02:00
# Output similar to dmesg
# journalctl -b -k
# Filter by app:
# journalctl -b -t someapp
# Filter by priority:
# journalctl -b -p 5
# Manually execute journalwatch timer:
# sudo systemctl start journalwatch.service
2023-10-11 19:12:57 +02:00
# View generated journalwatch config:
# cat "$(systemctl show -P FragmentPath journalwatch.service)" | grep XDG_CONFIG_HOME
# #=> /nix/store/vzfvp7kizycs6lnks6icmlw3h1x6p7la-journalwatch-config
# cat /nix/store/vzfvp7kizycs6lnks6icmlw3h1x6p7la-journalwatch-config/journalwatch/config
# cat /nix/store/vzfvp7kizycs6lnks6icmlw3h1x6p7la-journalwatch-config/journalwatch/patterns
# Find a message and view its details
# journalctl -b -p5 -o json-pretty
2023-10-11 19:12:57 +02:00
# Then press "/", enter a pattern and press "Enter".
assertions = [{
assertion = config.services.opensmtpd.enable;
message = "journalwatch requires a configured sendmail MTA, see sendmail-mta.nix.";
}];
services.journalwatch = {
enable = true;
# TODO: Same as configured by sendmail MTA.
mailFrom = "langbein@mail.de";
mailTo = "daniel+journalwatch@systemli.org";
#interval = "hourly";
2023-09-27 16:44:56 +02:00
# Lowest priority of message to be considered. A value between 7 (“debug”), and 0 (“emerg”). Defaults to 6 (“info”). If you don't care about anything with “info” priority, you can reduce this to e.g. 5 (“notice”) to considerably reduce the amount of messages without needing many filterBlocks.
priority = 5;
# Default patterns: https://github.com/The-Compiler/journalwatch/blob/363725ac4b8aa841d87654fa8a63403a59ad1275/journalwatch.py#L71
2023-09-29 17:25:03 +02:00
# If the value of `match` starts and ends with a forward-slash, it is interpreted as a regular expression, if not, it's an exact match.
# `filters` are always regular expressions.
# All regular expressions have to match the full string!
2023-09-30 23:20:39 +02:00
#
2023-10-11 19:12:57 +02:00
# TODO: To insert `\` in the generated configuration, we have to use "\\" in double-quoted strings.
2023-09-30 23:20:39 +02:00
# TODO: A ''\s'' in the multiline string `filter` is inserted as `\s` in the generated config file.
#
filterBlocks = [
2023-09-20 15:39:26 +02:00
2023-09-29 13:10:26 +02:00
#
# _TRANSPORT
#
{ # yodaNas
filters = ''
2023-11-03 16:11:40 +01:00
booting system configuration /nix/store/\S+
2023-09-29 13:10:26 +02:00
'';
match = "_TRANSPORT = kernel";
}
2023-09-27 16:44:56 +02:00
#
# _EXE
#
{ # yodaNas
filters = ''
# Ignore any invocation of sudo.
.*
'';
2023-10-11 19:12:57 +02:00
match = "_EXE = //nix/store/[a-z0-9]+-sudo-[0-9]+\\.[0-9]+\\.[0-9]+[a-z0-9]+/bin/sudo/";
2023-09-27 16:44:56 +02:00
}
2023-09-23 19:16:38 +02:00
#
# _SYSTEMD_CGROUP
#
{ # yodaYoga
filters = ''
2023-09-27 16:44:56 +02:00
parent not found! continent_id [0-9]+
2023-09-23 19:16:38 +02:00
'';
match = "_SYSTEMD_CGROUP = /system.slice/docker.service";
}
2023-09-29 17:25:03 +02:00
#
# CONTAINER_NAME
#
{ # yodaNas
filters = ''
.*
'';
2023-10-11 20:47:12 +02:00
match = "CONTAINER_NAME = /(jc-config-btp-proxy-1|nc_web_[^-_\\s]+|nginx_arch\\.p1st\\.de|recipe\\.privacy1st\\.de_nginx)/";
2023-09-29 17:25:03 +02:00
}
{ # yodaNas
# TODO: Open issue on GitHub https://github.com/nginx-proxy/nginx-proxy/issues/1256. Maybe set env variable RESOLVERS=1.1.1.1?
