48 lines
1.2 KiB
YAML
48 lines
1.2 KiB
YAML
---
|
|
|
|
- name: verify that all.log exists
|
|
stat:
|
|
path: /var/log/all.log
|
|
register: result
|
|
|
|
- name: create dummy all.log file
|
|
file:
|
|
path: /var/log/all.log
|
|
state: touch
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
when: not result.stat.exists
|
|
|
|
- name: enable all.log
|
|
lineinfile:
|
|
path: /etc/syslog.conf
|
|
line: "*.* /var/log/all.log"
|
|
notify: restart syslogd
|
|
|
|
- name: enable all.log rotation
|
|
lineinfile:
|
|
path: /etc/newsyslog.conf
|
|
regexp: "^/var/log/all.log.*"
|
|
line: |-
|
|
/var/log/all.log root:{{ ansible_wheel }} 640 7 * $D0 Z
|
|
|
|
- block:
|
|
- name: configure certificates for remote logging
|
|
service:
|
|
name: syslogd
|
|
arguments: >-
|
|
-h -c {{ tls_certs }}/{{ inventory_hostname }}.crt
|
|
-k {{ tls_private }}/{{ inventory_hostname }}.key
|
|
enabled: true
|
|
- name: enable remote logging
|
|
lineinfile:
|
|
path: /etc/syslog.conf
|
|
regexp: '^\*\.\* @.*'
|
|
line: "*.* @tls://{{ log_server }}:6514"
|
|
notify: restart syslogd
|
|
when: inventory_hostname != "log01.home.foo.sh"
|
|
|
|
- name: include server config
|
|
include_tasks: server.yml
|
|
when: inventory_hostname == "log01.home.foo.sh"
|