Mirror/nix-git
Mirror/nix-git
1
0
Fork 0
mirror of https://codeberg.org/privacy1st/nix-git synced 2024-11-21 22:03:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

journalwatch config

Browse Source
This commit is contained in:
Daniel Langbein 2024-09-26 17:06:04 +02:00
parent 2607aac99d
commit 20ff5b3e07
Signed by: langfingaz
GPG Key ID: 6C47C753F0823002
3 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/yodaGaming/configuration.nix
View File

@ -42,7 +42,7 @@
../../modules/jetbrains-ide.nix ../../modules/jetbrains-ide.nix
]; ];
foo = throw "NixOS rebuild boot required to update to 24.05"; #foo = throw "NixOS rebuild boot required to update to 24.05";
networking.hostName = "yodaGaming"; networking.hostName = "yodaGaming";
boot.initrd.luks.devices."luks-root".allowDiscards = true; boot.initrd.luks.devices."luks-root".allowDiscards = true;

2
hosts/yodaYoga/configuration.nix
View File

@ -24,7 +24,7 @@
../../modules/btrfs-mount-options.nix ../../modules/btrfs-mount-options.nix
]; ];
foo = throw "NixOS rebuild boot required to update to 24.05"; #foo = throw "NixOS rebuild boot required to update to 24.05";
networking.hostName = "yodaYoga"; networking.hostName = "yodaYoga";
boot.initrd.luks.devices."luks-a8521407-e25b-4f26-8e7a-a56fcbfd2e35".allowDiscards = true; boot.initrd.luks.devices."luks-a8521407-e25b-4f26-8e7a-a56fcbfd2e35".allowDiscards = true;

43
modules/journalwatch.nix
View File

@ -49,16 +49,19 @@ let
Unable to negotiate with \S+ port \S+: no matching MAC found. Their offer: \S+ \[preauth\] Unable to negotiate with \S+ port \S+: no matching MAC found. Their offer: \S+ \[preauth\]
Unable to negotiate with \S+ port \S+: no matching key exchange method found. Their offer: \S+ \[preauth\] Unable to negotiate with \S+ port \S+: no matching key exchange method found. Their offer: \S+ \[preauth\]
Invalid user \S+ from \S+ port \S+ Invalid user \S+ from \S+ port \S+
Disconnected from \S+ port \S+ \[preauth\]
Disconnected from invalid user \S+ \S+ port \S+ \[preauth\] Disconnected from invalid user \S+ \S+ port \S+ \[preauth\]
Disconnected from authenticating user root \S+ port \S+ \[preauth\] Disconnected from authenticating user (root|yoda) \S+ port \S+ \[preauth\]
Received disconnect from \S+ port \S+:11: Client disconnecting normally \[preauth\] Received disconnect from \S+ port \S+:11: Client disconnecting normally \[preauth\]
Received disconnect from \S+ port \S+:11: Bye Bye \[preauth\] Received disconnect from \S+ port \S+:11: Bye Bye \[preauth\]
Connection reset by invalid user \S+ \S+ port \S+ \[preauth\
Connection reset by authenticating user (root|yoda) \S+ port \S+ \[preauth\]
Connection reset by \S+ port \S+ \[preauth\] Connection reset by \S+ port \S+ \[preauth\]
Connection reset by \S+ port \S+ Connection reset by \S+ port \S+
Connection closed by \S+ port \S+ Connection closed by \S+ port \S+
Connection closed by \S+ port \S+ \[preauth\] Connection closed by \S+ port \S+ \[preauth\]
Connection closed by authenticating user (root|yoda) \S+ port \S+ \[preauth\]
Connection closed by invalid user \S+ \S+ port \S+ \[preauth\] Connection closed by invalid user \S+ \S+ port \S+ \[preauth\]
Connection closed by authenticating user root \S+ port \S+ \[preauth\]
error: kex_exchange_identification: banner line contains invalid characters error: kex_exchange_identification: banner line contains invalid characters
error: kex_exchange_identification: client sent invalid protocol identifier "[^"]*" error: kex_exchange_identification: client sent invalid protocol identifier "[^"]*"
error: kex_exchange_identification: Connection closed by remote host error: kex_exchange_identification: Connection closed by remote host
@ -539,6 +542,7 @@ in
{ # yodaNas { # yodaNas
filters = '' filters = ''
Set \S+ (A|AAAA) record to \S+
\s*The \S+ (A|AAAA) record points already to \S+ \s*The \S+ (A|AAAA) record points already to \S+
''; '';
match = "_SYSTEMD_UNIT = netcup-dns.service"; match = "_SYSTEMD_UNIT = netcup-dns.service";
@ -555,7 +559,7 @@ in
} }
{ # yodaNas { # yodaNas
filters = '' filters = ''
time="[^"]+" level=error msg="\[resolver\] failed to query DNS server: 127.0.0.1:53, query: ;[a-z0-9\.]+\\tIN\\t A" error="read udp 127.0.0.1:[0-9]+->127.0.0.1:53: i/o timeout" time="[^"]+" level=error msg="\[resolver\] failed to query DNS server: 127.0.0.1:53, query: ;[a-z0-9\.-]+\\tIN\\t A" error="read udp 127.0.0.1:[0-9]+->127.0.0.1:53: i/o timeout"
time="[^"]+" level=info msg="Attempting next endpoint for pull after error: Head "[^"]+": Get "[^"]+": net/http: request canceled while waiting for connection \(Client\.Timeout exceeded while awaiting headers\)" time="[^"]+" level=info msg="Attempting next endpoint for pull after error: Head "[^"]+": Get "[^"]+": net/http: request canceled while waiting for connection \(Client\.Timeout exceeded while awaiting headers\)"
''; '';
match = "_SYSTEMD_UNIT = docker.service"; match = "_SYSTEMD_UNIT = docker.service";
@ -634,9 +638,17 @@ in
''; '';
match = "_SYSTEMD_UNIT = systemd-logind.service"; match = "_SYSTEMD_UNIT = systemd-logind.service";
} }
{
filters = ''
Successful su for root by root
pam_unix\(su:session\): session opened for user root\(uid=0\) by root\(uid=0\)
pam_unix\(su:session\): session closed for user root
'';
match = "_SYSTEMD_UNIT = /session-[0-9]+\\.scope/";
}
{ # yodaTux, yodaNas { # yodaTux, yodaNas
filters = '' filters = ''
\S+\.(service|scope|slice|mount): Consumed [0-9\.]+(s|ms) CPU time(, .+)?\. \S+\.(service|scope|slice|mount): Consumed ([0-9]min )?[0-9\.]+(s|ms) CPU time(, .+)?\.
# #
Starting \S+\.service\.\.\. Starting \S+\.service\.\.\.
\S+\.service: Scheduled restart job, restart counter is at 1\. \S+\.service: Scheduled restart job, restart counter is at 1\.
@ -650,6 +662,7 @@ in
Starting Load Kernel Module efi_pstore\.\.\. Starting Load Kernel Module efi_pstore\.\.\.
Starting Create SUID/SGID Wrappers\.\.\. Starting Create SUID/SGID Wrappers\.\.\.
Starting Update and start Jinja-Compose project\.\.\. Starting Update and start Jinja-Compose project\.\.\.
Starting Cleanup of Temporary Directories\.\.\.
Started \S+\.service\. Started \S+\.service\.
Started Logrotate Service\. Started Logrotate Service\.
Started User Manager for UID (0|1000)\. Started User Manager for UID (0|1000)\.
@ -659,6 +672,7 @@ in
Finished Spin down inactive HDD \S+\. Finished Spin down inactive HDD \S+\.
Finished Load Kernel Module efi_pstore\. Finished Load Kernel Module efi_pstore\.
Finished Create SUID/SGID Wrappers\. Finished Create SUID/SGID Wrappers\.
Finished Cleanup of Temporary Directories\.
Finished Update and start Jinja-Compose project\. Finished Update and start Jinja-Compose project\.
Stopping Reactivate sysinit units\.\.\. Stopping Reactivate sysinit units\.\.\.
Stopping User Manager for UID (0|1000)\.\.\. Stopping User Manager for UID (0|1000)\.\.\.
@ -668,6 +682,7 @@ in
Stopped target Reactivate sysinit units\. Stopped target Reactivate sysinit units\.
Stopped User Manager for UID (0|1000)\. Stopped User Manager for UID (0|1000)\.
Stopped User Runtime Directory /run/user/(0|1000)\.\.\. Stopped User Runtime Directory /run/user/(0|1000)\.\.\.
Stopped User Runtime Directory /run/user/(0|1000)\.
Reached target Reactivate sysinit units\. Reached target Reactivate sysinit units\.
Reached target Local File Systems\. Reached target Local File Systems\.
Reached target Remote File Systems\. Reached target Remote File Systems\.
@ -676,6 +691,7 @@ in
Reloading finished in [0-9]+ ms\. Reloading finished in [0-9]+ ms\.
session-[0-9]+\.scope: Deactivated successfully\. session-[0-9]+\.scope: Deactivated successfully\.
# #
(\S+ )+was skipped because no trigger condition checks were met\.
(\S+ )+was skipped because of an unmet condition check \([^)]+\)\. (\S+ )+was skipped because of an unmet condition check \([^)]+\)\.
File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
# #
@ -713,13 +729,25 @@ in
Created slice User Application Slice\. Created slice User Application Slice\.
Queued start job for default target Main User Target\. Queued start job for default target Main User Target\.
pam_unix\(systemd-user:session\): session opened for user root\(uid=0\) by \(uid=0\) pam_unix\(systemd-user:session\): session opened for user root\(uid=0\) by \(uid=0\)
pam_unix\(systemd-user:session\): session closed for user root pam_unix\(systemd-user:session\): session closed for user (root|yoda)
Reexecuting requested from client PID [0-9]+ \('systemctl'\)\.\.\. Reexecuting requested from client PID [0-9]+ \('systemctl'\)\.\.\.
Reexecuting\. Reexecuting\.
Run \S+ was skipped because of an unmet condition check \([^)]+\)\. Run (\S+ )+was skipped because of an unmet condition check \([^)]+\)\.
''; '';
match = "_SYSTEMD_UNIT = /user@(0|1000)\\.service/"; match = "_SYSTEMD_UNIT = /user@(0|1000)\\.service/";
} }
{
filters = ''
flapped down
'';
match = "_SYSTEMD_UNIT = smtpd-key.service";
}
{
filters = ''
flapped down
'';
match = "_SYSTEMD_UNIT = netcup-dns-95191.json-key.service";
}
{ # yodaTux { # yodaTux
filters = '' filters = ''
Acquired the name org\.freedesktop\.PolicyKit1 on the system bus Acquired the name org\.freedesktop\.PolicyKit1 on the system bus
@ -731,6 +759,7 @@ in
Registered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+ \[/run/current-system/sw/bin/pkttyagent --notify-fd 5 --fallback\], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) Registered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+ \[/run/current-system/sw/bin/pkttyagent --notify-fd 5 --fallback\], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\)
Operator of unix-process:[0-9]+:[0-9]+ successfully authenticated as unix-user:yoda to gain ONE-SHOT authorization for action org\.freedesktop\.systemd1\.manage-units for system-bus-name::[0-9\.]+ \[systemctl start journalwatch\.service\] \(owned by unix-user:yoda\) Operator of unix-process:[0-9]+:[0-9]+ successfully authenticated as unix-user:yoda to gain ONE-SHOT authorization for action org\.freedesktop\.systemd1\.manage-units for system-bus-name::[0-9\.]+ \[systemctl start journalwatch\.service\] \(owned by unix-user:yoda\)
Unregistered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\) Unregistered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\)
Unregistered Authentication Agent for unix-process:unknown \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\)
''; '';
match = "_SYSTEMD_UNIT = polkit.service"; match = "_SYSTEMD_UNIT = polkit.service";
} }
@ -817,7 +846,7 @@ in
{ {
filters = ('' filters = (''
# Somebody evil iterating through different ports # Somebody evil iterating through different ports
refused connection: IN=\S+ OUT= MAC=\S+ SRC=\S+ DST=\S+ LEN=\S+ TC=[0-9]+ HOPLIMIT=[0-9]+ FLOWLBL=[0-9]+ PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x00 SYN URGP=0\s+ refused connection: IN=\S+ OUT= MAC=\S+ SRC=\S+ DST=\S+ LEN=\S+ .+ PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x00 SYN URGP=0\s+
# Ignore. # Ignore.
systemd\[[0-9]\]: memfd_create\(\) called without MFD_EXEC or MFD_NOEXEC_SEAL set systemd\[[0-9]\]: memfd_create\(\) called without MFD_EXEC or MFD_NOEXEC_SEAL set
# Ignore. # Ignore.