filters = ''
2023-10-03 18:40:41 +02:00
\S+ \S+ \[warn\] [0-9]+#[0-9]+: no resolver defined to resolve r3\.o\.lencr\.org while requesting certificate status, responder: r3\.o\.lencr\.org, certificate: "/etc/nginx/certs/\S+\.crt"
\S+ \S+ \[error\] [0-9]+#[0-9]+: OCSP responder sent invalid "Content-Type" header: "text/html" while requesting certificate status, responder: r3\.o\.lencr\.org, peer: \S+, certificate: "/etc/nginx/certs/\S+\.crt"
2023-11-11 12:04:28 +01:00
\S+ \S+ \[error\] [0-9]+#[0-9]+: recv\(\) failed \(111: Connection refused\) while requesting certificate status, responder: r3\.o\.lencr\.org, peer: \S+, certificate: "/etc/nginx/certs/\S+\.crt"
2023-11-14 11:13:23 +01:00
\S+ \S+ \[error\] [0-9]+#[0-9]+: recv\(\) failed \(104: Connection reset by peer\) while requesting certificate status, responder: r3\.o\.lencr\.org, peer: \S+, certificate: "/etc/nginx/certs/\S+\.crt"
2023-11-11 12:04:28 +01:00
\S+ \S+ \[error\] [0-9]+#[0-9]+: OCSP responder prematurely closed connection while requesting certificate status, responder: r3\.o\.lencr\.org, peer: \S+, certificate: "/etc/nginx/certs/\S+\.crt"
2023-11-08 19:34:23 +01:00
#
\S+ \S+ \[error\] [0-9]+#[0-9]+: \*[0-9]+ upstream timed out \(110: Operation timed out\) while reading upstream, client: \S+, server: \S+, request: "[^"]+", upstream: "[^"]+", host: "[^"]+"
2023-10-04 11:30:21 +02:00
\S+ \S+ \[error\] [0-9]+#[0-9]+: \*[0-9]+ connect\(\) failed \(111: Connection refused\) while connecting to upstream, client: \S+, server: \S+, request: "[^"]+", upstream: "[^"]+", host: "[^"]+"
2023-09-29 17:25:03 +02:00
'';
match = "CONTAINER_NAME = nginx-proxy";
}
2023-09-24 22:07:58 +02:00
#
# IMAGE_NAME
#
2023-09-30 15:58:06 +02:00
{ # yodaNas, yodaYoga
2023-09-24 22:07:58 +02:00
filters = ''
2023-09-29 17:25:03 +02:00
.*
2023-09-24 22:07:58 +02:00
'';
2023-10-12 22:46:41 +02:00
match = "IMAGE_NAME = /(p1st/docker-gen:.+|nginxproxy/acme-companion|biketripplanner/digitransit-ui:.+|thetorproject/snowflake-proxy:.+|collabora/code|wordpress|danielszabo99/microbin|p1st/mastodon-toot-follower:.+|browserless/chrome|vabene1111/recipes)/";
2023-09-30 14:25:11 +02:00
}
2023-09-30 15:58:06 +02:00
{ # yodaNas
2023-09-30 14:25:11 +02:00
filters = ''
2023-10-03 16:10:21 +02:00
\S+ \S+ \[error\] [0-9]+#[0-9]+: \S+ open\(\) "/usr/share/nginx/html/robots\.txt" failed \(2: No such file or directory\), client: \S+, server: localhost, request: "GET /robots\.txt HTTP/[^"]+", host: "[^"]+"
#
2023-10-08 16:31:33 +02:00
\S+ \S+ \[notice\] [0-9]+#[0-9]+: signal 3 \(SIGQUIT\) received, shutting down
\S+ \S+ \[notice\] [0-9]+#[0-9]+: gracefully shutting down
\S+ \S+ \[notice\] [0-9]+#[0-9]+: exiting
\S+ \S+ \[notice\] [0-9]+#[0-9]+: exit
\S+ \S+ \[notice\] [0-9]+#[0-9]+: signal 17 \(SIGCHLD\) received from [0-9]+
\S+ \S+ \[notice\] [0-9]+#[0-9]+: worker process [0-9]+ exited with code 0
2023-10-03 16:10:21 +02:00
#
2023-10-16 14:37:59 +02:00
\S+ \S+ \[notice\] [0-9]+#[0-9]+: signal 29 \(SIGIO\) received
#
2023-10-08 16:31:33 +02:00
\S+ \S+ \[notice\] [0-9]+#[0-9]+: signal 1 \(SIGHUP\) received, reconfiguring
\S+ \S+ \[notice\] [0-9]+#[0-9]+: reconfiguring
\S+ \S+ \[notice\] [0-9]+#[0-9]+: using the "epoll" event method
\S+ \S+ \[notice\] [0-9]+#[0-9]+: nginx/\S+
2023-10-09 13:12:36 +02:00
\S+ \S+ \[notice\] [0-9]+#[0-9]+: built by gcc \S+ \S+ \(Alpine \S+\)
2023-10-08 16:31:33 +02:00
\S+ \S+ \[notice\] [0-9]+#[0-9]+: OS: Linux \S+
\S+ \S+ \[notice\] [0-9]+#[0-9]+: getrlimit\(RLIMIT_NOFILE\): [0-9]+:[0-9]+
\S+ \S+ \[notice\] [0-9]+#[0-9]+: start worker processes
\S+ \S+ \[notice\] [0-9]+#[0-9]+: start worker process [0-9]+
2023-09-30 14:25:11 +02:00
'';
2023-10-11 19:12:57 +02:00
match = "IMAGE_NAME = /nginx:\\S+/";
2023-09-24 22:07:58 +02:00
}
2023-09-29 13:10:26 +02:00
{ # yodaNas
2023-10-11 19:12:57 +02:00
# TODO: logged IP is not the public one, but always 172.24.0.6.
2023-09-29 13:10:26 +02:00
filters = ''
Could not yet connect with DB\. Retrying in 10s \.\.\.
