Commit 2effbc41 authored by hadret's avatar hadret

feat: initial commit.

parents
MIT License
Copyright (c) 2019 Filip Chabik
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
# Ansible Role: Central Log Server
This is a internal role for deploying `rsyslog` configuration for both server
and client. Server need to be part of a `syslog-servers` host group in order for
it to receive proper configuration. All of the other servers are treated as
clients. Some of them **can** have tailored configuration, it is however handled
by the template of the client configuration file.
## Requirements
+ Ubuntu/Debian distribution
## Role variables
[defaults/main.yml](defaults/main.yml)
## Dependencies
None.
## Example playbook
```
hosts: all
roles:
- central-log-server
```
## License
MIT.
## Authors
samedi GmbH.
---
rsyslog_server: 127.0.0.1
rsyslog_port: 514
rsyslog_path: /etc/rsyslog.d
rsyslog_pkgs:
- rsyslog-elasticsearch
- rsyslog-mmnormalize
rsyslog_template: "rule.conf.j2"
rsyslog_rules: []
# - rule_name: "remote-relp" # name of the rule
# priority: 99 # order of the rules may be important
# ruleset: |
# module(load="omrelp")
# action(type="omrelp" target="{{ rsyslog_server }}" port="{{ rsyslog_port }}")
# # Properties that are only added if defined:
# filename: "99-remote-relp.conf" # default: "$priority-$rule_name.conf"
# template: "" # override the `rsyslog_template` per ruleset
# state: "absent" # remove the ruleset configuration
/var/log/remote/*/*.log
{
rotate 7
daily
missingok
notifempty
compress
compresscmd /usr/bin/pixz
uncompresscmd /usr/bin/pixz
compressext .xz
delaycompress
postrotate
invoke-rc.d rsyslog rotate >/dev/null
endscript
}
/var/log/remote/*/platform/*.log
{
rotate 13
daily
missingok
notifempty
compress
compresscmd /usr/bin/pixz
uncompresscmd /usr/bin/pixz
compressext .xz
delaycompress
sharedscripts
postrotate
invoke-rc.d rsyslog rotate >/dev/null
endscript
}
---
- name: restart rsyslog
service: name=rsyslog state=restarted
---
- name: include OS-specific variables
include_vars: "{{ ansible_os_family }}.yml"
- name: ensure rsyslog_path exists
file:
path: "{{ rsyslog_path }}"
state: directory
- name: add managed rsyslog rulesets
template:
src: "{{ item.template|default(rsyslog_template) }}"
dest: "{{ rsyslog_path }}/{{ item.filename|default(item.priority ~ '-' ~ item.rule_name ~ '.conf') }}"
force: true
owner: root
group: "{{ root_group }}"
mode: 0644
when: item.state|default('present') != 'absent'
loop: "{{ rsyslog_rules }}"
notify: restart rsyslog
tags:
- skip_ansible_lint
- name: remove managed rsyslog rulesets
file:
path: "{{ rsyslog_path }}/{{ item.filename|default(item.priority ~ '-' ~ item.rule_name ~ '.conf') }}"
state: absent
when: item.state|default('present') == 'absent'
loop: "{{ rsyslog_rules }}"
notify: restart rsyslog
tags:
- skip_ansible_lint
{% if item.ruleset is defined %}
{{ item.ruleset }}
{% endif %}
---
root_group: root
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment