Mirror/nix-git
Mirror/nix-git
1
0
Fork 0
mirror of https://codeberg.org/privacy1st/nix-git synced 2024-11-21 22:03:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

journalwatch config

Browse Source
This commit is contained in:
Daniel Langbein 2024-09-26 17:06:04 +02:00
parent 2607aac99d
commit 20ff5b3e07
Signed by: langfingaz
GPG Key ID: 6C47C753F0823002
3 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/yodaGaming/configuration.nix
View File

@ -42,7 +42,7 @@
../../modules/jetbrains-ide.nix
];
foo = throw "NixOS rebuild boot required to update to 24.05";
#foo = throw "NixOS rebuild boot required to update to 24.05";
networking.hostName = "yodaGaming";
boot.initrd.luks.devices."luks-root".allowDiscards = true;

2
hosts/yodaYoga/configuration.nix
View File

@ -24,7 +24,7 @@
../../modules/btrfs-mount-options.nix
];
foo = throw "NixOS rebuild boot required to update to 24.05";
#foo = throw "NixOS rebuild boot required to update to 24.05";
networking.hostName = "yodaYoga";
boot.initrd.luks.devices."luks-a8521407-e25b-4f26-8e7a-a56fcbfd2e35".allowDiscards = true;

43
modules/journalwatch.nix
View File

@ -49,16 +49,19 @@ let
Unable to negotiate with \S+ port \S+: no matching MAC found. Their offer: \S+ \[preauth\]
Unable to negotiate with \S+ port \S+: no matching key exchange method found. Their offer: \S+ \[preauth\]
Invalid user \S+ from \S+ port \S+
Disconnected from \S+ port \S+ \[preauth\]
Disconnected from invalid user \S+ \S+ port \S+ \[preauth\]
Disconnected from authenticating user root \S+ port \S+ \[preauth\]
Disconnected from authenticating user (root|yoda) \S+ port \S+ \[preauth\]
Received disconnect from \S+ port \S+:11: Client disconnecting normally \[preauth\]
Received disconnect from \S+ port \S+:11: Bye Bye \[preauth\]
Connection reset by invalid user \S+ \S+ port \S+ \[preauth\
Connection reset by authenticating user (root|yoda) \S+ port \S+ \[preauth\]
Connection reset by \S+ port \S+ \[preauth\]
Connection reset by \S+ port \S+
Connection closed by \S+ port \S+
Connection closed by \S+ port \S+ \[preauth\]
Connection closed by authenticating user (root|yoda) \S+ port \S+ \[preauth\]
Connection closed by invalid user \S+ \S+ port \S+ \[preauth\]
Connection closed by authenticating user root \S+ port \S+ \[preauth\]
error: kex_exchange_identification: banner line contains invalid characters
error: kex_exchange_identification: client sent invalid protocol identifier "[^"]*"
error: kex_exchange_identification: Connection closed by remote host
@ -539,6 +542,7 @@ in
{ # yodaNas
filters = ''
Set \S+ (A|AAAA) record to \S+
\s*The \S+ (A|AAAA) record points already to \S+
'';
match = "_SYSTEMD_UNIT = netcup-dns.service";
@ -555,7 +559,7 @@ in
}
{ # yodaNas
filters = ''
time="[^"]+" level=error msg="\[resolver\] failed to query DNS server: 127.0.0.1:53, query: ;[a-z0-9\.]+\\tIN\\t A" error="read udp 127.0.0.1:[0-9]+->127.0.0.1:53: i/o timeout"
time="[^"]+" level=error msg="\[resolver\] failed to query DNS server: 127.0.0.1:53, query: ;[a-z0-9\.-]+\\tIN\\t A" error="read udp 127.0.0.1:[0-9]+->127.0.0.1:53: i/o timeout"
time="[^"]+" level=info msg="Attempting next endpoint for pull after error: Head "[^"]+": Get "[^"]+": net/http: request canceled while waiting for connection \(Client\.Timeout exceeded while awaiting headers\)"
'';
match = "_SYSTEMD_UNIT = docker.service";
@ -634,9 +638,17 @@ in
'';
match = "_SYSTEMD_UNIT = systemd-logind.service";
}
{
filters = ''
Successful su for root by root
pam_unix\(su:session\): session opened for user root\(uid=0\) by root\(uid=0\)
pam_unix\(su:session\): session closed for user root
'';
match = "_SYSTEMD_UNIT = /session-[0-9]+\\.scope/";
}
{ # yodaTux, yodaNas
filters = ''
\S+\.(service|scope|slice|mount): Consumed [0-9\.]+(s|ms) CPU time(, .+)?\.
\S+\.(service|scope|slice|mount): Consumed ([0-9]min )?[0-9\.]+(s|ms) CPU time(, .+)?\.
#
Starting \S+\.service\.\.\.
\S+\.service: Scheduled restart job, restart counter is at 1\.
@ -650,6 +662,7 @@ in
Starting Load Kernel Module efi_pstore\.\.\.
Starting Create SUID/SGID Wrappers\.\.\.
Starting Update and start Jinja-Compose project\.\.\.
Starting Cleanup of Temporary Directories\.\.\.
Started \S+\.service\.
Started Logrotate Service\.
Started User Manager for UID (0|1000)\.
@ -659,6 +672,7 @@ in
Finished Spin down inactive HDD \S+\.
Finished Load Kernel Module efi_pstore\.
Finished Create SUID/SGID Wrappers\.
Finished Cleanup of Temporary Directories\.
Finished Update and start Jinja-Compose project\.
Stopping Reactivate sysinit units\.\.\.
Stopping User Manager for UID (0|1000)\.\.\.
@ -668,6 +682,7 @@ in
Stopped target Reactivate sysinit units\.
Stopped User Manager for UID (0|1000)\.
Stopped User Runtime Directory /run/user/(0|1000)\.\.\.
Stopped User Runtime Directory /run/user/(0|1000)\.
Reached target Reactivate sysinit units\.
Reached target Local File Systems\.
Reached target Remote File Systems\.
@ -676,6 +691,7 @@ in
Reloading finished in [0-9]+ ms\.
session-[0-9]+\.scope: Deactivated successfully\.
#
(\S+ )+was skipped because no trigger condition checks were met\.
(\S+ )+was skipped because of an unmet condition check \([^)]+\)\.
File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
#
@ -713,13 +729,25 @@ in
Created slice User Application Slice\.
Queued start job for default target Main User Target\.
pam_unix\(systemd-user:session\): session opened for user root\(uid=0\) by \(uid=0\)
pam_unix\(systemd-user:session\): session closed for user root
pam_unix\(systemd-user:session\): session closed for user (root|yoda)
Reexecuting requested from client PID [0-9]+ \('systemctl'\)\.\.\.
Reexecuting\.
Run \S+ was skipped because of an unmet condition check \([^)]+\)\.
Run (\S+ )+was skipped because of an unmet condition check \([^)]+\)\.
'';
match = "_SYSTEMD_UNIT = /user@(0|1000)\\.service/";
}
{
filters = ''
flapped down
'';
match = "_SYSTEMD_UNIT = smtpd-key.service";
}
{
filters = ''
flapped down
'';
match = "_SYSTEMD_UNIT = netcup-dns-95191.json-key.service";
}
{ # yodaTux
filters = ''
Acquired the name org\.freedesktop\.PolicyKit1 on the system bus
@ -731,6 +759,7 @@ in
Registered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+ \[/run/current-system/sw/bin/pkttyagent --notify-fd 5 --fallback\], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\)
Operator of unix-process:[0-9]+:[0-9]+ successfully authenticated as unix-user:yoda to gain ONE-SHOT authorization for action org\.freedesktop\.systemd1\.manage-units for system-bus-name::[0-9\.]+ \[systemctl start journalwatch\.service\] \(owned by unix-user:yoda\)
Unregistered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\)
Unregistered Authentication Agent for unix-process:unknown \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\)
'';
match = "_SYSTEMD_UNIT = polkit.service";
}
@ -817,7 +846,7 @@ in
{
filters = (''
# Somebody evil iterating through different ports
refused connection: IN=\S+ OUT= MAC=\S+ SRC=\S+ DST=\S+ LEN=\S+ TC=[0-9]+ HOPLIMIT=[0-9]+ FLOWLBL=[0-9]+ PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x00 SYN URGP=0\s+
refused connection: IN=\S+ OUT= MAC=\S+ SRC=\S+ DST=\S+ LEN=\S+ .+ PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x00 SYN URGP=0\s+
# Ignore.
systemd\[[0-9]\]: memfd_create\(\) called without MFD_EXEC or MFD_NOEXEC_SEAL set
# Ignore.