2023-10-03 16:10:21 +02:00
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
\[\S+ \S+\] NOTICE: ready to handle connections
2023-09-29 17:25:03 +02:00
[0-9] \[[>-]+\] [0-9] \[[>-]+\]
2023-10-03 16:10:21 +02:00
[0-9] \[[>-]+\]
\[\S+ \S+\] NOTICE: fpm is running, pid [0-9]+
2023-10-04 11:30:21 +02:00
\[\S+ \S+\] NOTICE: Finishing \.\.\.
\[\S+ \S+\] NOTICE: exiting, bye-bye!
2023-10-05 13:20:30 +02:00
# Ignore: At least one idle child was left.
\[\S+ \S+\] WARNING: \[pool www\] seems busy \(you may need to increase pm\.start_servers, or pm\.min/max_spare_servers\), spawning [0-9]+ children, there are [1-9][0-9]* idle, and [0-9]+ total children
2023-10-12 22:46:41 +02:00
\[\S+ \S+\] WARNING: \[pool www\] seems busy \(you may need to increase pm\.start_servers, or pm\.min/max_spare_servers\), spawning [1-9][0-9]* children, there are 0 idle, and [0-9]+ total children
2023-10-03 16:10:21 +02:00
#
2023-09-29 13:10:26 +02:00
# 1.1.1.1 - 28/Sep/2023:21:03:39 +0000 "GET /status.php" 200
# 1.1.1.1 - 28/Sep/2023:21:12:16 +0000 "GET /index.php" 200
# 1.1.1.1 - my-username 28/Sep/2023:21:20:16 +0000 "DELETE /index.php" 200
# 1.1.1.1 - my-username 28/Sep/2023:21:10:18 +0000 "PROPFIND /remote\.php" 207
# 1.1.1.1 - my-username 28/Sep/2023:21:11:48 +0000 "GET /ocs/v2.php" 304
# 1.1.1.1 - 28/Sep/2023:21:13:10 +0000 "GET /ocs/v2.php" 304
2023-11-22 14:41:04 +01:00
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ - \S* \S+ \+0000 "(DELETE|GET|HEAD|OPTIONS|PATCH|POST|PROPFIND|PUT) /(index|status)\.php" (200|201|204|302|303|304|401|403|404|405|409|412|422|423|500)
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ - \S* \S+ \+0000 "(DELETE|GET|HEAD|MKCOL|MOVE|OPTIONS|POST|PROPFIND|PUT|REPORT|SEARCH) /remote\.php" (200|201|204|206|207|400|401|404|405|412|423|500|501)
2023-10-28 16:09:25 +02:00
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ - \S* \S+ \+0000 "(DELETE|GET|POST|PUT) /ocs/(v1|v2)\.php" (200|201|202|204|304|401|403|404|412|500)
2023-10-03 18:34:29 +02:00
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ - \S* \S+ \+0000 "GET /(ocm|ocs)-provider/index\.php" 200
2023-10-24 11:11:35 +02:00
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ - \S* \S+ \+0000 "(GET|PROPFIND) /public\.php" (200|201|207|401|404)
2023-09-29 13:10:26 +02:00
'';
match = "IMAGE_NAME = p1st/nextcloud:stable-fpm-alpine";
}
2023-10-03 15:32:39 +02:00
{ # yodaNas
filters = ''
2023-10-03 19:18:28 +02:00
\S+ \S+ 0 \[Note\] Starting MariaDB \S+ source revision \S+ as process 1
\S+ \S+ 0 \[Note\] InnoDB: Compressed tables use zlib \S+
\S+ \S+ 0 \[Note\] InnoDB: Number of transaction pools: 1
\S+ \S+ 0 \[Note\] InnoDB: Using crc32 \+ pclmulqdq instructions
\S+ \S+ 0 \[Note\] InnoDB: Using liburing
\S+ \S+ 0 \[Note\] InnoDB: Initializing buffer pool, total size = 1\.000GiB, chunk size = 16\.000MiB
\S+ \S+ 0 \[Note\] InnoDB: Completed initialization of buffer pool
\S+ \S+ 0 \[Note\] InnoDB: Buffered log writes \(block size=512 bytes\)
\S+ \S+ 0 \[Note\] InnoDB: End of log at LSN=\S+
2023-10-04 14:04:19 +02:00
\S+ \S+ 0 \[Note\] InnoDB: Opened 3 undo tablespaces
\S+ \S+ 0 \[Note\] InnoDB: 128 rollback segments in 3 undo tablespaces are active\.
\S+ \S+ 0 \[Note\] InnoDB: 128 rollback segments are active\.
2023-10-03 19:18:28 +02:00
\S+ \S+ 0 \[Note\] InnoDB: Setting file '\./\S+' size to 12\.000MiB\. Physically writing the file full; Please wait \.\.\.
\S+ \S+ 0 \[Note\] InnoDB: File '\./\S+' size is now 12\.000MiB\.
\S+ \S+ 0 \[Note\] InnoDB: log sequence number \S+; transaction id \S+
\S+ \S+ 0 \[Note\] InnoDB: Loading buffer pool\(s\) from /var/lib/mysql/ib_buffer_pool
\S+ \S+ 0 \[Note\] InnoDB: Read redo log up to LSN=\S+
\S+ \S+ 0 \[Note\] InnoDB: Buffer pool\(s\) load completed at \S+ \S+
\S+ \S+ 0 \[Note\] Plugin 'FEEDBACK' is disabled\.
\S+ \S+ 0 \[Note\] Server socket created on IP: '0.0.0.0'\.
\S+ \S+ 0 \[Note\] Server socket created on IP: '::'\.
\S+ \S+ 0 \[Note\] mariadbd: ready for connections\.
Version: '\S+' socket: '/run/mysqld/mysqld.sock' port: \S+ mariadb\.org binary distribution
#
2023-10-03 15:32:39 +02:00
\S+ \S+ 0 \[Note\] mariadbd \(initiated by: unknown\): Normal shutdown
\S+ \S+ 0 \[Note\] InnoDB: FTS optimize thread exiting\.
\S+ \S+ 0 \[Note\] InnoDB: Starting shutdown\.\.\.
\S+ \S+ 0 \[Note\] InnoDB: Dumping buffer pool\(s\) to /var/lib/mysql/ib_buffer_pool
\S+ \S+ 0 \[Note\] InnoDB: Buffer pool\(s\) dump completed at \S+ \S+
\S+ \S+ 0 \[Note\] InnoDB: Removed temporary tablespace data file: "\./ibtmp1"
\S+ \S+ 0 \[Note\] InnoDB: Shutdown completed; log sequence number \S+; transaction id \S+
\S+ \S+ 0 \[Note\] mariadbd: Shutdown complete
\s*
'';
2023-10-04 14:04:19 +02:00
match = "IMAGE_NAME = /mariadb(:.+)?/";
2023-10-03 15:32:39 +02:00
}
{ # yodaNas
filters = ''
2023-10-16 16:09:17 +02:00
\S+ \S+ UTC \[[0-9]+\] LOG:\s+listening on IPv4 address \S+, port 5432
\S+ \S+ UTC \[[0-9]+\] LOG:\s+listening on IPv6 address \S+, port 5432
\S+ \S+ UTC \[[0-9]+\] LOG:\s+listening on Unix socket \S+
2023-10-16 14:37:59 +02:00
\S+ \S+ UTC \[[0-9]+\] LOG:\s+database system was shut down at \S+ \S+ UTC
\S+ \S+ UTC \[[0-9]+\] LOG:\s+database system is ready to accept connections
2023-10-04 14:04:19 +02:00
#
2023-10-16 14:37:59 +02:00
\S+ \S+ UTC \[[0-9]+\] LOG:\s+received fast shutdown request
\S+ \S+ UTC \[[0-9]+\] LOG:\s+aborting any active transactions
\S+ \S+ UTC \[[0-9]+\] FATAL:\s+terminating connection due to administrator command
\S+ \S+ UTC \[[0-9]+\] LOG:\s+shutting down
\S+ \S+ UTC \[[0-9]+\] LOG:\s+database system is shut down
2023-10-03 15:32:39 +02:00
'';
2023-10-20 12:44:51 +02:00
match = "IMAGE_NAME = /postgres:.+/";
2023-10-03 15:32:39 +02:00
}
2023-09-29 13:10:26 +02:00
{ # yodaNas
filters = ''
2023-10-16 14:37:59 +02:00
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] MySQL Server - start\.
\S+ [0-9]+ \[Warning\] \[MY-[0-9]+\] \[Server\] Plugin mysql_native_password reported: '''mysql_native_password' is deprecated and will be removed in a future release\. Please use caching_sha2_password instead'
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] /usr/sbin/mysqld \(mysqld \S+\) starting as process 1
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[InnoDB\] InnoDB initialization has started\.
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[InnoDB\] InnoDB initialization has ended\.
\S+ [0-9]+ \[Warning\] \[MY-[0-9]+\] \[Server\] CA certificate ca\.pem is self signed\.
2023-10-16 16:09:17 +02:00
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] Channel mysql_main configured to support TLS\. Encrypted connections are now supported for this channel\.+
\S+ [0-9]+ \[Warning\] \[MY-[0-9]+\] \[Server\] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users\. Consider choosing a different directory\.+
2023-11-16 11:05:59 +01:00
\S+ [0-9]+ \[Warning\] \[MY-[0-9]+\] \[Server\] The syntax '--skip-host-cache' is deprecated and will be removed in a future release\. Please use SET GLOBAL host_cache_size=0 instead\.
\S+ [0-9]+ \[Warning\] \[MY-[0-9]+\] \[Server\] 'SET_USER_ID' \(granted to '\S+'\) is deprecated and will be removed in a future release\.
2023-10-16 14:37:59 +02:00
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] X Plugin ready for connections\. Bind-address: '::' port: 33060, socket: /var/run/mysqld/mysqlx\.sock
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] /usr/sbin/mysqld: ready for connections\. Version: '\S+' socket: '/var/run/mysqld/mysqld\.sock' port: 3306 MySQL Community Server - GPL\.
2023-10-16 16:09:17 +02:00
#
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] Received SHUTDOWN from user <via user signal>\. Shutting down mysqld \(Version: \S+\)\.
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] /usr/sbin/mysqld: Shutdown complete \(mysqld \S+\) MySQL Community Server - GPL\.
\S+ [0-9]+ \[System\] \[MY-[0-9]+\] \[Server\] MySQL Server - end\.
2023-09-29 13:10:26 +02:00
'';
match = "IMAGE_NAME = /mysql:[0-9]+/";
}
{ # yodaNas
filters = ''
2023-10-03 19:18:28 +02:00
crond: crond \(busybox \S+\) started, log level [0-9]+
2023-10-03 16:15:18 +02:00
crond: USER root pid\s+[0-9]+ cmd wget -qO- http://money\.p1st\.de:8080/api/v1/cron/\S+ > /proc/1/fd/1 2>/proc/1/fd/2
2023-09-29 13:10:26 +02:00
'';
match = "IMAGE_NAME = busybox";
}
2023-10-03 19:03:59 +02:00
{ # yodaNas
filters = ''
2023-10-16 16:09:17 +02:00
AH[0-9]+: apache2: Could not reliably determine the server's fully qualified domain name, using \S+\. Set the 'ServerName' directive globally to suppress this message
2023-11-16 11:05:59 +01:00
\[\S+ \S+ \S+ \S+ \S+\] \[mpm_prefork:notice\] \[pid 1\] AH[0-9]+: Apache/\S+ \(Debian\) configured -- resuming normal operations
2023-10-16 16:09:17 +02:00
\[\S+ \S+ \S+ \S+ \S+\] \[core:notice\] \[pid 1\] AH[0-9]+: Command line: 'apache2 -D FOREGROUND'
2023-10-16 15:40:51 +02:00
> Illuminate\\Foundation\\ComposerScripts::postAutoloadDump
2023-10-16 14:37:59 +02:00
wait-for-it\.sh: waiting 60 seconds for \S+:3306
wait-for-it\.sh: \S+:3306 is available after [0-9]+ seconds
2023-10-16 16:09:17 +02:00
#
\[\S+ \S+ \S+ \S+ \S+\] \[mpm_prefork:notice\] \[pid 1\] AH[0-9]+: caught SIGWINCH, shutting down gracefully
2023-10-03 19:03:59 +02:00
'';
match = "IMAGE_NAME = fireflyiii/core:latest";
}
{ # yodaNas
filters = ''
2023-10-16 16:09:17 +02:00
AH[0-9]+: apache2: Could not reliably determine the server's fully qualified domain name, using \S+\. Set the 'ServerName' directive globally to suppress this message
2023-11-08 19:34:23 +01:00
\[\S+ \S+ \S+ \S+ \S+\] \[mpm_prefork:notice\] \[pid 1\] AH[0-9]+: Apache/\S+ \(Debian\) configured -- resuming normal operations
2023-10-16 14:37:59 +02:00
\[\S+ \S+ \S+ \S+ \S+\] \[core:notice\] \[pid 1\] AH[0-9]+: Command line: 'apache2 -D FOREGROUND'
#
\[\S+ \S+ \S+ \S+ \S+\] \[mpm_prefork:notice\] \[pid 1\] AH[0-9]+: caught SIGWINCH, shutting down gracefully
2023-10-03 19:03:59 +02:00
'';
match = "IMAGE_NAME = fireflyiii/data-importer:latest";
}
2023-09-29 13:10:26 +02:00
{ # yodaNas
filters = ''
.*
'';
2023-10-11 19:12:57 +02:00
match = "IMAGE_NAME = /(deluan/navidrome|ghcr\\.io/dgtlmoon/changedetection\\.io)/";
2023-09-29 13:10:26 +02:00
}
2023-09-24 22:07:58 +02:00
2023-09-20 15:39:26 +02:00
#
# _SYSTEMD_UNIT
#
2023-09-18 15:45:26 +02:00
{ # yodaTux
filters = ''
2023-09-27 16:44:56 +02:00
.*
2023-09-18 15:45:26 +02:00
'';
2023-10-11 19:12:57 +02:00
match = "_SYSTEMD_UNIT = /(bluetooth\\.service|cups\\.service)/";
2023-09-18 15:45:26 +02:00
}
2023-10-03 16:38:26 +02:00
{ # yodaNas. TODO: This is maybe a bug. It occurs when deploying and switching to a NixOS config with colmena.
filters = ''
\S+: Process '/nix/store/\S+-bash-\S+/bin/sh -c 'echo 2 > /proc/sys/net/ipv6/conf/\S+/use_tempaddr''' failed with exit code 1.
'';
match = "_SYSTEMD_UNIT = systemd-udevd.service";
}
2023-09-20 15:39:26 +02:00
{ # yodaTux, yodaYoga
2023-09-18 15:45:26 +02:00
filters = ''
The system will suspend now!
2023-09-27 16:44:56 +02:00
The system will power off now!
2023-10-04 14:04:19 +02:00
The system will reboot now!
2023-09-20 15:39:26 +02:00
System is powering down\.
2023-10-04 14:04:19 +02:00
System is rebooting\.
2023-09-18 15:45:26 +02:00
'';
match = "_SYSTEMD_UNIT = systemd-logind.service";
}
2023-10-16 16:09:17 +02:00
{ # yodaTux, yodaNas
2023-09-18 15:45:26 +02:00
filters = ''
2023-09-20 15:39:26 +02:00
Reexecuting\.
2023-09-18 15:45:26 +02:00
(finished )?switching to system configuration /nix/store/.+-nixos-system-.+-[0-9]+\.[0-9]+pre-git
'';
2023-10-16 16:09:17 +02:00
match = "_SYSTEMD_UNIT = /(user@[0-9]+\\.service|init.scope)/";
2023-09-18 15:45:26 +02:00
}
{ # yodaTux
filters = ''
Reloading rules
2023-09-20 15:39:26 +02:00
Collecting garbage unconditionally\.\.\.
2023-09-18 15:45:26 +02:00
Loading rules from directory /.+
Finished loading, compiling and executing [0-9]+ rules
'';
match = "_SYSTEMD_UNIT = polkit.service";
}
{ # yodaTux
filters = ''
.+ error name="org\.bluez\.MediaEndpoint1\.Error\.NotImplemented" .+
2023-09-20 11:34:32 +02:00
# Open issue: https://github.com/NixOS/nixpkgs/issues/79220
2023-09-23 15:22:24 +02:00
Unknown (username|group) .+ in message bus configuration file
2023-09-18 15:45:26 +02:00
'';
2023-09-18 22:02:25 +02:00
match = "_SYSTEMD_UNIT = dbus.service";
}
2023-09-20 11:34:32 +02:00
{ # yodaTux
filters = ''
2023-09-20 13:38:26 +02:00
Mounted /dev/\S+ at /\S+ on behalf of uid [0-9]+
Cleaning up mount point /\S+ \(device \S+ is not mounted\)
Unmounted /dev/\S+ on behalf of uid [0-9]+
Successfully sent SCSI command SYNCHRONIZE CACHE to /dev/\S+
Successfully sent SCSI command START STOP UNIT to /dev/\S+
Powered off /dev/\S+ - successfully wrote to sysfs path /sys/devices/\S+
2023-09-20 11:34:32 +02:00
'';
2023-09-20 13:38:26 +02:00
match = "_SYSTEMD_UNIT = udisks2.service";
}
#
# SYSLOG_IDENTIFIER
#
2023-10-03 18:51:34 +02:00
{ # yodaYoga, yodaNas
filters = ''
# Somebody evil ...
error: kex_exchange_identification: banner line contains invalid characters
# error: kex_exchange_identification: client sent invalid protocol identifier "MGLNDD_188.194.209.73_2222"
# error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1"
2023-11-08 19:34:23 +01:00
error: kex_exchange_identification: client sent invalid protocol identifier "[^"]*"
2023-10-03 18:51:34 +02:00
error: kex_exchange_identification: Connection closed by remote host
error: kex_exchange_identification: read: Connection reset by peer
error: PAM: Authentication failure for \S+ from \S+
2023-10-16 19:08:23 +02:00
error: PAM: Authentication failure for illegal user \S+ from \S+
2023-10-04 13:27:19 +02:00
error: Protocol major versions differ: 2 vs\. 1
2023-10-20 12:44:51 +02:00
error: beginning MaxStartups throttling
2023-10-03 18:51:34 +02:00
fatal: Timeout before authentication for \S+ port [0-9]+
'';
match = "SYSLOG_IDENTIFIER = sshd";
}
2023-09-20 13:38:26 +02:00
{ # yodaTux. If the user `yoda` runs a command with `sudo`.
filters = ''
2023-09-23 18:36:51 +02:00
\s+yoda : TTY=pts/[0-9] ; PWD=/\S+ ; USER=root ; COMMAND=/.+
2023-09-20 13:38:26 +02:00
'';
match = "SYSLOG_IDENTIFIER = sudo";
}
{ # yodaYoga
filters = ''
(finished )?switching to system configuration /nix/store/.+-nixos-system-.+-[0-9]+\.[0-9]+pre-git
'';
match = "SYSLOG_IDENTIFIER = nixos";
2023-09-20 11:34:32 +02:00
}
2023-09-20 15:39:26 +02:00
{ # yodaYoga
filters = ''
2023-10-04 14:04:19 +02:00
\S+\.(service|scope|slice|mount): Consumed .+ CPU time, read .+ from disk, written .+ to disk.+
\S+\.(service|scope|slice|mount): Consumed .+ CPU time, received .+ IP traffic, sent .+ IP traffic\.
2023-10-05 13:20:30 +02:00
\S+\.(service|scope|slice|mount): Consumed .+ CPU time, no IP traffic\.
2023-09-20 15:39:26 +02:00
#
Shutting down\.
'';
match = "SYSLOG_IDENTIFIER = systemd";
}
2023-09-18 22:02:25 +02:00
{ # yodaTux
filters = ''
.*
'';
match = "SYSLOG_IDENTIFIER = //nix/store/.+/libexec/gdm-x-session/";
2023-09-18 15:45:26 +02:00
}
2023-09-23 15:22:24 +02:00
{ # yodaTux, yodaTab
2023-11-21 13:02:15 +01:00
filters = (''
2023-09-23 15:22:24 +02:00
#
2023-10-04 14:04:19 +02:00
# yodaNas
#
2023-11-11 12:04:28 +01:00
# Ignore.
BTRFS warning \(device dm-[0-9]+\): skipping scrub of block group [0-9]+ due to active swapfile
# Ignore, see https://unix.stackexchange.com/a/249660/315162
2023-10-04 14:04:19 +02:00
watchdog: watchdog0: watchdog did not stop!
# Ignore.
\s*#[0-9]*
# Ingore: Probably just copying of boot graphics (.bmp) failed. https://patchwork.kernel.org/project/linux-fbdev/patch/20180617153235.16219-3-hdegoede@redhat.com/
efifb: Ignoring BGRT: unexpected or invalid BMP data
2023-11-03 16:11:40 +01:00
# Ignore.
Unknown kernel command line parameters "ip=dhcp", will be passed to user space.
2023-10-04 14:04:19 +02:00
# Probably safe to ignore.
2023-11-16 11:05:59 +01:00
resource sanity check: requesting \S+, which spans more than Reserved \S+
2023-10-16 14:37:59 +02:00
# Not sure about this.
i915 0000:00:02\.0: \[drm\] \[ENCODER:.*\] is disabled/in DSI mode with an ungated DDI clock, gate it
# Not sure about this. Probably BIOS related.
# https://wiki.archlinux.org/title/improving_performance#Enabling_PCI_resizable_BAR
caller pmc_core_probe\+\S+ \[intel_pmc_core\] mapping multiple BARs
2023-10-04 14:04:19 +02:00
#
# yodaTux
2023-09-23 15:22:24 +02:00
#
2023-11-16 11:05:59 +01:00
# Ignore BIOS bug.
2023-09-18 15:45:26 +02:00
ACPI: FW issue: working around C-state latencies out of order
# Kernel WiFi driver bug.
2023-09-23 15:22:24 +02:00
#iwlwifi 0000:01:00\.0: .*
iwlwifi 0000:01:00\.0: Unhandled alg: 0x707
iwlwifi 0000:01:00\.0: Not associated and the session protection is over already...
2023-09-23 19:16:38 +02:00
iwlwifi 0000:01:00\.0: api flags index 2 larger than supported by driver
2023-09-20 22:24:33 +02:00
# Ignore.
2023-10-16 16:09:17 +02:00
audit: type=2000 audit\([0-9]+\.[0-9]+:[0-9]+\): state=initialized audit_enabled=0 res=1
2023-09-29 13:10:26 +02:00
ENERGY_PERF_BIAS: Set to 'normal', was 'performance'
2023-11-16 11:05:59 +01:00
Kernel command line: initrd=\S+ init=\S+ ip=dhcp mds=full,nosmt loglevel=[0-9]
Kernel command line: initrd=\S+ init=\S+ ip=dhcp loglevel=[0-9]
2023-11-08 19:34:23 +01:00
# Linux version 6.1.61 (nixbld@localhost) (gcc (GCC) 12.2.0, GNU ld (GNU Binutils) 2.40) #1-NixOS SMP PREEMPT_DYNAMIC Thu Nov 2 08:35:33 UTC 2023
Linux version \S+ \(nixbld@localhost\) \(gcc \(GCC\) \S+, GNU ld \(GNU Binutils\) \S+\) #1-NixOS SMP PREEMPT_DYNAMIC \S+ \S+\s+\S+ \S+ UTC \S+
2023-09-20 11:34:32 +02:00
random: crng reseeded on system resumption
2023-09-27 16:44:56 +02:00
random: crng init done
2023-10-16 14:37:59 +02:00
sd [0-9]:0:0:0: \[sd[a-z]\] [0-9]+ 512-byte logical blocks: \(\S+ (GB|TB)/\S+ (GiB|TiB)\)
2023-10-04 14:04:19 +02:00
sd [0-9]:0:0:0: \[sd[a-z]\] [0-9]+-byte physical blocks
2023-09-27 17:05:01 +02:00
sd [0-9]:0:0:0: \[sd[a-z]\] Write Protect is off
sd [0-9]:0:0:0: \[sd[a-z]\] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
sd [0-9]:0:0:0: \[sd[a-z]\] Optimal transfer size [0-9]+ bytes not a multiple of preferred minimum block size ([0-9] bytes)
2023-11-03 16:11:40 +01:00
sd [0-9]:0:0:0: \[sd[a-z]\] Attached SCSI (removable )?disk
sd [0-9]:0:0:0: \[sd[a-z]\] Stopping disk
2023-09-27 17:05:01 +02:00
sd [0-9]:0:0:0: \[sd[a-z]\] Synchronizing SCSI cache
2023-09-29 13:10:26 +02:00
sd [0-9]:0:0:0: \[sd[a-z]\] supports TCG Opal
\#3
2023-09-23 15:22:24 +02:00
#
2023-10-04 14:04:19 +02:00
# yodaTab
2023-09-23 15:22:24 +02:00
#
# Ignore.
mmc0: cannot verify signal voltage switch
2023-09-27 16:44:56 +02:00
Initialise system trusted keyrings
Key type asymmetric registered
Asymmetric key parser 'x509' registered
2023-09-29 13:14:05 +02:00
Loading compiled-in X\.509 certificates
2023-09-27 16:44:56 +02:00
Key type \.fscrypt registered
Key type fscrypt-provisioning registered
Key type encrypted registered
Bridge firewalling registered
SCSI subsystem initialized
2023-09-27 17:00:39 +02:00
scsi [0-9]:0:0:0: Direct-Access\s+ATA.+PQ: 0 ANSI: 5
2023-09-27 17:05:01 +02:00
scsi [0-9]:0:0:0: Direct-Access.+PQ: 0 ANSI: 6
2023-09-27 16:44:56 +02:00
thinkpad_acpi: Disabling thinkpad-acpi brightness events by default\.\.\.
2023-10-04 14:04:19 +02:00
VFS: Disk quotas dquot_[0-9]+\.[0-9]+\.[0-9]+
2023-09-27 17:05:01 +02:00
ata1\.00: supports DRM functions and may not be fully accessible
2023-09-23 15:22:24 +02:00
#
done\.
2023-11-03 16:11:40 +01:00
#
2023-11-16 11:05:59 +01:00
# yodaYoga
#
# Ignore BIOS bug.
ACPI: \[Firmware Bug\]: .*
ACPI BIOS Error \(bug\): .*
ACPI Error: .*
ACPI Warning: .*
# Ignore.
usb: port power management may be unreliable
#
2023-11-03 16:11:40 +01:00
# yodaHedgehog
#
2023-11-21 13:02:15 +01:00
# Ignore.
ata[0-9]\.00: Entering standby power mode
ata[0-9]\.00: Entering active power mode
Modules linked in:( \S+)+ ?
'' + (if (config.networking.hostName == "yodaHedgehog") then ''
# Ignore.
------------\[ cut here \]------------
Hardware name: To Be Filled By O\.E\.M\. To Be Filled By O\.E\.M\./N3150-ITX, BIOS P1\.10 05/20/2015
Workqueue: pm pm_runtime_work
2023-11-03 16:11:40 +01:00
# Not sure about this.
2023-11-03 16:19:23 +01:00
ACPI BIOS Warning (bug): 32/64X length mismatch in FADT/Gpe0Block: 128/32 (20220331/tbfadt-564)
2023-11-03 16:11:40 +01:00
hpet: number irqs doesn't agree with number of timers
2023-11-03 16:19:23 +01:00
gpio gpiochip0: (INT0002 Virtual GPIO): not an immutable chip, please consider fixing it!
at24 0-0050: supply vcc not found, using dummy regulator
intel-spi: probe of intel-spi failed with error -22
2023-11-08 19:34:23 +01:00
# Ignore.
2023-11-21 13:02:15 +01:00
ata[0-9]: link is slow to respond, please be patient \(ready=0\)
# Not sure about this.
2023-11-22 14:41:04 +01:00
ata4\.00: qc timeout after 10000 msecs \(cmd 0x40\)
2023-11-21 13:02:15 +01:00
ata4\.00: VERIFY failed \(err_mask=0x4\)
ata4\.00: failed to IDENTIFY \(I/O error, err_mask=0x40\)
ata4\.00: revalidation failed \(errno=-5\)
'' else ""));
2023-09-18 15:45:26 +02:00
match = "SYSLOG_IDENTIFIER = kernel";
}
2023-09-20 11:34:32 +02:00
{ # yodaTux
filters = ''
.*
'';
match = "SYSLOG_IDENTIFIER = simple-scan";
}
2023-09-20 13:38:26 +02:00
#
# _SYSTEMD_USER_UNIT
#
2023-09-23 15:22:24 +02:00
{ # yodaTux, yodaTab
2023-09-20 13:38:26 +02:00
filters = ''
.+ Setting AttentionNeeded to FALSE because EnsureCredentials\(\) succeded
2023-09-23 15:22:24 +02:00
Connecting to org\.freedesktop\.Tracker3\.Miner\.Files
2023-09-20 13:38:26 +02:00
'';
match = "_SYSTEMD_USER_UNIT = dbus.service";
}
2023-09-20 11:34:32 +02:00
{ # yodaTux
filters = ''
.*
'';
2023-10-11 19:12:57 +02:00
match = "_SYSTEMD_USER_UNIT = /(org\\.gnome\\..+\\.service|pipewire\\.service|wireplumber\\.service|app-gnome-org\\.gnome\\.Software-[0-9]+\\.scope)/";
2023-09-20 11:34:32 +02:00
}
];
};
}